API Standards & Compliance Lead

Job#: 3022677

Job Description:

Apex Systems, a World-Class Technology Solutions Provider, is seeking applicants for the below position on behalf of our client. Please apply if interested and qualified. Please note that only qualified candidates will be contacted.

Position: API Standards & Compliance Lead

Location: 4 days/week on-site in Columbus, OH or Minneapolis, MN or Dallas, TX

Duration: Contract to Hire

Type: W2 contract, paid hourly. Upon FTE, salary + bonus potential. No C2C, 1099, or third-party submissions will be accepted. Only direct W-2 candidates will be considered.

Industry: Banking

Pay Rate Range: W2 $70-78/hr based on experience

Role Clarity (What This Role Is / Is Not)

• This is a governance, standards, and architecture leadership role-focused on policy, enablement, oversight, and measurable outcomes.
• Not a day-to-day software engineering or Apigee proxy development role.
• Limited hands-on configuration may be required to validate governance controls or demonstrate patterns.

Position Summary

As the API Standards & Compliance Lead, you will define, implement, and enforce enterprise-wide API governance frameworks that ensure consistency, security, and scalability across all APIs. This strategic role focuses on establishing API design standards, lifecycle governance, and compliance policies aligned with industry best practices and regulatory requirements. You will partner closely with Enterprise Architecture, Security, Platform Engineering, and Developer Experience teams to advance an API-first strategy and enable seamless integration across the enterprise.

You will shape our API strategy by balancing innovation with risk management-creating clear standards, operating models, and guardrails for API design, onboarding, publishing, versioning, and retirement. This role emphasizes policy, architecture, enablement, and oversight rather than hands-on software development.

What You'll Do

Governance Framework & Standards

• Define and maintain enterprise-wide API design and governance policies aligned with architecture principles and industry standards (OpenAPI, REST, GraphQL).
• Establish naming conventions, versioning guidelines, backward compatibility expectations, deprecation/retirement policies, and documentation standards.
• Run the API Governance Board (reviews, approvals, waivers) and maintain the governance operating model and RACI.
• Author and maintain reference architecture, standards playbooks, and reusable policy templates.

Lifecycle Governance & Platform Integration (Apigee X)

• Design and oversee API onboarding workflows via the Developer Portal, ensuring proper documentation, cataloging, and discoverability.
• Define governance processes integrated with Apigee X for publishing, runtime policies (e.g., quotas, rate limiting), and analytics.
• Ensure consistent use of API products, proxies, and catalogs; promote high-quality API definitions and reusability.

Security & Regulatory Compliance

• Implement governance for security patterns (OAuth2, JWT, JWKS, mTLS) using Apigee X and Ping Identity.
• Align APIs to regulatory requirements (e.g., Open Banking, PSD2, HIPAA, GDPR) and enterprise security standards.
• Partner with Risk, Compliance, and Security Engineering to define control objectives, evidence, and auditability (e.g., NIST, ISO 27001, SOC 2).

Developer Experience & Enablement

• Collaborate with the API Gateway and DevEx teams to optimize portal usability, API discoverability, and policy adoption.
• Provide training, guidance, and office hours on governance best practices and standards for internal teams.
• Create artifacts (cheat sheets, checklists, sample OpenAPI specs, policy catalogs) that accelerate compliant delivery.

Analytics, Metrics & Continuous Improvement

• Define and track governance KPIs (e.g., % APIs compliant, time-to-approve, policy adoption rates, security defect trends).
• Use Apigee Analytics and Google Cloud Platform monitoring to identify gaps and refine standards based on data insights and evolving business needs.
• Conduct periodic maturity assessments; publish roadmaps and quarterly updates to stakeholders.

Risk, Audit & Controls

• Establish controls and evidence for audits (design-time and runtime), including conformity checks against policy and standards.
• Coordinate remediation plans for non-compliant APIs; manage waivers/exceptions with clear time-bound conditions.

Tooling & Automation

• Partner with platform teams to integrate policy-as-code checks (linting, contract validation, auth enforcement) into CI/CD.
• Evaluate governance tooling (spec linters, catalog quality checks, portal workflows) to automate compliance wherever feasible.

Qualifications - Required

• 10+ years in IT, including strong API development/governance experience.
• 5+ years in API governance or platform leadership roles (enterprise scale).
• Deep familiarity with OpenAPI/Swagger, REST fundamentals, GraphQL design considerations, and API lifecycle management.
• Hands-on experience with security standards (OAuth2, JWT, JWKS, mTLS) and regulatory frameworks (Open Banking/PSD2, HIPAA, GDPR).
• Experience with Apigee X on Google Cloud Platform (or similar API management platforms like Kong, MuleSoft, AWS API Gateway, Azure APIM) from a governance/architecture perspective.
• Demonstrated ability to write clear policies, standards, and procedures; facilitate governance forums; drive alignment across stakeholders.
• Strong communication, stakeholder management, and change management skills.

Qualifications - Preferred

• Google Cloud Platform certifications (e.g., Professional Cloud Architect); Apigee certifications a plus.
• Experience with Ping Identity integration and enterprise IAM.
• Familiarity with Google Cloud Platform services (Cloud Armor, IAM, VPC networking) and platform security controls.
• Background in DevSecOps, CI/CD automation, and policy-as-code for API compliance.
• Experience improving API portals, catalogs, and developer experience, including analytics-driven enhancements.

Core Competencies

• Strategic thinking and policy design
• Enterprise architecture alignment
• Risk and compliance mindset
• Stakeholder facilitation and influence
• Data-driven continuous improvement
• Clear, concise technical writing and storytelling

EEO Employer

Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .

Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click for more details.

Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.