Job Description: We’re hiring a Backend Engineer to design and build secure, scalable backend services on Microsoft Azure , with a strong emphasis on data modeling , API development , and serverless compute using Azure Functions . You’ll work closely with product and front-end partners to deliver reliable APIs, integrate with Microsoft SQL Server on Microsoft Fabric , and implement robust authentication/authorization and API usage metering/billing . This role is ideal for someone who enjoys building well-structured systems, taking ownership of backend reliability, and applying strong security and engineering practices.
The role is outcome-focused: you’ll be expected to contribute to design discussions and implement robust backend services—while staying open to the best technical approach rather than following a single prescribed pattern.
Responsibilities: Key Responsibilities:
Data modeling and persistence
- Design logical and physical data models, schema migrations, indexing strategies, and performance tuning for SQL workloads.
- Partner with stakeholders to translate requirements into maintainable database structures and data contracts.
API design and implementation
- Build clean, well-documented RESTful APIs (and/or GraphQL where appropriate) with consistent patterns, versioning, and error handling.
- Implement validation, pagination, filtering, and search-oriented endpoints as needed.
Serverless and cloud-native development
- Develop and operate Azure Functions (HTTP-triggered and event-based) for core backend workloads and integrations.
- Implement observability (logging, metrics, tracing), resiliency patterns, and cost-aware scaling.
Integration with Microsoft data platform
- Integrate backend services with Microsoft SQL Server deployed on Microsoft Fabric , ensuring reliable connectivity, security, and performance.
- Work with platform owners to align environments, deployment workflows, and governance.
Security: authentication and authorization
- Implement authentication & authorization using industry best practices (e.g., OAuth2/OIDC, JWT, RBAC/ABAC concepts), aligned with Microsoft identity patterns.
- Ensure secure secrets management, least-privilege access, and threat-aware API design.
API metering and usage-based controls
- Implement API metering , quota/rate-limiting patterns, usage aggregation, and reporting.
Quality, reliability, and delivery
- Write automated tests (unit/integration), establish CI/CD pipelines, and support releases across environments.
- Participate in code reviews, define backend standards, and maintain clear technical documentation.
Qualifications: Primary language: Strong backend experience with JavaScript/TypeScript (preferred), including production API development.
- Experience with common frameworks/tooling (e.g., Node.js, Express/Fastify/NestJS) is beneficial.
Secondary options: Strong experience with Java or Python backend development (especially for APIs and cloud services).
Proven ability to design and build production-grade REST APIs , including:
- Versioning strategies, input validation, error models, pagination/filtering patterns
- API documentation using OpenAPI/Swagger
Strong fundamentals in relational data modeling and SQL :
- Schema design, indexes, constraints, transactions, query tuning
Hands-on experience building and operating Azure Functions (or equivalent serverless):
- Deployment, configuration, observability, scaling/cost awareness
Experience integrating with Microsoft SQL Server , ideally in a cloud-hosted setup; familiarity with Microsoft Fabric integration is a plus.
Strong understanding of authentication & authorization :
- OAuth2/OIDC, JWT, claims/roles, least privilege, secure secrets management
Experience implementing API metering/usage tracking concepts:
- Rate limiting, quotas, tenant-level usage aggregation, auditability
Practical experience with CI/CD , automated testing, and building services that are reliable in production (monitoring, alerting, incident-friendly design).
Nice-to-Have Skills:
- Experience with Azure API Management (APIM) for gateway policies, authentication integration, throttling, and analytics.
- Familiarity with Microsoft Entra ID (Azure AD) for OAuth2/OIDC flows, app registrations, scopes, and role/claims-based access.
- Experience using Azure Key Vault for secrets/certificates management and secure configuration practices.
- Infrastructure-as-Code experience using Bicep and/or Terraform to provision and manage Azure resources in repeatable, audited deployments.
