Next.js / Supabase Lead Developer — Security Implementation & Retainer | Maritime Marketplace

We are a live, paying-customer crew marketplace platform in the maritime industry built on Next.js (Vercel) and Supabase/PostgreSQL. The platform is functional with paying customers but has accumulated technical debt, unresolved security gaps, and UX friction that needs to be resolved before we move into our next growth phase. We have a completed security audit and an Anti-Scraper & Security Spec that is approximately 40% implemented. We don't need another audit — we need a developer who can read existing documentation and implement against it independently. What the first engagement looks like: Review three documents — a completed security audit, our Anti-Scraper & Security Spec, and a known bug and UX friction list. Come back with a sequenced implementation plan, hour and cost estimates per item, and any gaps you identify that aren't covered. That document is your first deliverable. Implementation follows. What comes after: One developer who owns the platform on an ongoing monthly basis. Not a task executor waiting for direction — someone who reads the spec, understands the product goals, and flags issues before we think to ask. We'll establish a realistic monthly retainer based on actual workload once the implementation phase is complete. The stack: Frontend: Next.js on Vercel Backend: Supabase / PostgreSQL Payments: Stripe DNS/Security: Cloudflare CRM layer: GoHighLevel (separate — light familiarity a plus, not required) You are a fit if you: Have shipped production Next.js + Supabase apps — Supabase specifically, not just PostgreSQL Understand RLS policy architecture at the database level, not just the concept Have experience building or maintaining two-sided marketplace platforms Can read existing technical documentation and produce an implementation plan without hand-holding Communicate proactively — if something is wrong or unclear, you say so before it becomes a problem Are available for a standing weekly check-in and respond within one business day Prefer fixed monthly engagements over open-ended hourly work Please include in your proposal: A link to a live project you've shipped on Next.js and Supabase A specific example of how you've worked with Supabase RLS — not the concept, what you actually built or fixed How you would approach reviewing existing audit documentation and turning it into an implementation sequence Your hourly rate and your preferred structure for an ongoing monthly engagement