Job Title: Apigee Security Architect

Company: Cogency Inc

. Location: Toronto, ON (Hybrid – 3 Days Onsit

e) Job Type: Full-T

ime Interview Process: Final Round In-Person Interview Requ

ired Job Su mmaryCogency Inc. is seeking an experienced Apigee Security Architect to lead the security architecture and governance of enterprise API platforms for a major Canadian financial institution. This role is responsible for defining and implementing secure API frameworks, establishing enterprise security standards, and ensuring APIs comply with banking and regulatory requirem

ents. The successful candidate will work closely with Enterprise Architects, Security Architects, Platform Engineers, and development teams to build secure, scalable, and resilient API solutions using the Apigee pla

tform. Key Responsib

ilities API Security Arch

itecture Design and implement enterprise API security architecture using Apigee Edge, Apigee Hybrid, or Apigee X.Define reusable API security standards, proxy templates, shared flows, and security policies.Develop enterprise API security frameworks aligned with Zero Trust architecture pr inciples.Establish secure API onboarding, authentication, and authorization s

tandards. Security Governance &

Compliance Define and enforce API security governance across multiple deli very teams.Ensure APIs comply with enterprise security policies and regulatory standards.Conduct security architecture reviews, threat modeling, and design a ssessments.Review API implementations for compliance with secure coding and security best practices.Collaborate with Enterprise Security teams during architecture and governan

ce reviews. Identity & Acces

s Management Design and implement secure authentication and authorization mech anisms us ing:OAuth 2.0OpenID C onn ect (OIDC)JWTMutu al TLS ( mTLS)API KeysCertificate-based a uthenticationIntegrate APIs with enterprise Identity and Access Management (IA

M) platforms. API Thr

eat Protection Implement enterprise-grade API protection mechani sms, includin g:Rate Limit ingSpike ArrestQ uota ManagementIP A llow/Deny List sBot ProtectionT hreat DetectionPay load ValidationXML/JSON Th reat ProtectionCross-Site Scripting ( XSS) ProtectionSQL Injec tion PreventionP II Data MaskingDevelop logging, monitoring, auditing, and alerting standards fo

r API security. Security Integration & Plat

form Engineering Collaborate with infrastructure, cloud, and DevOps teams to embed security controls into CI/CD pipelines.Support security automation and DevSe cOps initiatives.Develop reusable security policies and depl oyment templates.Ensure secure deployment across hybrid and cl

oud environments. Te

chnical Leadership Provide security guidance and mentorship to architects, developers, and API engineers.Lead security design review s and code reviews.Support incident investigations, vulnerability remediation, and se curity assessments.Drive continuous improvement of API security posture acr

oss the enterprise. Req

uired Qualifications 10+ years of experience in Enterprise Security, API Security, or Inte gration Architecture.5+ years of hand s-on experi ence with:Api gee Edge Apigee HybridApigee XStrong e xpertise in:OAuth 2.0 Ope nID Connect (OIDC)JWTmTL SAPI Gateway SecurityZe ro Trust ArchitecturePKI and C ertificate ManagementExp erience imple menting:Rate Limi tingThreat Protection API Securit y PoliciesPII Mask ingAPI Access Contro lStrong k nowledg e of :RE ST APIsGraphQLSOAPXMLO penAPI SpecificationsExperience integrating APIs with ente rprise IAM solutions.Hand s-on experienc e with: GitHub ActionsJ enkinsCI/CD Pipelin esDevSecOps practicesExcellent analytical, communication, and stakehold

er management skills. Pr

eferred Qualifications Experience with Google Cloud Platform (GCP), M icrosoft Azure, or AWS.Experience deploying and securing Apig ee Hybrid environments.Knowledge of Kubernetes, Docker, OpenShift, and container security.Experience with Web Application Firewalls (WAF), API gateways, and ser vice mesh technologies.Familiarity with HashiCorp Vault, CyberArk, or enterprise secret s management platforms.Google Professional Cloud Security Engineer o r Apigee Certification.CISSP, CCSP, CISM, or equivalent

security certific

ation. Domain Experience Banking and Finan cial Services ( Mandatory)Capital MarketsDigit al Banking & PaymentsEnt erprise API ModernizationPCI-DSS, OSFI, PIPEDA, and oth

er regula

ted environments Education Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, Engineerin

g, or a related

discipline. Key Competencies Enterpr ise API Security ArchitectureApi gee Security & GovernanceZero Trust SecurityIdentity & Access Management (IAM)OA uth 2.0, OIDC, JWT &a mp; mTLSAPI Threat Protectio nDevSecOps & Secure CI/CDBanking Securit y & Regulatory ComplianceStakeholder Manageme

nt & T

echnical Leadership W ork Model Location: Toronto, ONHybrid: 3 d ays onsite per week (mandatory)F inal Round Interview: In-p

ersonEmployment Type: Full-Time