Senior Full Stack Developer - Business and Technology Consulting

Description

Senior Full Stack Developer and QA Engineer

We are looking for a Senior Full Stack Developer with strong QA and cybersecurity expertise and 6-9 years of hands-on experience in building, testing, securing, and optimizing scalable web applications, distributed systems, and microservices. This role is ideal for someone who can develop, test, secure, and optimize large-scale applications, ensuring high performance, reliability, security, and seamless test automation integration. If you are passionate about building and testing secure and robust applications, implementing automated testing and security strategies, working with big data frameworks like Apache Spark and Iceberg, and leveraging event-driven architectures with Kafka, we would love to hear from you!

Key Responsibilities:

Software Development and System Architecture
• Design, develop, and maintain high-performance, secure web applications using Python and JavaScript.
• Architect and implement robust distributed systems and microservice architectures, leveraging Gang of Four (GoF) design patterns.
• Develop scalable APIs and backend logic using tools libraries such as Django, Flask, or FastAPI, incorporating OWASP security best practices.
• Implement secure authentication and authorization using tools and processes such as OAuth, JWT, OpenID Connect, and Role-Based Access Control (RBAC).
• Design and implement event-driven architectures using Apache Kafka for real-time data streaming, asynchronous communication, and secure message passing.
• Optimize data workflows and pipelines using Apache Spark for large-scale, secure data processing.
• Implement and optimize Apache Iceberg tables for efficient data lake management and data security.
• Ensure secure coding practices by mitigating risks such as SQL Injection, Cross-Site Scripting (XSS), Cross- Site Request Forgery (CSRF), and Insecure Deserialization.
• Troubleshoot and resolve performance, scalability, reliability, and security issues.

Quality Assurance and Automated Testing
• Own and implement the complete testing lifecycle, including security testing, unit tests, integration tests, API tests, performance tests, and end-to-end (E2E) testing.
• Develop, execute, and maintain automated test suites that incorporate security scanning, compliance validation, and regression prevention.
• Implement Test-Driven Development (TDD) and Behavior-Driven Development (BDD) methodologies with security best practices in mind.
• Write and manage test automation scripts using tools like PyTest, Jest, Mocha, Cypress, Playwright, or Selenium.
• Define and execute API testing strategies using tools like Postman, Newman, or Karate to ensure secure and reliable API communication.
• Conduct performance and load testing using tools like Locust, JMeter, or k6, ensuring applications handle secure traffic scaling.
• Perform security vulnerability testing using tools like OWASP ZAP, Burp Suite, or SonarQube to detect and mitigate risks.
• Implement static and dynamic application security testing (SAST and DAST) in CI/CD pipelines.
• Document and analyze defects, conduct root cause analysis, and drive corrective actions.

CI/CD and DevOps Integration
• Integrate security-focused automated test execution within CI/CD pipelines (Jenkins, GitHub Actions, GitLab CI/CD).
• Implement shift-left testing and security strategies to catch defects and vulnerabilities earlier in the development cycle.
• Continuously monitor application quality, security, and performance metrics.
• Utilize containerization tools like Docker and Kubernetes while enforcing container security best practices.
• Implement secrets management using HashiCorp Vault, AWS Secrets Manager, or environment-based security.
• Deploy infrastructure as code (IaC) securely to automate deployments and prevent misconfigurations and vulnerabilities.

Collaboration and Leadership
• Mentor, guide, and support developers in secure coding, technical, and QA best practices.
• Conduct secure code reviews, pair programming, and knowledge-sharing sessions to enhance team expertise.
• Work closely with Product Managers, Designers, Engineers, and Developers to align engineering, QA, and security efforts with business objectives.
• Translate business requirements into scalable, testable, and efficient technical solutions.
• Foster a collaborative, inclusive, security-first, and high-performance development culture.

Requirements:

Full-Stack Development and Distributed Systems
• Experience in building secure, responsive front-end applications using React, Angular, or Vue.js.
• Proficiency in Python and JavaScript with experience in Django, Flask, or FastAPI.
• Deep understanding of distributed systems, microservices, design patterns, and event-driven architecture (Kafka).
• Strong expertise in secure API development, including OAuth, JWT, and OpenID Connect.
• Proficiency in implementing secure authentication and authorization mechanisms.
• Strong expertise in SQL (PostgreSQL, MySQL) and NoSQL (MongoDB, Cassandra) databases.
• Experience writing secure code and mitigating common vulnerabilities (OWASP Top 10, CWE/SANS Top 25).

Big Data and Event-Driven Architecture
• Experience with Apache Kafka for real-time event-driven architectures and asynchronous communication.
• Experience with Apache Spark for distributed data processing and real-time analytics.
• Knowledge of Apache Iceberg tables for schema evolution and transactional capabilities in big data environments.

Quality Assurance and Test Automation
• Expertise in automated testing frameworks such as PyTest, Jest, Mocha, Cypress, Selenium, or Playwright.
• Proficiency in Test-Driven Development (TDD) and Behavior-Driven Development (BDD).
• API testing experience using Postman, Newman, or Karate.
• Proficiency in security testing tools like OWASP ZAP, Burp Suite, or SonarQube.
• Hands-on experience with static and dynamic application security testing (SAST and DAST).
• Experience integrating security testing into CI/CD pipelines.
• Performance and load testing experience with Locust, JMeter, or k6.

CI/CD, DevOps and Cloud
• Experience integrating automated tests into CI/CD pipelines (Jenkins, GitHub Actions preferred, GitLab CI/CD).
• Knowledge of continuous testing methodologies for deployment readiness.
• Experience with Docker, Kubernetes, and cloud platforms (AWS preferred, Azure, or GCP).
• Proficiency in deploying and managing scalable microservices in a cloud-native environment.
• Strong knowledge of Kubernetes security, container security, and secrets management.

Code Quality and Best Practices
• Enforce coding standards, security best practices, and robust test automation.
• Ensure comprehensive test coverage and continuous testing in the CI/CD process.

Qualifications
• Bachelor’s or Master’s degree in Computer Science, Information Technology, or equivalent experience.
• Relevant certifications (AWS, Azure, Kubernetes, CISSP, CISM, or Certified Ethical Hacker) are a plus.

Job Information Technology

Primary Location India-Maharashtra-Mumbai

Travel: No

Req ID: 250637

Job Hire Type Experienced Not Applicable #BMI N/A