Senior API Platform Engineer (.NET, API Management & Auth0)
About Xebia
Xebia is a trusted advisor in the modern era of digital transformation, serving hundreds of leading brands worldwide with end-to-end IT solutions. The company has experts specializing in technology consulting, software engineering, AI, digital products and platforms, data, cloud, intelligent automation, agile transformation, and industry digitization. In addition to providing high-quality digital consulting and state-of-the-art software development, Xebia has a host of standardized solutions that substantially reduce the time-to-market for businesses.
Xebia also offers a diverse portfolio of training courses to help support forward-thinking organizations as they look to upskill and educate their workforce to capitalize on the latest digital capabilities. The company has a strong presence across 16 countries with development centres across the US, Latin America, Western Europe, Poland, the Nordics, the Middle East, and Asia Pacific.
Job Description: Senior API Platform Engineer (.NET, API Management & Auth0)
Position Title: Senior Engineer
Location: Gurugram
Job Type: Contract
Overview:
We are seeking a Senior API Platform Engineer with expertise in .NET, API Management, and Auth0 to design and implement secure, scalable, and high-performance API ecosystems across GCP, Azure, and Kubernetes clusters.
This role will focus on API Gateway implementation, authentication & authorization strategies, and API security best practices while ensuring seamless integration with multi-cloud and identity management solutions.
The ideal candidate has experience with multiple API gateways (e.g., Kong, Apigee, Tyk, Istio) and secure authentication flows using Auth0. Additionally, they should be comfortable working in a multi-cloud environment, implementing observability, caching, and traffic management strategies.
Key Responsibilities:
API Gateway Implementation & Management:
- Architect, implement, and manage API Gateway solutions such as Kong, Apigee, Tyk, or Istio across GCP and Azure Kubernetes clusters.
- Configure authentication and authorization mechanisms, integrating Auth0 for token-based security (JWT, OAuth2, OpenID Connect).
- Define fine-grained routing rules using Virtual Services, handle ingress routing and path mapping.
- Implement rate limiting and throttling using Redis or custom rate-limiting services.
- Set up API quotas for user/client/tenant-based restrictions.
- Optimize traffic management strategies to enhance API performance and availability.
Authentication & Authorization Management:
- Implement secure authentication flows using Auth0, including SSO, MFA, and user role-based access control.
- Integrate Auth0 with .NET-based applications and API gateways for centralized authentication.
- Enforce JWT validation at the gateway for authentication.
- Enable mTLS across all inter-service communications within the service mesh.
- Set up policy evaluation & authorization mechanisms at the API Gateway level.
- Configure TLS termination and client certificate management.
- Manage CORS policies using VirtualService or EnvoyFilter for advanced control over allowed origins, methods, and headers.
Observability & Monitoring (New Relic):
- Implement API monitoring and performance tracking using New Relic.
- Set up real-time visibility into API traffic patterns, latency, error rates, and dependencies.
- Enable end-to-end request tracing to facilitate debugging and troubleshooting.
- Configure alerts and dashboards in New Relic for API health and security monitoring.
Caching & Performance Optimization:
- Implement response caching at the API Gateway level for static or infrequently changing data.
- Define cache policies based on API endpoints and response types using cache-control headers.
- Improve API resilience by configuring retry policies, request timeouts, and circuit breakers to prevent cascading failures.
API Management & Developer Portal:
- Expose APIs to external users via a developer portal, enabling API discovery and self-service onboarding.
- Establish API governance policies, including versioning strategies and deprecation policies.
- Ensure consistent API security, traffic control, and quota enforcement across services.
- Provide self-service capabilities for teams to register and manage their API integrations.
Security & Compliance:
- Implement and maintain best practices for securing APIs, including OAuth2, OpenID Connect, two-factor authentication (2FA), and SAML.
- Ensure compliance with industry security standards (e.g., GDPR, SOC2, and enterprise security policies).
- Protect API traffic using mTLS encryption, request validation, and access control mechanisms.
Collaboration & Documentation:
- Work closely with developers, DevOps, security, and product teams to align API architecture with business goals.
- Document API configurations, authentication flows, and security policies for internal teams.
- Provide technical guidance and training to teams on best practices for API management, authentication, and security.
Skills & Qualifications:
Technical Skills:
- Proficiency in C# and .NET technologies (ASP.NET Core, Web API).
- Strong experience with Auth0, including user management, MFA, and social login integrations.
- Expertise in API gateways (Kong, Apigee, Tyk, or Istio) and API security mechanisms.
- Experience with OAuth2, OpenID Connect, JWT authentication, and claims-based authorization.
- Familiarity with RESTful API design, microservices, and cloud-native architectures.
- Strong knowledge of New Relic for API observability and performance monitoring.
- Hands-on experience with GCP, Azure, and Kubernetes-based API deployments.
Experience:
- 6+ years of experience in API management, identity management, and security.
- Proven experience integrating Auth0 with .NET applications and API Gateways.
- Strong background in multi-tenant API architectures and developer portal management.
Desired Qualifications:
- Experience with Azure Active Directory or other IAM solutions.
- Familiarity with CI/CD processes for API deployments.
- Experience in Agile development environments.
Apply for this job
*
indicates a required field