About the role We're looking for a senior backend engineer to build the core permission rules that decide whether a person/system is allowed to access data. This includes turning access on/off, expirations, and clear deny reasons. Bonus if you can also own database design.
What you'll do • Build and maintain the "is access allowed?" backend logic • Implement expiry and revocation reliably (access can be turned off immediately) • Design for edge cases and prevent bypass/workaround paths • Write automated tests to keep permission behavior correct as the system evolves • (Bonus) Own database structure and scaling for audit/event data
Required (must-have) • Strong backend experience building permissions/access control in production • Can implement time-based access (expires) and revocation reliably • Thinks through edge cases and designs safe defaults (no easy workarounds) • Strong automated testing discipline to prevent regressions
Nice-to-have • Database design experience (schemas, migrations, scaling large log/event tables) • Experience with audit logs that record allow/deny attempts without leaking sensitive data
Compensation Commensurate with experience and scope of responsibility