API Governance and Standards Lead

API Governance & Standards Lead – Apigee X | Enterprise Platform

4 Days Onsite | Columbus OH · Minneapolis MN · Dallas TX · Chicago IL · Detroit MI

What This Role Is

This is not a development role. This is not an Apigee proxy engineer position. This is the person who defines how APIs are built, governed, and managed across an entire enterprise — the architect of the standards, policies, and frameworks that every API team follows.

If you''ve spent your career closer to the governance, standards, and compliance side of API platform work — running governance boards, writing enterprise policy frameworks, aligning teams to OpenAPI standards, and driving adoption across engineering and security organizations — this role was built for you.

What You''ll Own

Enterprise API Governance Define and maintain the company''s API design standards, naming conventions, versioning guidelines, deprecation policies, and documentation standards. Run the API Governance Board — reviews, approvals, waivers, and the operating model behind it.

Apigee X Platform Governance Design onboarding workflows via the Developer Portal. Define governance processes for publishing, runtime policies (quotas, rate limiting, analytics), API products, proxies, and catalogs. Drive discoverability and reusability at scale.

Security & Regulatory Compliance Govern security patterns — OAuth2, JWT, JWKS, mTLS — using Apigee X and Ping Identity. Align APIs to Open Banking, PSD2, HIPAA, and GDPR requirements. Partner with Risk, Compliance, and Security Engineering to define control objectives and audit evidence (NIST, ISO 27001, SOC 2).

Developer Enablement Create the playbooks, cheat sheets, sample specs, and policy catalogs that help engineering teams deliver compliant APIs faster. Run office hours. Provide training. Make governance feel like a service, not a gate.

Metrics & Continuous Improvement Define governance KPIs — compliance rates, time-to-approve, policy adoption, security defect trends. Conduct maturity assessments. Publish roadmaps and quarterly stakeholder updates.

Tooling & Automation Partner with platform teams to integrate policy-as-code (spec linting, contract validation, auth enforcement) into CI/CD pipelines. Evaluate and implement governance tooling that automates compliance at scale.

What We''re Looking For

• 10+ years in IT with strong API governance or platform leadership experience
• 5+ years specifically in API governance, standards ownership, or API platform leadership at enterprise scale
• Deep knowledge of OpenAPI/Swagger, REST, GraphQL, and API lifecycle management
• Hands-on familiarity with Apigee X on Google Cloud Platform — from a governance and architecture lens, not proxy development
• Experience governing security standards: OAuth2, JWT, JWKS, mTLS
• Demonstrated experience writing enterprise policies, running governance forums, and driving cross-team alignment
• Regulatory framework knowledge: Open Banking, PSD2, HIPAA, GDPR, SOC 2, NIST, ISO 27001
• Strong communication and stakeholder management skills — you''ll work across Engineering, Security, Risk, and Architecture daily

Nice to Have

• Google Cloud Platform Professional Cloud Architect or Apigee certification
• Ping Identity / enterprise IAM experience
• DevSecOps and policy-as-code background
• Experience improving developer portals and API catalogs

What Success Looks Like

You''ll know you''re winning when engineering teams are onboarding APIs faster because your standards are clear, security and audit teams are satisfied because your controls are documented and enforced, and the organization has a governance model it can actually scale.

Location Hybrid – 4 days onsite. Must be local to or able to commute to one of the following: Columbus OH, Minneapolis MN, Dallas TX, Chicago IL, or Detroit MI. Remote-only candidates will not be considered.

This role is focused on policy, architecture, enablement, and oversight — not hands-on software development or day-to-day Apigee configuration.