PUB - Full Stack Engineer

The Full Stack Engineer (AI-Assisted programming)

The Full Stack Engineer is a pivotal role responsible for the end-to-end design, development, deployment, and maintenance of scalable, high-performance, and secure web applications.

This role combines application development (AI-assisted programming) with hands-on ownership of cloud infrastructure, ensuring reliable, secure, and scalable systems on Azure. The engineer would be working on PUB's gen-AI assisted procurement-related web application as part of PUB's AI initiative.

Key responsibilities

User Engagement & Requirements Gathering:

• Conduct user testing sessions to gather valuable feedback on application functionality and user experience.
• Actively engage with stakeholders and end-users to gather, refine, and translate product functionality requirements into technical specifications/ testable artifacts.
• Review and validate all AI-generated code, identifying hallucinations, logic flaws, and maintainability issues before integration.
  • Storage: Azure Blob Storage, Azure PostgreSQL Flexible Server

AI-Assisted Development & Code Quality:

Own end-to-end application delivery (frontend, backend, and cloud), leveraging AI coding assistants to accelerate development while ensuring quality, scalability, and maintainability (DRY, modular design, separation of concerns).

Build responsive, accessible, and performant web interfaces, using AI to speed up development while retaining full ownership of architecture and reusability.

Design and operate secure, reliable, and observable backend services and APIs, guiding AI for boilerplate and tests while owning API contracts and data models.

Cloud Architecture & Infrastructure:

• Own the end-to-end design, implementation, and operation of Azure infrastructure, ensuring solutions are secure, scalable, highly available, and compliant by design.

Translate application and security requirements into well-architected Azure reference architectures, balancing performance, cost, and operational complexity.

Design and implement secure network topologies, including segmented VNets, subnet strategies, private connectivity patterns (Private Endpoints, VNet Integration) to eliminate public exposure of critical services , and network security enforcement using NSGs

Architect and deploy cloud-native application platforms, leveraging services such as:

Compute: Azure Kubernetes Service (AKS)

Integration: API Management (APIM)

Security: Key Vault, Managed Identities, Entra ID integration

Edge & Protection: Application Gateway, WAF

Implement secure-by-default infrastructure patterns, including secret management and end-to-end encryption (in transit and at rest)

DevOps:

• Design, implement, and maintain full-stack CI/CD deployment strategies and pipelines, ensuring automated, compliant, and efficient release processes.

Testing & Quality Assurance:

• Establish comprehensive automated test strategies, including unit, integration, and end-to-end testing, ensuring high code coverage.
• Resolve all identified software defects, bugs to maintain application stability and integrity.

Security & Compliance:

• Ensure adherence to IM8 compliance requirements and any other emerging organizational compliance mandates.
• Implement and maintain comprehensive full-stack security measures, including robust authentication, authorization, API security, and frontend security best practices.
• Establish regular SAST, SCA, container image, vulnerability scans and other regular security related scans and resolve identified security vulnerabilities according to compliance timeline.

Qualifications & Experience

Full Stack Development:

Technologies:

• Next.js, TypeScript, React.js, UI component libraries (e.g., ShadCN, Tailwind CSS).
• Experience with relational databases

Security & Compliance:

• Experience with IM8 compliance and system commissioning for government projects
• Strong knowledge of frontend security (CSP, CORS, XSS prevention).
• Experience with backend security (OAuth, JWT, API rate limiting, encryption).
• Familiarity with cloud security (IAM, Secrets Management, OWASP Top 10).

DevOps & Infrastructure:

• Proven experience setting up and managing Azure infrastructure (refer to Azure services listed in the Cloud Architecture & Infrastructure of Key Responsibilities).
• Experience with CI/CD pipelines using GitLab CI
• Experience with containerization and orchestration (Docker, Kubernetes).

Software Quality & Testing:

• Experience with unit and integration testing (Jest, Cypress, Playwright, Pact).
• Backend testing using Postman, Supertest, contract testing.

Observability & Monitoring:

• Experience implementing application performance monitoring (APM) tools (Prometheus, OpenTelemetry).
• Knowledge of logging frameworks (ELK Stack, Loki, Fluentd) to track and debug issues across distributed systems.

Backend Scalability & API Design:

• Strong experience in API design principles
• Knowledge of API rate limiting, caching strategies (Redis, Varnish), and performance optimizations.
• Familiarity with backend service scalability strategies (horizontal scaling, autoscaling, load balancing).

Bonus Experience (Added Advantage):

• Experience with government procurement processes
• Microsoft Certified: Azure Solutions Architect Expert
• Microsoft Certified: Azure Security Engineer Associate