Senior Full Stack Engineer (Security-Focused)

Premium Service Directory Platform: We've completed an intensive 3-month planning phase producing comprehensive documentation including high-level requirements, process flows, architecture diagrams, security protocols, database schemas, API specifications, and front-end mock-ups. We're now seeking an AI-native engineer to execute the build phase with a security-first mindset. Core Responsibilities Planning & Architecture Review • Audit all existing documentation for gaps, inconsistencies, or security vulnerabilities before code generation • Provide written feedback and recommendations within first 2 days of engagement • Validate architecture against AWS Well-Architected Framework Development (Bottom-Up Approach) • Infrastructure layer (IaC with Terraform) • Database implementation with encryption at rest • API layer development with comprehensive input validation • Frontend implementation aligned to mockups • Integration of third-party services per business domain priority AI Integration • Leverage AI coding assistants (GitHub, General LLMs, Cursor, or equivalent) to accelerate development • Implement AI-powered features where specified in requirements • Ensure all AI-generated code passes security review and testing Quality & Security • Write comprehensive unit tests • Implement automated security scanning in CI/CD pipeline. (E.g. Snyk) • Support external penetration testing and performance testing teams • Participate in break-fix cycles during QA phase Operations & Resilience • Collaborate with infrastructure team on deployment strategy • Execute and document backup, disaster recovery, and business continuity procedures • Conduct DR/BCP testing • Implement and test rollback procedures Technical Stack Frontend: Next.js, Tailwind CSS, shadcn/ui Backend: NestJS (Node.js), Python (microservices) Database: PostgreSQL RDS (encrypted), Redis (encrypted in-transit) Storage: S3 (server-side encryption, bucket policies) Hosting: AWS Fargate (Docker), IaC via Terraform CI/CD: GitHub Actions, AWS Systems Manager CDN/Security: Cloudflare, AWS WAF, Route53, CloudFront, ALB with NAT Auth: Auth0 with JWT, MFA support Observability: Prometheus/Grafana, CloudWatch, CloudTrail, GuardDuty Key Management: AWS KMS, Secrets Manager, Parameter Store, ACM Third-Party Integrations: • Age Verification: Yoti, BlueCheck, Ondato • CRM: Mautic, Pipedrive, HubSpot • Payment Processing: CCBill, Paxum AWS Control Tower Structure: Management | Log Archive | Audit | Production | Pre-Prod | Test | Dev ________________________________________ Required Qualifications Must Have: • 5+ years full stack development experience • 3+ years AWS production experience • Demonstrated experience building applications handling PII/sensitive data • Strong understanding of OWASP Top 10 and mitigation strategies • Experience with infrastructure as code (Terraform) • Proficiency with AI coding tools and prompt engineering • History of delivering projects with third-party API integrations Nice to Have: • AWS Security Specialty or Solutions Architect certification • Experience with adult industry or age-restricted platforms • Familiarity with PCI DSS or similar compliance frameworks • Experience with CCBill/Paxum payment integrations • Knowledge of GDPR and international data privacy regulations