Lead Java Developer/Solution Architect (15-week contract)

gravity9 is seeking a Technical Lead / Solution Architect to lead the design and build of a secure metadata catalogue platform for a UK public sector client. The platform will serve as a centralised index for discovering, governing, and controlling access to data distributed across multiple independent domains — enabling authorised parties to locate and retrieve data without the catalogue itself holding or having visibility of the underlying data.

This is a greenfield build requiring strong architectural judgment, hands-on delivery capability, and the ability to work within a multi-vendor environment where the catalogue integrates with separate data storage and encryption services provided by other technology partners.

• *Duration**

15 weeks

• *Commitment**

Half-time for the first 4 weeks (design phase); full-time for the remaining 11 weeks (build and integration)

• *Working model**

Mostly remote with periodic onsite attendance

• *Security clearance**

BPSS (Baseline Personnel Security Standard) required

• *Residency**

UK resident required

• *Technical Scope**

The contractor will be responsible for leading the design and delivery of the API layer and application logic. A dedicated database consulting engineer will handle MongoDB cluster configuration, schema design, indexing, and performance tuning — the contractor will collaborate closely with them but will own the application-layer delivery.

• *Architecture & Design (Weeks 1–4, half-time)
• Design the Attribute-Based Access Control (ABAC) model, including policy attributes (clearance level, nationality, group/role, context), enforcement points, and decision logic
• Design the RESTful API architecture, including endpoint structure, request/response contracts, and error handling patterns
• Map out query patterns, access flows, and integration touchpoints with external systems (data storage and encryption services provided by partner organisations)
• Collaborate with the database consulting engineer on schema design, search strategy, and encryption approach to ensure the API layer aligns with the underlying data model
• Contribute to Infrastructure as Code design for deployment (Terraform or similar)
• *Build & Implementation (Weeks 5–15, full-time)
• Build a RESTful API layer in Java implementing full catalogue functionality:

– CRUD operations for metadata records

– Advanced search capability leveraging Atlas Search

– ABAC enforcement on all API operations, ensuring search results and data retrieval are filtered by the requestor’s access attributes

– Secure storage and retrieval of encrypted key material (shard keys) via CS-FLE

• Implement unit tests to validate functional correctness
• Build automated data load and stress testing harnesses for the combined API and cluster deployment
• Perform integration testing against external partner systems (or appropriate stand-ins) to validate end-to-end data creation and retrieval flows
• Produce API documentation and integration guides for consuming systems
• Support knowledge transfer and handover activities in the final weeks of the engagement
• *Essential
• Java development — strong hands-on capability building production RESTful APIs (Spring Boot or similar framework)
• MongoDB — solid working experience with MongoDB, including querying, aggregation pipelines, and integrating MongoDB into Java application layers
• Atlas Search — practical experience designing and implementing search solutions using Atlas Search (or Lucene-based search within MongoDB)
• Security & encryption — experience with Client-Side Field Level Encryption (CS-FLE) or equivalent application-layer encryption patterns; understanding of key management concepts
• Infrastructure as Code — experience with Terraform or equivalent for deploying and managing application infrastructure
• API design — ability to design clean, well-documented RESTful APIs suitable for integration by multiple consuming systems
• Testing — experience with load/stress testing tools and approaches for validating API performance under realistic conditions
• Technical leadership — proven ability to make architectural decisions, produce design documentation, and communicate technical trade-offs to both engineering and non-technical stakeholders
• *Desirable
• Experience designing and implementing Attribute-Based Access Control (ABAC) systems; familiarity with policy-as-code frameworks (e.g. Casbin, OPA, or XACML-based systems)
• Experience with metadata standards such as DCAT, Dublin Core, or IES
• Experience working in UK public sector or defence environments
• Familiarity with multi-classification or multi-tenancy access models
• Experience with event-driven architectures and asynchronous processing patterns
• Understanding of consistency patterns in multi-service architectures (e.g. saga pattern, eventual consistency)
• Knowledge of data mesh or federated data architecture concepts
• Experience integrating with third-party data storage APIs (e.g. S3-compatible interfaces)
• *Working Context**
• The contractor will work as part of a small, focused delivery team operating within a multi-vendor programme
• The catalogue integrates with separate data shredding/storage and encryption services delivered by other organisations — the contractor will need to collaborate across these boundaries but will not be responsible for those components
• All work will be conducted via VPN access to the client’s cloud environment
• The client operates within a security-conscious environment; the contractor must be comfortable working within defined information handling and access constraints
• The role includes a knowledge transfer component in the final weeks of the engagement, including API documentation and integration guides for the client team