[Hiring] a skilled Backend developer!
Backend Developer Needed. AI-Powered Cybersecurity SaaS Platform (Remote)
---
Hey,
Building a cybersecurity intelligence SaaS product and need a backend engineer to take it from a working frontend to a fully functional platform. The frontend is built in Next.js and deployed. Everything below it needs to be built.
---
**What you'll be building:**
**Core Infrastructure**
- PostgreSQL schema design and management (Railway hosted)
- BullMQ + Redis job queue for a scheduled 9-agent pipeline (weekly, overnight run)
- RESTful API layer via Next.js API routes
- Multi-tenant architecture with full customer data isolation and row-level security
- Customer configuration persistence per tenant
**Microsoft 365 / Entra ID Integration — highest priority**
- OAuth2 read-only enterprise consent flow
- Microsoft Graph API — sign-in logs, MFA registration status, user directory data
- Scheduled nightly sync with delta queries
- Scopes: `AuditLog.Read.All` · `Reports.Read.All` · `Directory.Read.All` · `User.Read.All`
- Normalising Graph API output into the product's internal data schema
**Microsoft Defender / Sentinel Integration**
- Defender for Endpoint API — device inventory, alert ingestion, endpoint isolation
- Microsoft Sentinel — incident creation, watchlist management, IOC push
- Entra ID user management — account suspension via API
- Approval gate middleware — all response actions require dual-actor confirmation before any API call fires
- Immutable audit trail for every action taken
**Threat Intelligence Feed Ingestion**
- OTX AlienVault API — IOC ingestion with sector and geography filtering
- Abuse.ch feeds — URLhaus, MalwareBazaar, ThreatFox
- IOC normalisation pipeline — deduplication, confidence scoring, time-based decay
- DNS log ingestion — syslog and CSV parsing for detection use cases
**Scheduled Agent Pipeline**
Nine agents running on a BullMQ schedule, Sunday night through Monday morning:
Signal ingestion and deduplication from threat feeds
Technique probability scoring against customer asset profile
Control gap analysis cross-referenced against active adversary TTPs
DNS/proxy log analysis for shadow application detection
Regulatory exposure quantification from detected incidents
Unified financial exposure scoring
Gap closure value and ROI tracking
Confidence score decay modelling with corroboration event handling
Structured data assembly for LLM narrative generation
Human review gate before pipeline output is delivered — brief is held at agent 9 until analyst approval.
**LLM Integration**
- Anthropic Claude API integration for the Brief Composer and narrative generation agents
- Prompt engineering for customer-specific, sector-specific output
- Retry logic, error handling, rate limit management
**Support Ticket System**
- Ticket creation, routing, status tracking
- Priority-based SLA management
- Email notification on creation and status update
---
**Stack:**
- Node.js / TypeScript
- PostgreSQL on Railway
- Redis + BullMQ
- Next.js API routes
- Microsoft Graph API, Defender API, Sentinel API
- Anthropic Claude API
- Docker / Railway deployment
---
**You need:**
- Solid Node.js / TypeScript — not junior level
- Production experience with job queues (BullMQ or equivalent)
- OAuth2 and enterprise SSO flows — multi-tenant consent, token refresh, scoping
- Microsoft Graph API experience — a significant advantage
- PostgreSQL schema design including row-level security for multi-tenancy
- Comfort working in a security-adjacent domain — you are building threat intelligence pipelines, not CRUD apps
**You don't need:**
- Frontend skills — UI is complete, not your concern
- DevOps or infrastructure setup — Railway handles deployment
- Security certifications or clearance
---
**Engagement:**
- Remote, async-friendly
- GST timezone overlap preferred — pipeline delivers Monday morning GST, availability for handoff helps
- Project-based to start with defined milestones
- First milestone: Microsoft 365 integration live and pulling real data
- Ongoing engagement likely as platform scales to production customers
**Compensation:** Open to discussion based on experience and milestone structure. Drop your rate and relevant experience below or DM me.