Platform Architect & Backend Lead

New

FlatgigsIoT Platform

Pakistan. India. EgyptFull-TimeLead

Salary not disclosed

Apply NowOpens the employer's application page

Job Details

Experience: 7–12 years software or systems engineering; minimum 4 years specifically building IoT platform backends or connected product infrastructure
Required Skills: DockerGraphQLNode.jsPostgreSQLPythonKafkaKubernetesRabbitmqTypeScriptGoRDBMSREST APITerraformGitHub ActionsCloudFormation

Requirements

7–12 years software or systems engineering experience
minimum 4 years specifically building IoT platform backends or connected product infrastructure
Expert-level, hands-on experience with AWS IoT Core or Azure IoT Hub (production deployments)
Expert MQTT knowledge: v3.1 and v5.0, topic hierarchy design, QoS levels, retained messages, Last Will & Testament, broker sizing and clustering
Proficiency in Python and Node.js/TypeScript for production backend services
Hands-on experience with a time-series database: InfluxDB, TimescaleDB, or AWS Timestream
Terraform or AWS CloudFormation for programmatic cloud infrastructure provisioning
Multi-tenant SaaS backend architecture: data isolation patterns, tenant-scoped access control, shared infrastructure design
Security fundamentals applied in practice: TLS/mTLS, X.509 certificates, OAuth 2.0, JWT, secrets management (Vault or AWS Secrets Manager)
Message broker or streaming experience: Kafka, RabbitMQ, AWS Kinesis, or AWS IoT Rules Engine
Proven ability to work autonomously at a senior level

Responsibilities

Design the full end-to-end IoT platform architecture: device connectivity layer → MQTT/protocol ingestion → stream processing → time-series storage → REST/GraphQL API layer → real-time WebSocket delivery
Define the multi-tenant data model: strict data isolation between customers, tenant-scoped API tokens, row-level security
Design the device lifecycle system: provisioning, X.509/JWT authentication, device registry, status tracking, decommissioning
Architect the protocol abstraction layer so MQTT, Modbus, OPC-UA, CoAP, and HTTP devices all normalise to the same internal data model
Design a configurable rule engine: event-condition-action rules for alerts, automations, and integrations — no code required from customers
Plan OTA firmware update management: secure delivery, versioning, rollback, fleet orchestration
Write Architecture Decision Records (ADRs) for every major technical choice — nothing undocumented
Design the scaling path from 100 devices (pilot) to 500,000+ (production) without structural rework
Build core platform services from scratch: device management, telemetry ingestion, rule engine, notification/alerting, OTA update, multi-tenant API gateway
Develop REST and GraphQL APIs with full OpenAPI specification — version-controlled from Day 1
Implement WebSocket and SSE endpoints for real-time telemetry delivery to web and mobile clients
Build device command-and-control with acknowledgement, retry logic, and timeout handling
Implement device shadow service: last-known state of every device accessible even when offline
Write unit, integration, and load tests — no service reaches staging without test coverage
Own service reliability: SLO definitions, alerting runbooks, on-call incident response
Provision and manage all AWS environments (dev, staging, production) using Terraform — no click-ops
Configure AWS IoT Core: MQTT endpoint, topic namespace, rules engine, certificate management
Set up CI/CD pipelines via GitHub Actions for all backend services
Configure CloudWatch monitoring, log aggregation, and automated health alerts
Manage IAM for all team members — least-privilege access, no shared credentials
Hand off infrastructure fully documented when a DevOps engineer joins in Phase 2

View Full Description & ApplyYou'll be redirected to the employer's site