Job Description
At U.S. Bank, we’re on a journey to do our best. Helping the customers and businesses we serve to make better and smarter financial decisions and enabling the communities we support to grow and succeed. We believe it takes all of us to bring our shared ambition to life, and each person is unique in their potential. A career with U.S. Bank gives you a wide, ever-growing range of opportunities to discover what makes you thrive at every stage of your career. Try new things, learn new skills and discover what you excel at—all from Day One.
Job Description
Be a part of transformational change where integrity matters, success inspires and great teams collaborate and innovate. As the fifth-largest bank in the United States, we’re one of the country’s most respected, innovative, ethical and successful financial institutions. We’re looking for people who want more than just a job – they want to make a difference! U.S. Bank is seeking a Platform Engineer who will contribute toward the success of our technology initiatives as part of our enterprise API, AI, and platform engineering transformation journey.
About the Team
The Platform Engineering team designs, builds, and operates secure, compliant, and scalable API, AI, and cloud-native platforms that power digital services across the organization. We function as a platform engineering organization, enabling domain teams to accelerate delivery through self-service infrastructure, strong governance, and automation-first design.
We partner closely with Cloud Engineering, IAM, Information Security, Networking, and FinOps teams to ensure our platforms meet regulatory expectations while delivering a high-quality developer experience. Our mission is to enable secure, standardized, and high-performance platform ecosystems across hybrid and multi-cloud environments while enforcing enterprise standards through automation and policy-driven controls.
Job Responsibilities
Design, build, and operate the enterprise API and AI platform supporting multiple business domains (Finance, HR, Supply Chain)
Own the API and AI gateway platform lifecycle, including account topology, RBAC, network architecture, governance, CI/CD automation, and disaster recovery
Develop, deploy, and manage API proxies, shared flows, and gateway policies to enable secure and scalable API exposure
Design and implement multi-cloud gateway architectures leveraging Apigee, AWS API Gateway, and Azure API Management
Implement secure network connectivity, including Azure Private Link, private endpoints, Private DNS Zones, and network policy enforcement
Develop and maintain Terraform modules to automate provisioning and lifecycle management of API gateway and platform resources
Enable self-service platform consumption through validated YAML manifests and automated deployments via CI/CD pipelines (e.g., Shield CI/CD)
Integrate platform and gateway capabilities with Entra ID (Azure AD) using SAML SSO, SCIM provisioning, and enterprise RBAC patterns
Manage service authentication, secrets, and key rotation using HashiCorp Vault and Azure Key Vault
Implement and enforce API security controls, including OAuth 2.0, JWT, API keys, mTLS, and threat protection policies
Enforce security and compliance controls, including audit logging, policy-as-code, tagging, access controls, and governance standards
Embed infrastructure and supply-chain security scanning into CI/CD pipelines.
Design and implement GraphQL gateway architectures for backend orchestration and modern API consumption patterns
Design for resiliency and cost efficiency, including resource optimization, capacity planning, cost allocation, and chargeback models
Own cross-region disaster recovery strategies, replication design, and RPO/RTO adherence for platform services
Implement observability and monitoring using tools such as Prometheus, Grafana, Splunk, Datadog, and AppDynamics
Lead incident response, troubleshooting, and root cause analysis (RCA) for platform and gateway-related issues
Govern secure data and API sharing patterns, ensuring proper access controls, auditing, and usage monitoring
Partner with Cloud, IAM, Security, Networking, and FinOps teams to ensure alignment with enterprise architecture and regulatory requirements
Provide technical leadership and mentorship to engineering teams and drive platform adoption and best practices
Basic Qualifications
Bachelor’s degree, or equivalent work experience
Six to eight years of relevant experience
Preferred Skills & Experience
7+ years of experience in platform engineering, API gateway engineering, or cloud infrastructure
Strong hands-on expertise with Apigee (OPDK, Hybrid) including platform architecture, proxy development, deployment, and troubleshooting
Proven experience in enterprise API gateway engineering, including:
API proxy lifecycle (design, build, deploy, operate)
Traffic management, mediation, transformation, caching, and analytics
Gateway performance tuning and high-throughput optimization
Strong systems engineering / systems administration background, including:
Linux/Unix system administration
Networking fundamentals (DNS, TCP/IP, load balancing, TLS, firewalls)
Troubleshooting at OS, network, and application layers
Experience operating and supporting large-scale distributed systems and platforms in production environments
Hands-on experience with Apigee platform installation, configuration, upgrades, and operations (OPDK or Hybrid)
Deep understanding of API security standards, including OAuth 2.0, JWT, mTLS, API key management, and secure token flows
Experience with Kubernetes platforms (EKS, AKS, GKE) and containerized workloads
