Lead Full-Stack SaaS Developer (Backend-Heavy)

We need a Lead Full-Stack Developer with a background in SaaS platforms and security tooling. This is not a junior role. The ideal candidate is a senior developer who has built multi-tenant cloud applications end-to-end and understands how to orchestrate third-party APIs and open-source scanning engines into a coherent product. Must-Have Technical Skills ▸ Backend: Python (FastAPI or Django) or Node.js (NestJS) event-driven, async-capable ▸ Frontend: React or Next.js dashboard and reporting UI, non-technical user experience ▸ Multi-tenant SaaS architecture tenant isolation, RBAC, data segregation ▸ Cloud infrastructure: AWS (Cape Town region preferred) EC2, RDS, S3, SQS/SNS, Lambda ▸ Containerisation: Docker and Kubernetes or ECS for scan orchestration ▸ Queue-based job processing: Redis + Celery, BullMQ, or AWS SQS ▸ API-first design: REST + OpenAPI/Swagger documentation ▸ PostgreSQL (primary database) with proper indexing and tenant_id patterns ▸ OAuth2 / JWT authentication and RBAC implementation ▸ Integration experience: third-party API consumption (Microsoft 365, Google Workspace, AWS IAM) Strong-to-Have Skills ▸ Open-source security tool integration: OpenVAS, OWASP ZAP, Nuclei, Trivy, Semgrep ▸ AI/ML API integration: OpenAI, Anthropic, or equivalent not model training, prompt orchestration ▸ POPIA / GDPR data handling patterns encryption at rest (AES-256), TLS 1.3, data masking ▸ CI/CD pipeline setup: GitHub Actions, GitLab CI, or equivalent ▸ Background job scheduling and scan pipeline orchestration ▸ PDF/CSV report generation (programmatic, structured output) Experience Signals to Look For ▸ Has built or contributed to a SaaS product used by multiple paying customers ▸ Understands the difference between building for a single client vs a multi-tenant product ▸ Has integrated at least one security or infrastructure scanning tool (or equivalent complex API) ▸ Can document architecture decisions not just write code ▸ Comfortable working under a product owner who controls roadmap and IP not a co-founder dynamic What We Are Looking For You Are a Strong Fit If You: ▸ Have built and deployed a multi-tenant SaaS product with real paying customers ▸ Have integrated third-party APIs or open-source tooling into a production application ▸ Understand data security, encryption, and access control patterns not just as checkbox items ▸ Can design and document a system architecture before writing a line of code ▸ Are comfortable working to a product owner's roadmap and specification you execute and advise, not direct ▸ Can provide a signed IP assignment agreement and NDA ▸ Can commit to Phase 1 delivery within a 3-month window This Is Not the Right Fit If You: ▸ Expect co-founder equity or shared IP ownership ▸ Have only built bespoke single-client applications, not multi-tenant SaaS ▸ Cannot supply IP assignment documentation ▸ Are an agency looking to assign rotating team members to this project ▸ Have no prior experience with cloud infrastructure or security tooling Please submit a proposal that includes the following. Applications without all four items will not be reviewed. ▸ Portfolio / examples of SaaS products you have built multi-tenant preferred ▸ A brief proposed technology stack for this platform with your rationale ▸ Your Phase 1 timeline estimate and milestone structure ▸ Your fixed-price or hourly rate for Phase 1 scope Bonus: If you have prior experience integrating any of the following : OpenVAS, OWASP ZAP, Nuclei, Trivy, or similar security tooling please call this out specifically. This is a long-term engagement. We are not looking for someone to build and disappear. We are looking for a development partner to grow with the product through launch, pilot, and scale with an ongoing retainer model post-MVP.