indeed
Senior Full Stack Engineer
Nomad
Toronto, CAN
Full Time
Senior
4 days ago
Node.jsTypeScriptReactGoogle Cloud PlatformRESTful APIsExpress.js
Free
Job Fit Check
Base Career helps you apply smarter for this job.
?%
Ready to ScanKey skills for this role
Node.jsTypeScriptReact
About the Role
Nomad is hiring a Senior Full Stack Engineer to build the financial operating system for fleets. The role involves designing secure REST APIs with Node.js, architecting cloud solutions on GCP, and developing user-centric applications with React.
Key Skills for This Role
Node.jsTypeScriptReactGoogle Cloud PlatformRESTful APIsExpress.js
Responsibilities
- Design, develop, and maintain secure REST APIs using Node.js
- Architect and implement cloud solutions using Google Cloud Platform services
- Collaborate with front end teams to develop user centric applications using React
- Review code and provide technical guidance to team members
- Troubleshoot and resolve production issues
- Implement and maintain security best practices across the application stack
- Handle client and customer information in accordance with information security and data protection policies
- Apply the principle of least privilege when designing, granting, and reviewing access
- Manage application secrets, credentials, and encryption keys securely
- Identify, triage, and remediate security vulnerabilities
- Manage CI/CD pipelines through Bitbucket and related DevOps tools
- Follow defined change management processes including peer code review and testing
Requirements
- 5–7+ years of professional software development experience
- Advanced Node.js expertise including Express.js, asynchronous programming, and PM2
- Strong TypeScript/JavaScript skills including ES6+, TypeScript type system, and build tools
- Front end development with React including hooks, state management, and RESTful API integration
- Demonstrated Google Cloud Platform expertise including Identity Platform, Compute Engine, and Cloud CDN
- Deep understanding of web security including OAuth 2.0, OpenID Connect, JWT, XSS, CSRF, SQL injection prevention
- API development expertise including RESTful design, versioning, validation, and documentation
- Familiarity with SOC 2, ISO 27001, or comparable compliance frameworks
- Experience working within formal change management and audit evidenced environments
- Secure software development lifecycle (SDLC) practices
- Producing and maintaining clear technical and operational documentation
- Bitbucket pipeline expertise including YAML configuration and multi environment deployment
Full Job Posting
About Nomad
- Nomad is building the financial operating system for fleets: fuel cards, real time transaction processing, invoicing, and working capital finance, increasingly automated by production AI.
- We are a small, fast moving team that cares deeply about doing right by our customers.
Key Responsibilities Engineering & Development
- Design, develop, and maintain secure REST APIs using Node.js.
- Architect and implement cloud solutions using Google Cloud Platform (GCP) services.
- Collaborate with front end teams to develop user centric applications using React.
- Review code and provide technical guidance to team members.
- Troubleshoot and resolve production issues.
Security & Data Protection
- Implement and maintain security best practices across the application stack.
- Handle client and customer information in accordance with Nomad’s information security and data protection policies.
- Apply the principle of least privilege when designing, granting, and reviewing access.
- Manage application secrets, credentials, and encryption keys securely.
- Identify, triage, and remediate security vulnerabilities, including timely patching and dependency updates.
Change Management
- Manage CI/CD pipelines through Bitbucket and related DevOps tools.
- Follow defined change management processes, including peer code review, testing, and documented approval.
- Maintain separation between development, testing, and production environments and ensure deployment controls are enforced.
Monitoring & Incident Response
- Implement and maintain logging, monitoring, and alerting across applications and infrastructure.
- Participate in incident detection, response, and post incident reviews, and escalate security incidents.
Documentation
- Create and maintain accurate, current technical documentation, including system architecture, data flows, API specifications, and security configurations.
- Document all production changes, deployments, access grants, and security relevant decisions.
- Maintain runbooks and operational procedures.
- Adhere to and help maintain IT and engineering controls relevant to SOC 2.
- Support SOC 2 and other audits by providing requested documentation and evidence.
- Escalate decisions that materially affect security posture or client data to the Chief Product Officer.
Required Qualifications & Skills Programming & Development
- 5–7+ years of professional software development experience.
- Advanced Node.js expertise including Express.js, asynchronous programming, and PM2.
- Strong TypeScript/JavaScript skills including ES6+, TypeScript type system, and build tools.
- Front end development with React including hooks, state management, and RESTful API integration.
Cloud & Infrastructure
- Demonstrated Google Cloud Platform (GCP) expertise including Identity Platform, Compute Engine, and Cloud CDN.
Security & API Development
- Deep understanding of web security including OAuth 2.0, OpenID Connect, JWT, XSS, CSRF, SQL injection prevention.
- API development expertise including RESTful design, versioning, validation, and documentation.
- Familiarity with SOC 2, ISO 27001, or comparable compliance frameworks.
- Experience working within formal change management and audit evidenced environments.
- Secure software development lifecycle (SDLC) practices.
- Producing and maintaining clear technical and operational documentation.
DevOps & Version Control
- Bitbucket pipeline expertise including YAML configuration and multi environment deployment.
- Version control proficiency including Git branching strategies and code review processes.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career