Full-Stack Engineer (Backend)

Role Overview

We're building a greenfield web platform that delivers modern, cloud-based experiences aligned with Sensei Cloud. The application is modular in nature and will grow over time.

As a Full-Stack Engineer with a backend focus, you will be a core contributor shaping the Rails API, data layer, and Azure platform integrations from the ground up — while remaining capable of working across the entire stack when needed.

Your primary ownership area is the backend: data modeling, API design, data mapping across dental practice management systems (DPMS), external healthcare system integrations, and background processing. You will interact with Azure Cosmos DB for DPMS data and leverage Azure PostgreSQL Hyperscale (Citus) to host application data at scale. You will also contribute to frontend work as the team and product evolve.

This is a full-product ownership role in a HIPAA-regulated healthcare environment, requiring strong technical judgment, attention to compliance, and close collaboration with your fellow engineers and product stakeholders.

You will work within a Human -> AI -> Human engineering workflow, using AI tools to accelerate delivery while maintaining full accountability for correctness, security, and compliance.

Key ResponsibilitiesPrimary (Backend)

Design, build, and maintain a Rails API (API-only mode) that serves dental scheduling data to a React frontend

Model and evolve PostgreSQL schemas using ActiveRecord migrations, targeting Azure PostgreSQL Hyperscale (Citus) in production with an emphasis on clarity, performance, and data integrity

Become the team’s subject matter expert on data mapping across different dental practice management systems and the Cosmos DB data layer

Query and consume data from Azure Cosmos DB, understanding its document model and how DPMS data is structured within it

Design and maintain application schemas on Azure PostgreSQL Hyperscale (Citus), leveraging distributed tables and colocation for performance at scale

Integrate with external healthcare systems and services via HTTP — including dental exchange APIs, payment processors, and Azure AI services — to power features such as AI-assisted dictation and intelligent workflows

Implement and maintain Azure AD B2C JWT authentication middleware, including JWKS retrieval, signature verification, claim extraction, and current_user injection

Build and operate background jobs using Sidekiq and Redis for asynchronous and long-running tasks

Write and maintain comprehensive RSpec test suites using FactoryBot, WebMock, and VCR to safely test external HTTP integrations

Run and remediate findings from Brakeman and bundler-audit as part of normal development workflows

Shared (Full-Stack)

Contribute to React frontend components and pages as needed

Collaborate closely with frontend-focused engineers and product stakeholders throughout feature development

Participate in AI-augmented development workflows, reviewing and validating AI-generated code against acceptance criteria

Follow Git best practices: feature branches, pull requests for all changes, and conventional commit messages

Proactively update documentation when behavior or architecture changes

Core Technical Skills

Strong experience with Ruby on Rails in API-only mode, including ActiveRecord, migrations, routing, and middleware

Solid PostgreSQL knowledge, including schema design and query awareness; comfort working with both relational and NoSQL (document) databases

Experience designing REST APIs and integrating with external services via HTTP clients (e.g., Typhoeus, Faraday, or equivalent)

Hands-on experience with background job processing (Sidekiq or equivalent)

Experience implementing JWT-based authentication, including JWKS validation and claim extraction

Proven RSpec testing discipline with FactoryBot and HTTP stubbing using WebMock or VCR

Working knowledge of a modern frontend framework (React, Vue, or similar) — you don’t need to be a CSS wizard, but you should be comfortable building and debugging components

Familiarity with Git-based workflows, pull requests, and conventional commits

Comfortable reading and maintaining Markdown documentation

AI-Augmented Development (Required)

Hands-on experience using AI coding assistants (e.g., Claude Code, GitHub Copilot, Cursor) as part of daily development

Clear understanding of the Human → AI → Human review loop, with human ownership of all decisions

Ability to maintain supporting documentation such as READMEs, architecture notes, and AI configuration files (e.g., CLAUDE.md)

Awareness of AI traceability practices, including commit trailers, review checklists, and prompt hygiene

HIPAA & Compliance Awareness (Required)

Strong understanding that Protected Health Information (PHI) must never appear in code, tests, logs, commits, or error messages

Discipline around structured logging with explicit safe-field selection

Use of generic error messages with no patient-identifying context returned to API clients

Comfort working exclusively with synthetic or mock data

Awareness of secure coding practices, including no hardcoded credentials, OWASP Top 10 vigilance, and blocking remediation of Brakeman findings

Technologies & Tools

You will work with the following technologies as part of the CSD Cloud Apps stack:

Backend (Primary)

Language: Ruby

Framework: Ruby on Rails 8.1 (API-only mode)

Database: Azure PostgreSQL Hyperscale (Citus) for application data; Azure Cosmos DB (NoSQL) for DPMS data; PostgreSQL 16 for local development

Serialization: JBuilder

Background Jobs: Sidekiq with Redis 7

Data Access: Azure Cosmos DB SDK (via Ruby client or REST)

HTTP Client: Typhoeus (or Faraday) for external service integrations

Authentication: Azure AD B2C JWT validation via JWKS (custom middleware)

Security Scanning: Brakeman, bundler-audit

Testing: RSpec, FactoryBot, WebMock, VCR

Linting: RuboCop, rubocop-rails, rubocop-performance

Frontend (Collaborative)

Language: TypeScript 5

Framework: React 19 (functional components, hooks)

Styling: Tailwind CSS 4

Server State: TanStack Query (React Query) v5

Shared

Development Environment: Docker Compose

Deployment Tooling: Kamal, Thruster

Version Control: Git with feature branches and pull requests

Preferred / Nice-to-Have Qualifications

Experience with Kamal-based deployments and containerized production workflows

Familiarity with ActionCable or other WebSocket-based real-time features

Healthcare or dental domain experience

Prior experience working with dental practice management system data models or healthcare data normalization

Experience with Azure Cosmos DB, including its SQL API, partition key strategy, and document modeling

Familiarity with Azure PostgreSQL Hyperscale (Citus) or other distributed PostgreSQL solutions

Hands-on experience with Azure AD B2C JWT validation

Experience with Jbuilder or alternative Rails JSON serialization approaches

Experience with Azure AI services (e.g., Azure AI Speech, Azure OpenAI) or building AI-powered features such as dictation or intelligent document processing

Familiarity with healthcare data exchange standards or payment processing APIs

Working knowledge of React and TypeScript for frontend contributions

How We Work

AI-assisted engineering: AI tools are used for acceleration, but all code is reviewed and owned by engineers

Branch-based development: All work is done on feature branches with mandatory pull requests

Commit standards: Conventional commits are required; AI-assisted commits include traceability metadata (e.g., AI-Tool: claude-code)

Code reviews: Reviews include checks for OWASP Top 10 risks, PHI exposure, hardcoded secrets, overly broad rescue blocks, and invalid or hallucinated dependencies

Docker-first development: The full stack runs in Docker Compose with no local runtime dependencies

Work remotely Monday - Friday, 40 hours a week (no weekends)

Health Care Reimbursement

Active Lifestyle Reimbursement

Quarterly Home Office Reimbursement

Continuous Learning Bonus

Access to Training and Professional Development Platforms

Did we mention it's REMOTE?!!

One of our core values at Zipdev is "Be authentic." that's why we encourage you to answer the application form in your own words; we are interested in getting to know you, not a digital assistant.

Wondering how our remote environment or our payment method work? We've put together some helpful answers in our FAQs at the bottom our our career site. Take a look and let us know if you have any other questions!