Software Developer

Job Description

We seek an exceptional developer who goes beyond coding to manage and orchestrate a full "Build+Run" ecosystem. You will be a key driver in transforming our architecture from monolithic applications to a resilient, distributed, event-driven system on Google Cloud Platform (GCP). This role demands expertise in Apigee for robust API governance, Node.js for high-performance backend services, and Pub/Sub for asynchronous service decoupling. Success will be measured by continuous optimization of infrastructure for cost and performance using GKE/Cloud Run and automated delivery via Cloud Build and Terraform.

Key Responsibilities

High-Performance Node.js Backend Engineering

• Asynchronous Architecture: Design and implement non-blocking, event-driven services using Promises and async/await to ensure high concurrency and prevent event loop blocking.

• Performance & Efficiency: Optimize for low latency by utilizing the Cluster module for multi-core processing and employing lazy loading of dependencies to minimize serverless cold starts (e.g., in Cloud Run).

• Security Implementation: Secure APIs against threats like SQL injection and XSS through strict input validation (e.g., express-validator) and implement rate limiting to mitigate DoS attacks.

• Data Transfer Optimization: Configure middleware for Gzip/Brotli compression of HTTP responses to significantly reduce payload size and improve transfer speed.

API Governance and Management (Apigee)

• API Proxy Design: Develop Apigee ProxyEndpoints and TargetEndpoints to decouple frontend client applications from underlying backend service implementations.

• Automated API Lifecycle: Integrate API proxy deployment, unit testing, and integration testing directly into the Continuous Integration/Continuous Deployment (CI/CD) pipeline.

• Traffic Control & Security: Implement advanced traffic management policies (SpikeArrest, Quotas) and enforce robust security protocols (OAuth 2.0, JWT, SAML) for authorization and authentication.

• Analytics & Monetization: Configure API Product bundles for potential monetization models and generate custom reports to monitor key metrics like traffic patterns, latency percentiles, and error rates.

Cloud-Native Architecture (GKE & Cloud Run)

• Resource Autoscaling: Strategically configure Horizontal Pod Autoscalers (HPA) for CPU-based scaling and Vertical Pod Autoscalers (VPA) for resource recommendation, ensuring configuration compatibility.

• Cost Optimization: Leverage Spot VMs for fault-tolerant, stateless services and batch workloads to achieve up to 90% savings on compute costs.

• Container Security: Prioritize building minimal, secure container images and maintain deterministic builds to enhance security posture and prevent vulnerability injection.

Event-Driven Architecture (Pub/Sub)

• System Resilience: Drive the adoption of asynchronous Pub/Sub messaging to replace synchronous service-to-service communication, thereby increasing overall system resilience.

• Message Reliability: Implement dead-letter topics to quarantine and facilitate debugging of unprocessable messages, and use exactly-once delivery where financial or state integrity is critical.

• Real-Time Processing: Design and build data pipelines that consume events from Pub/Sub and process them in real-time using Dataflow for analytics stored in BigQuery.

DevOps & Infrastructure as Code (Terraform)

• Modular IaC: Provision all necessary GCP resources (e.g., Pub/Sub subscriptions, GKE clusters, Apigee organizations) using reusable Terraform modules, managing state securely via remote GCS backends for collaborative development.

• GitOps CI/CD: Implement Cloud Build pipelines triggered by Git commits, integrating static analysis, vulnerability scanning (Container Analysis), and binary authorization checks before deployment.

• Credential Security: Eliminate hardcoded secrets by integrating Secret Manager into both Terraform provisioning and application runtime environments.

Required Technical Expertise

• Core Language: Expert proficiency in Node.js, with a deep, practical understanding of the event loop, streams, and memory management.

• API Platform: Extensive hands-on experience with Google Cloud Apigee, covering policy configuration, complex fault handling, and developer portal administration.

• Database & State Management (Stateless Focus):

  • Proven ability to architect stateless applications, offloading session/state data to external, dedicated stores.

  • Proficiency in using Memorystore (Redis) for high-speed, ephemeral caching and session storage.

  • Experience with Firestore or Cloud SQL for durable, transactional data and user preferences, including the use of connection pooling.

• DevOps Tooling: Mastery of Cloud Build, Terraform, and Artifact Registry.

• Testing: Expertise in black-box API testing, comprehensive unit testing and load testing methodologies.

Preferred Qualifications

• Certification: Google Professional Cloud Developer or Professional Cloud Architect certification.

• Advanced Networking: Familiarity with VPC Service Controls, Private Service Connect, and Shared VPCs.

• Service Mesh: Experience with Istio or Cloud Service Mesh for managing traffic, security, and observability.

• Observability: Proficiency in instrumenting applications for Cloud Trace, Cloud Logging, and Cloud Monitoring to minimize Mean Time to Diagnosis (MTTD).

• Ownership Mentality: The ability to manage a feature's complete lifecycle, from initial design through to production deployment, monitoring, and incident response ("Build+Run").

• AI-Assisted Development: Comfortable with and actively uses AI tools (e.g., Gemini Code Assist) to accelerate boilerplate generation, allowing focus on complex architectural challenges.