← Jobs

DevOps / Platform Engineer — Next.js + Supabase + Vercel — AI SaaS Startup (part-time, ongoing)

Budget: $12.0 - $25.0 HOURLY / PART_TIME ⭐ 0.00 (0) United Kingdom

github

We're an early-stage, AI-native EdTech product built on a modern TypeScript stack, moving from private alpha towards public launch. The product is live in a gated alpha and we need a reliable platform/DevOps engineer to operationalise the app and keep production healthy while the founder stays focused on product and feature development. This is a hands-on operations role, not a coding role. You will own the "keep-the-lights-on" layer — observability, deployments, cost control, secrets management, backups, and incident response. All changes to the codebase — features and bug-fixes — remain strictly in-house. We take security and least-privilege access seriously. You will start on staging and read-only surfaces; production access is granted only after a signed Data Processing Agreement and a successful initial phase. Scope of work Phase 1 — Operational Readiness (fixed-price, ~1–2 weeks) Defined deliverables, staging-first: - Stand up / harden the observability stack: centralised error tracking, per-user cost/quota telemetry, funnelled to a single dashboard. - Configure alerts with agreed thresholds (error rate, latency, spend-cap proximity, quota breaches). - Review and harden secrets management and rotation (API keys, service-role keys, DB credentials) — no secrets in plaintext/dotenv. - Verify backups and restore — confirm automated backups and run a documented restore test. - Author three runbooks: incident response, cost/spend-cap emergency, and user-facing status-comms. - Deliver a short operational readiness report confirming the app is production-safe for wider alpha. Phase 2 — Ongoing Production Support (capped monthly retainer) - Maintain Supabase, Vercel, Sentry, and CI pipelines; manage safe deployments. - Monitor API spend and infrastructure cost; weekly cost report and monthly infra health summary. - Incident response during business hours with an agreed response SLA (e.g. acknowledge within 1 hour for critical incidents). - Diagnose and escalate production-impacting issues: identify root cause from telemetry/logs, produce a clear write-up and reproduction, and hand off to the in-house team for any code change. - Scheduled secret rotation and periodic security/config review. Must-have skills - Demonstrable production experience running Next.js + Supabase (or equivalent Postgres) on Vercel. - Strong grasp of observability (error tracking, metrics, alerting) and incident response on small-team products. - Cost governance for cloud/LLM APIs — you understand spend caps, quotas and how to prevent runaway costs. - Security-conscious working practices: least-privilege access, secrets management, safe handling of production data. - Comfortable working async and following documented runbooks; you communicate clearly and proactively. How we work (please read before applying) - Least-privilege by default. You begin on staging and read-only surfaces. Full production access is granted only after a signed Article 28 Data Processing Agreement and a successful Phase 1. - No application-code changes. This is an operations role. All code changes are made in-house. - No stack rewrites. We want reliable operation of the current stack, not a re-architecture. - Documented, repeatable operations. If it isn't in a runbook, it isn't done. To apply, include in your proposal - Experience of working with an early phase startup and your involvement. - A production incident you diagnosed and resolved on a Next.js/Supabase (or comparable) stack — root cause and time-to-resolution. - How you approach least-privilege access and secrets management when working in a client's production environment. - The observability stack you'd stand up for a small early-stage app, and why. - Confirmation that you're willing to sign a Data Processing Agreement before any production access.
Openen op Upwork