Software Engineer Backend

About

The company designs and develops client applications focused on data security and privacy, particularly through cryptographic approaches and validation mechanisms. It operates across multiple platforms and access points to deliver a consistent user experience while ensuring high standards of security, data integrity, communication, and performance.

The position

The company is looking for a Software Engineer to join the Backend Team. The engineer will analyze, implement, and improve features across the company's API products, contributing to every stage of development while maintaining best-in-class security standards, performance, and usability. The work spans REST API entry points and business logic, as well as robust cryptographic mechanisms and zero-trust data validation.

Missions

• Develop new features in PHP and CakePHP for products used daily by over half a million users.
• Maintain, improve, and fix bugs in the existing codebase.
• Convert functional specifications into reliable API workflows, ensuring both backward compatibility and security.
• Participate in code reviews to identify defects before launch.
• Write unit tests aiming for ~80% coverage to ensure functionality and prevent regressions.
• Develop end-to-end tests to ensure critical user journeys work correctly across multiple scenarios.
• Keep a strong focus on quality and simplicity ("less is more").
• Ensure compatibility across multiple platforms and environments to maintain product versatility.
• Optimize code for performance and scalability to support growth and increased demand efficiently.
• Support the support team by refining upcoming feature requests or bug reports from clients and the community.
• Support product owners by proposing functional approaches for new business cases.
• Define comprehensive and iterative technical approaches to functional problems.
• Identify opportunities for long-term structural or architectural improvements and raise proposals.
• Contribute to extensive online documentation, including OpenAPI specifications, SDKs, and user/admin guides.
• Share findings and best practices internally through documentation and presentations.
• Work with the release lead during releases by preparing release readiness and supporting rollout activities to minimize or eliminate downtime.
• Collaborate with SRE teams to maintain robust CI/CD pipelines, reducing deployment risks and streamlining releases.
• Provide technical support during incidents: investigate issues and implement fixes that restore system stability.
• Participate in blameless postmortems by contributing to root-cause analysis and ensuring corrective actions are implemented in the codebase.
• Manage own priorities, deadlines, and deliverables to meet team commitments.
• Communicate progress, risks, and decisions early and clearly to the team.
• Support coworkers through pairing and knowledge sharing.
• Ensure each change request includes a risk analysis that identifies newly introduced security issues/risks and proposes mitigations.
• Apply secure coding/design practices so all components adhere to the highest security standards.
• Monitor project dependencies for vulnerabilities and assist the security team in assessing their impact.
• Patch dependency vulnerabilities and ensure updates do not introduce regressions.
• Ensure data handled by the product development team complies with GDPR and other applicable data protection regulations.
• Collaborate with security and senior management teams to keep company policies and risk registers up to date.
• Assist the security team in enforcing least privilege access and proper segregation of roles and responsibilities.
• Participate in security exercises and help refine processes and crisis management procedures.

Profile

• Bachelor's degree or equivalent work experience/certification relevant to software engineering (e.g., Computer Science, Electronics).
• 3+ years of experience building PHP applications.
• Proficiency building backend applications with CakePHP, Laravel, or Symfony.
• Proficiency testing applications with PHPUnit.
• Familiarity with OpenAPI Specifications.
• Familiar with Git and branching models.
• Strong understanding of OWASP Top 10 vulnerabilities and secure coding practices.
• Proficient in at least one additional programming language: JavaScript, Bash, Python, Go, or Rust.

Considered a plus

• Experience developing large high-availability systems.
• Experience with end-to-end testing and/or performance testing.
• Familiarity with evolutionary database design.
• Experience with authentication systems: OAuth, JWT, WebAuthn, Duo, Yubico.
• Experience integrating user directories: LDAP, Active Directory, SCIM.
• Familiarity with UML documentation and willingness to use it.
• Experience maintaining a long-lived project.
• Experience contributing to open source.

Soft skills

• Fluent English (verbal and written), and preferably another language.
• Strong analytical skills and a simple, solution-oriented mindset.
• Ability to balance technical excellence with business priorities and strategic goals.
• Comfortable working with full autonomy while collaborating effectively within a team.
• Receptive to feedback and able to collaborate effectively as part of a team.
• Inspired by cybersecurity/privacy topics; believes in an ethical web and understands what open source means.

Considered a plus (Soft)

• Experience collaborating with remote teams in an asynchronous workflow.
• Experience writing technical blog posts or sharing knowledge via articles or talks.