HSA - Full Stack Engineer

FULL-STACK ENGINEER

RESPONSIBILITY

The Full Stack Engineer is responsible for designing, developing, deploying, and

maintaining scalable, high-performance, and secure web applications. The role

requires expertise in frontend and backend development, cloud technologies, DevOps

automation, and application security. Engineers must work in an agile, DevOps-driven

environment, ensuring high software quality, security, and maintainability.

• Take full ownership of end-to-end application development, integrating

frontend, backend, and cloud infrastructure.

• Design, develop, and maintain responsive, accessible, and performant web

applications.

• Implement modern frontend architectures, ensuring reusability, scalability,

and security.

• Develop high-performance backend services and APIs, ensuring reliability,

security, and observability.

• Work with Quality Assurance (QA) engineers to ensure automated test

coverage and proactively fix bugs and defects.

• Optimize full-stack CI/CD deployment strategies, ensuring seamless and

automated releases.

• Work with DevOps teams to automate infrastructure provisioning, monitoring,

and cloud deployments.

• Ensure full-stack security, including authentication, authorization, API

security, and frontend security best practices.

• Continuously evaluate and adopt emerging technologies to improve

application performance and developer productivity.

EXPERIENCE AND SKILLS NEEDED

Full Stack Development:

• Degree or Diploma in Computer Science, Computer or Electronics

• Engineering, Information Technology, or related disciplines.

• Experience with Git and modern branching workflows (GitFlow, trunk-based

development).

• Strong proficiency in both frontend and backend development.

Frontend Technologies:

JavaScript and TypeScript.

Frontend frameworks such as React.js, Next.js, Vue.js, Angular, or Svelte.

Mobile app development using Swift (iOS), Kotlin (Android), or React Native.

UI component libraries such as Material-UI, Tailwind CSS, or Bootstrap.

Experience with wireframing and prototyping tools (Figma).

Advanced experience in building complex, multi-step forms with validation

Knowledge of form accessibility standards (WCAG 2.1 AA compliance)

Experience with form state management and data persistence

Backend Technologies:

Node.js, Express.js, NestJS.

Ruby on Rails (RoR).

Java/Kotlin (Spring Boot).

Python (Django, Flask, FastAPI).

Golang

RESTful APIs, GraphQL, gRPC, and WebSockets for service communication.

Government Technology Integration:

Experience with Singapore Whole-of-Government (WoG) technology products,

particularly FormSG, OPUS, OGRE, and OPTICAL platforms highly preferred

Understanding of government digital service standards and compliance

requirements

Experience with government API integrations and data exchange protocols

Observability & Monitoring:

Experience implementing application performance monitoring (APM) tools

(Datadog, New Relic, Sentry, Prometheus, OpenTelemetry).

Knowledge of logging frameworks (ELK Stack, Loki, Fluentd) to track and

debug issues across distributed systems.

Ability to set up dashboards and alerts for real-time application health

monitoring.

Backend Scalability & API Design:

Strong experience in API design principles, including REST, GraphQL,

gRPC, and WebSockets.

Knowledge of API rate limiting, caching strategies (Redis, Varnish), and

performance optimizations.

Familiarity with backend service scalability strategies (horizontal scaling,

autoscaling, load balancing).

DevOps, Cloud, and Infrastructure:

Experience with CI/CD pipelines (GitHub Actions, GitLab CI, ArgoCD, Jenkins).

Hands-on experience with cloud platforms (AWS, Azure, Google Cloud,

Cloudflare Workers).

Experience with containerization and orchestration (Docker, Kubernetes).

Familiarity with Infrastructure as Code (IaC) tools (Terraform, CloudFormation,

Pulumi).

Experience with Government Commercial Cloud (GCC) on AWS

Understanding of GCC security frameworks and compliance requirements

Experience with AWS services commonly used in GCC (EC2, RDS, S3, Lambda,

API Gateway)

Security Best Practices:

Strong knowledge of frontend security (CSP, CORS, XSS prevention).

Experience with backend security (OAuth, JWT, API rate limiting, encryption).

Familiarity with cloud security (IAM, Secrets Management, OWASP Top 10).

Software Quality & Testing:

Experience with unit and integration testing (Jest, Cypress, Playwright, Pact).

Backend testing using Postman, Supertest, contract testing.

Bonus Experience (Added Advantage):

Experience with low-code platforms (OutSystems, Mendix, Appian).

Familiarity with micro-frontends and modular frontend architectures.

Experience working with edge computing (Cloudflare Workers, Lambda@Edge)