We're a pre-launch startup based in Merritt Island, Florida, preparing to bring our mobile and web platform to market.
## About the Role
We're looking for a Senior Software Engineer for a 2-4 week contract engagement to verify security work, deploy our platform to production, and advise on data privacy best practices for handling provider PII. This is not a ground-up build — the application is fully functional with a comprehensive security layer already in place. We need an experienced engineer to validate that work, fill remaining gaps, and get us live.
## What You'll Do
- Review and verify existing RLS (Row Level Security) policies across 22 Supabase tables
- Run and interpret an existing integration test suite (700+ tests covering security, billing, data integrity, and load)
- Deploy the web application to production hosting with a custom domain and SSL
- Advise on React Native / Expo deployment to App Store and TestFlight
- Set up environment separation (development, staging, production)
- Establish CI/CD pipeline for automated testing on deploy
- Configure database backup and monitoring strategy
- Review data handling practices for provider PII (government IDs, medical credentials, NPI data) against Florida data privacy requirements
- Replace in-memory rate limiting with a scalable solution
## What's Already Built
- React Native / Expo mobile app with role-based flows for providers, facilities, and admins
- Hono / Bun backend with TypeScript
- Supabase database with Postgres, Auth, Storage, and Realtime
- RLS enforced across all tables using per-request user-scoped Supabase clients
- JWT authentication with user-ID matching on all sensitive endpoints
- Server-side contact info redaction in messaging
- Admin facility approval workflow with server-side shift-posting gate
- Versioned database migration system (6 migrations)
- 700+ automated tests across 9 test suites (security, business logic, data integrity, concurrency, chaos, load)
- Private storage buckets with per-user folder policies and signed URLs
- File upload validation with magic byte checking
- Credential verification integrations (NPI, Nursys, NBCRNA, OIG)
## Requirements
- 5+ years of professional software engineering experience
- Production experience with Supabase (Postgres, Auth, RLS, Storage) — not just tutorials or side projects
- Experience deploying and operating a multi-role application where database-level security matters
- Comfortable reviewing and validating code you didn't write, including AI-generated code
- Experience setting up CI/CD pipelines and production infrastructure
- Strong understanding of authentication, authorization, and API security
- Excellent communication skills — able to explain technical decisions clearly to a non-technical founder
## Preferred Qualifications
- Experience with React Native / Expo app deployment to App Store
- Familiarity with healthcare data privacy requirements or handling sensitive PII
- Experience with Hono, Bun, or similar TypeScript backend frameworks
- Previous work on marketplace or two-sided platform applications
- Experience with load testing and performance optimization
## Compensation
$50-150 per hour depending on experience. Open to discussing a fixed project rate for the defined scope. Expected engagement is 2-4 weeks.
## How to Apply
Please include:
1. Your relevant experience with Supabase in production environments
2. A brief description of a project where you deployed a full-stack application from development to production
3. Your availability to start and preferred rate
We're happy to share the full codebase, test suite results, and migration history for your review before any commitment. NDA will be required.
Principals only. Recruiters, please don't contact this job poster.