What you'll do- Design, develop, and maintain backend services using Python 3, FastAPI, Pydantic, and SQLAlchemy.
- Build and maintain REST APIs that support OSCAL-based compliance workflows, document management, metadata updates, authentication, and user-facing application features.
- Work with relational databases across local and production-like environments, including SQLite, PostgreSQL, and Microsoft SQL Server.
- Implement and maintain database models, query logic, migrations, and data access patterns using SQLAlchemy and Alembic.
- Build frontend features using React, TypeScript, Vite, Material UI, React Router, React Hook Form, Zod, and related modern frontend tooling.
- Integrate frontend workflows with backend APIs, including form validation, document editing, schema validation, error handling, and user-facing state updates.
- Write and maintain automated tests, including backend pytest tests and frontend Playwright end-to-end tests.
- Participate in CI/CD maintenance using GitHub Actions, npm, uv, Docker, and build/test/lint/publish pipelines.
- Support Azure deployment workflows using Bicep and PowerShell for tenant-based application infrastructure.
- Debug issues across the full stack, including API behavior, database differences, frontend state, browser behavior, authentication flows, and deployment configuration.
- Collaborate through GitHub pull requests, code reviews, issue discussion, and iterative feature development.
- Write clean, maintainable, typed, and well-tested code that follows existing project conventions.
- Ability to work in office 3-5 days per week.
- Ability to work nights and weekends occasionally.
- Participate in team meetings for knowledge sharing and status updates.
Required Qualifications- 3+ years of professional software development experience, or equivalent demonstrated ability.
- Bachelor's degree in Engineering or a related technical field required, with preference for Computer Science, Computer Engineering, or Software Engineering.
- Strong Python backend development experience.
- Experience building APIs with FastAPI or a similar modern Python web framework.
- Experience with Pydantic or similar data validation/modeling libraries.
- Experience with SQLAlchemy and relational database-backed applications.
- Comfortable writing SQL-aware application code and debugging database-specific behavior.
- Strong React and TypeScript experience.
- Experience with Node.js, npm, Vite or comparable frontend build tooling.
- Experience building production-style frontend workflows with forms, validation, routing, API integration, and reusable components.
- Experience writing automated tests for backend and/or frontend code.
- Familiarity with Git, GitHub pull requests, code review, branching, and collaborative development workflows.
- Ability to troubleshoot across multiple layers of an application instead of staying limited to one tier.
- Clear written communication and ability to explain technical decisions in PRs, issues, and team discussions.
Preferred Qualifications- Experience with Microsoft Azure services, especially Azure Container Apps, Azure SQL, managed identities, Static Web Apps, or related deployment models.
- Experience with Infrastructure as Code, especially Bicep, ARM templates, Terraform, or similar.
- Experience with GitHub Actions CI/CD pipelines.
- Experience with Docker-based local development and deployment workflows.
- Experience with Microsoft SQL Server and PostgreSQL.
- Experience with Playwright, pytest, Ruff, Pyright, ESLint, Prettier, or similar quality tooling.
- Experience with Material UI or another mature component library.
- Experience working with JSON Schema, structured document models, or complex nested JSON data.
- Familiarity with OSCAL, NIST 800-series guidance, RMF, FedRAMP, or security/compliance automation.
- Experience in regulated, security-conscious, government, or enterprise SaaS environments.
Nice-to-Have Domain Knowledge- OSCAL catalog, profile, system security plan, assessment plan, assessment result, POA&M, or component definition concepts.
- NIST Risk Management Framework terminology and workflows.
- Security control inheritance, implementation statements, compliance evidence, assessment artifacts, or authorization package workflows.
- Experience building tools for governance, risk, compliance, cybersecurity, or audit teams.
What Success Looks LikeWithin the first few months, this developer should be able to:
- Pick up a scoped full stack issue and deliver it through PR review.
- Modify/implement a FastAPI endpoint, Pydantic model, SQLAlchemy query, or service layer safely.
- Add or update a React/TypeScript UI flow using existing Material UI patterns.
- Write meaningful pytest or Playwright coverage for their change.
- Run and interpret local checks such as backend tests, frontend typecheck/build/lint, and Playwright tests.
- Debug behavior differences between SQLite, PostgreSQL, and MSSQL when needed.
- Understand enough OSCAL and compliance terminology to ask good questions and model data correctly.