Strong experience building and maintaining CI/CD pipelines for platform and API deployments
Experience with Infrastructure-as-Code (Terraform, Helm, Ansible) for provisioning and managing platform resources
Experience integrating platforms with enterprise identity providers (Entra ID / Azure AD, SAML, RBAC)
Hands-on experience with secrets management (HashiCorp Vault, Azure Key Vault)
Strong understanding of networking architecture, including private connectivity, ingress, reverse proxies, and gateway integration patterns
Experience with observability and monitoring tools (Prometheus, Grafana, Splunk, Datadog, ELK)
Strong troubleshooting and debugging skills across API gateways, Kubernetes, networking, and backend integrations
Ability to work across development, platform, and operations domains, bridging gaps between application and infrastructure teams
Experience with WAF / Akamai platform Integration with Gateways
Hands-on experience designing and implementing Azure Load Balancer, Azure Application Gateway, and Azure Front Door
Strong experience with AWS load balancing services, including ALB, NLB, and API Gateway integrations
Experience configuring and troubleshooting F5 BIG-IP (LTM/GTM) for enterprise traffic management
Deep understanding of Layer 4 and Layer 7 load balancing patterns
Experience with SSL/TLS termination, certificate management, and mTLS configurations
Knowledge of DNS routing, traffic steering, failover, and global load balancing strategies
Experience integrating load balancers with API gateways (Apigee) and Kubernetes ingress controllers
Hands-on experience troubleshooting network latency, connection failures, TLS handshake issues, and routing problems across environments
Preferred Qualifications
Experience designing and operating enterprise API platforms at scale (Apigee Hybrid / multi-cloud gateway architectures)
Experience evaluating and implementing AWS API Gateway, Azure API Management, or other modern gateway solutions
Experience designing or implementing GraphQL gateway architectures or federated APIs
Exposure to AI / GenAI gateway platforms, including secure access and model routing
Experience working in regulated environments (financial services, healthcare, etc.)
Familiarity with DevOps and SRE practices, including SLIs, SLOs, error budgets, and reliability engineering
Knowledge of Kubernetes networking, ingress controllers, and service mesh concepts
Relevant certifications in cloud platforms, Kubernetes, or API management technologies
***This role requires working from a U.S. Bank location three (3) or more days per week.***
If there’s anything we can do to accommodate a disability during any portion of the application or hiring process, please refer to our disability accommodations for applicants.
Benefits:
Our approach to benefits and total rewards considers our team members’ whole selves and what may be needed to thrive in and outside work. That's why our benefits are designed to help you and your family boost your health, protect your financial security and give you peace of mind. Our benefits include the following:
Healthcare (medical, dental, vision)
Basic term and optional term life insurance
Short-term and long-term disability
Pregnancy disability and parental leave
401(k) and employer-funded retirement plan
Paid vacation (from two to five weeks depending on salary grade and tenure)
Up to 11 paid holiday opportunities
Adoption assistance
Sick and Safe Leave accruals of one hour for every 30 worked, up to 80 hours per calendar year unless otherwise provided by law
Review our full benefits available by employment status here.
U.S. Bank is an equal opportunity employer. We consider all qualified applicants without regard to race, religion, color, sex, national origin, age, sexual orientation, gender identity, disability or veteran status, and other factors protected under applicable law.
E-Verify
U.S. Bank participates in the U.S. Department of Homeland Security E-Verify program in all facilities located in the United States and certain U.S. territories. The E-Verify program is an Internet-based employment eligibility verification system operated by the U.S. Citizenship and Immigration Services. Learn more about the E-Verify program.
The salary range reflects figures based on the primary location, which is listed first. The actual range for the role may differ based on the location of the role. In addition to salary, U.S. Bank offers a comprehensive benefits package, including incentive and recognition programs, equity stock purchase 401(k) contribution and pension (all benefits are subject to eligibility requirements). Pay Range: $133,365.00 - $156,900.00U.S. Bank will consider qualified applicants with arrest or conviction records for employment. U.S. Bank conducts background checks consistent with applicable local laws, including the Los Angeles County Fair Chance Ordinance and the California Fair Chance Act as well as the San Francisco Fair Chance Ordinance. U.S. Bank is subject to, and conducts background checks consistent with the requirements of Section 19 of the Federal Deposit Insurance Act (FDIA). In addition, certain positions may also be subject to the requirements of FINRA, NMLS registration, Reg Z, Reg G, OFAC, the NFA, the FCPA, the Bank Secrecy Act, the SAFE Act, and/or federal guidelines applicable to an agreement, such as those related to ethics, safety, or operational procedures.
Applicants must be able to comply with U.S. Bank policies and procedures including the Code of Ethics and Business Conduct and related workplace conduct and safety policies.
Posting may be closed earlier due to high volume of applicants.