We’re looking for an experienced Software Architect to lead the design and evolution of our next-generation Enterprise VPN and Zero Trust networking platform.
You’ll work across teams to define and evolve the architecture of secure, scalable systems responsible for identity, access control, and connectivity for modern organizations.
The product is in active development, is a startup product and you'll join the foundational team shaping the architecture and direction of the platform. As a key member of the founding team, you’ll shape our technical strategy, engineering practices, and system resilience. This is a high-impact technical role where your decisions will influence both product direction and company growth.
Responsibilities:
Lead the design and evolution of secure, scalable, and observable backend systems using Node.js, TypeScript, and NestJS
Define and enforce architectural standards, ensuring alignment with 12-factor app principles and modern software design patterns
Design and maintain comprehensive architecture documentation (including deployment, component, sequence, and data flow diagrams)
Architect and validate high-availability and fault-tolerant systems with proper load balancing, redundancy, and recovery mechanisms
Oversee API design (REST, gRPC) with secure authentication, authorization, and multi-tenant access control
Lead and mentor the backend engineering team; conduct design reviews, code reviews, and technical alignment sessions
Guide CI/CD workflows, infrastructure-as-code practices, and ensure reliable production deployments
Collaborate with product, frontend, DevOps, and security teams to align backend architecture with business goals and SLAs
8+ years of backend development experience, with 3+ years in architectural or technical leadership roles
Expertise in Node.js, TypeScript, NestJS, and RxJS
Deep knowledge of API standards: REST, gRPC, Protocol Buffers, GraphQL
Advanced experience with Linux networking (e.g. ip, iptables, conntrack, routing, NAT, DNS, TLS/SSL, firewalls)
Strong grasp of declarative access control models and policy engines (e.g., OPA, Cedar)
In-depth knowledge of OAuth 2.0, OpenID Connect, JWT, SAML, and secure identity flows
Proven experience with multi-tenant, secure, cloud-native system design at scale
Hands-on knowledge of CI/CD (ArgoCD), Docker, Testcontainers, and DevOps collaboration (GitOps)
Fluency in designing systems with PostgreSQL, Redis, RabbitMQ, MQTT, SNS/SQS
Strong background in AWS services (e.g. EC2, ECS, Lambda, IAM, VPC, CloudWatch)
Experience maintaining up-to-date, version-controlled architecture documentation
Familiarity with 12-factor app principles or equivalent clean, modular software design frameworks
Ability to lead remote teams with clear communication and technical authority
Nice to Have
Experience in VPNs, access management, or cybersecurity
Knowledge of Cloudflare stack (e.g., Workers, WAF, DNS, Zero Trust)
Exposure to Terraform and infrastructure-as-code workflows
Kubernetes and container orchestration in SaaS production environments
Exposure to multi-region deployments and edge/service mesh architecture
Previous experience scaling high-load, latency-sensitive systems
Background in fast-paced product/startup teams
BSc/MSc in Computer Science or related field