Senior Azure API Management Engineer
Role Summary
We re looking for a Senior Azure API Management (APIM) Engineer to lead the design, build, configuration, and operational excellence of our API platform on Azure. You will be responsible from enterprise APIM environments standing up new instances, configuring workflows with policies, enabling secure access with Azure AD, and automating everything with CI/CD. A strong background in .NET/C for API development and integration is essential.
An ideal candidate should have extensive hands-on experience in migrating APIs from other platforms (e.g., Apigee, Kong, MuleSoft) to APIM planning and executing policy translation, security model alignment, traffic cutovers, and consumer onboarding with minimal disruption.
Key Responsibilities:
APIM Architecture & Setup
Design, create, configure and manage APIM instances, including tiers, network integration, private endpoints, VNets, Custom Domains, certificates.
Implement and maintain APIM Policies (rate limiting, caching, JWT validation, header transformations, rewrite/redirect, mock responses, IP filtering) to support Ferguson Enterprise integration.
Integrate Azure AD (OAuth2/OIDC), subscription keys, RBAC, and mTLS where appropriate. Establish guardrails for secrets, certificates, and Key Vault usage across environments.
Structure APIs using Products, Groups, Versioning/Revisions, and implement developer onboarding flows.
API Platform Migration
Prior experience in migrating to Azure APIM from another API platform (Apigee, Kong or MuleSoft). Migrate and optimize platformspecific policies to APIM equivalents; design cutover strategy (shadow traffic, canary, phased rollout).
Build and maintain highquality, configurable and reusable APIM policies to support service API calls across systems. Construct the APIM flows with policies for different use cases.
Automate migration tasks (spec transforms, policy templating, CI pipelines) to reduce manual effort.
Required Qualifications
8+ years in API engineering/platform roles; 5+ years handson with Azure.
3+ years building/operating Azure API Management at scale (multienv, private networking, custom domains).
Strong .NET/C skills creating RESTful services; solid grasp of OpenAPI/Swagger and APIfirst design.
Conceptual and working knowledge on API Security and various patterns for Authentication and Authorization, including OAuth2/OIDC, JWT, subscription keys, and mTLS and certificate management.
Proven experience migrating APIs to APIM from platforms like Apigee, Kong, MuleSoft (policy translation, traffic cutover, consumer onboarding).
Practical development expertise with APIM Policies. Capable of developing custom solutions to bridge the gaps (rate limit, validate-jwt, cache, transform).
Enable observability and performance tuning using Azure Monitor/Log Analytics (Datadog or similar a plus).
CI/CD for APIM using ARM/Bicep/Terraform, GitHub Actions or Azure DevOps; Git workflows.
Nice to have (Preferred)
Familiar with the concept and practice of APIOps.
Background integrating Key Vault, Private Link, WAF/CDN, Front Door.
Experience with AKS, ingress controllers, and service mesh concepts.
Developer Portal customization and automation.
Excellent communication. Ability to lead crossfunctional initiatives and make meaningful contributions.
Prior experience in Google Apigee development, configuration and management
azure api management,azure platform,c#,mulesoft,oauth2,apigee,jwt authentication,openapi,github,azure devops
