We are looking for a Senior Backend Engineer to build and deploy a Python-based middleware service that securely integrates the mobile application with external AI services for voice and text analysis. You will architect backend services that handle token exchange, API key management, and data flow between the patient mobile app, AI analysis services (voice and text), and the EHR backend system. This role requires strong Python backend expertise, experience with containerized deployments, and an understanding of secure authentication patterns in healthcare systems.
Our client is a mental health platform that combines mobile technology with AI-powered therapy support. Patients record voice journal entries through a mobile app, which are analyzed by AI to help therapists identify the most effective treatment strategies for each individual. The approach is rooted in Cognitive Behavioral Therapy (CBT), helping patients change thinking patterns and develop healthier behaviors through guided problem-solving and relaxation techniques. The platform connects patients with therapists through HIPAA-compliant mobile and web interfaces.
This role requires close collaboration with stakeholders based in the United States (PST). You’ll participate in regular meetings, technical discussions, and planning sessions across time zones.
Technical Details: * Backend: Python 3.x, RESTful APIs * Authentication: OAuth 2.0, JWT, token-based flows * External APIs: Voice analysis service, text/chat analysis AI service, EHR system API * Security: API key management, secure secrets handling, TLS, HIPAA compliance * Containerization: Docker, Kubernetes (K8s) * CI/CD: GitLab CI/CD, GitHub Actions, or similar * Infrastructure-as-Code: Helm, Terraform, or similar * Cloud Platform: TBD — AWS, GCP, or Azure * Monitoring & Observability: Prometheus, Grafana, ELK stack, or similar * Project Management: Linear
Job Highlights: * Build HIPAA-compliant backend infrastructure for behavioral health platform. * Design a secure middleware architecture that prevents API key exposure in mobile apps. * Work with modern AI services for voice and text analysis in the mental health domain * Combined backend + DevOps role with architectural ownership and infrastructure responsibilities * Real-world impact supporting patient-therapist communication and mental health outcomes
Workflow: * Secure middleware service: Design and build a Python backend service that acts as a secure proxy between the React Native mobile app and external AI services (voice analysis for ~40-second audio clips, text analysis, and chatbot services for journal entries), preventing API key exposure in the public mobile client. * Token exchange and authentication: Implement OAuth 2.0 flows and token management to accept access tokens from the mobile app, use them to post analysis results to EHR backend on behalf of users, and return results to the mobile app (MVP approach: token passthrough; future: proper OAuth client implementation). * API integration and data formatting: Develop REST endpoints to receive voice and text data from mobile app, package and format data for external AI service APIs (batch uploads for voice, conversational flow for text), receive processed analysis responses, and forward results to EHR backend. * Security and rate limiting: Securely manage API keys and secrets (storage, rotation, access control), implement server-side rate limits and anomaly detection, configure TLS with certificate pinning support, and set up monitoring to prevent abuse of paid AI services. * Infrastructure and deployment: Set up and manage a Kubernetes cluster for backend deployment, build CI/CD pipelines for automated testing and deployment, implement Infrastructure-as-Code practices using Helm and Terraform, configure monitoring, logging, and alerting systems (Prometheus, Grafana, ELK stack or similar). * Mobile integration support: Collaborate with Mobile Engineer (React Native) to define API contracts, understand mobile app architecture and data flow requirements, and implement backend endpoints that support mobile workflows.
Responsibilities: * Design and implement a Python backend middleware service with RESTful APIs that securely proxy requests between mobile apps and external AI services (voice and text analysis), handling data formatting, token exchange, and API key protection. * Integrate with external AI services and EHR backend, implementing OAuth 2.0 token flows, secure secrets management, and error handling for third-party API failures and rate limits. * Implement security controls, including HIPAA-compliant data handling, server-side rate limiting, anomaly detection, TLS configuration, and audit logging. * Set up and manage Kubernetes infrastructure with CI/CD pipelines, Infrastructure-as-Code (Helm/Terraform), and observability stack (monitoring, logging, alerting). * Collaborate with Mobile Engineer on API contracts and integration patterns, participate in code reviews and architecture decisions, and write tests for backend services.
Qualifications: * 5+ years of professional backend development experience with strong Python expertise. * Experience using AI-powered productivity tools (Cursor, VS Code with Copilot, or similar AI-enhanced IDEs) and LLMs for research and problem-solving (ChatGPT, Claude, etc.). * Proven experience designing and building RESTful APIs and backend services in production environments. * Hands-on experience with Kubernetes (K8s) and containerized deployments (Docker). * Strong background with CI/CD pipelines (GitLab CI/CD, GitHub Actions, or similar). * Experience with Infrastructure-as-Code practices (Helm, Terraform, or similar tools). * Solid understanding of OAuth 2.0, JWT, and token-based authentication flows. * Strong knowledge of HTTPS, TLS, REST API security, and secure communication patterns. * Experience integrating with third-party APIs and handling external service errors, rate limits, and retries. * Understanding of HIPAA compliance requirements or healthcare data handling (bonus: prior healthcare/telehealth experience). * Strong problem-solving skills and ability to work autonomously with minimal oversight. * Clear written and spoken English for async collaboration and documentation.
Nice to Have: * Experience with the FastAPI framework specifically. * Experience with major cloud platforms (AWS, GCP, or Azure) and cloud-native services. * Experience managing production Kubernetes clusters at scale. * Knowledge of monitoring and observability stacks (Prometheus, Grafana, ELK, or similar). * Experience integrating AI/ML services (speech analysis, NLP, chatbots, LLM APIs). * Experience building backend APIs for mobile applications (iOS/Android) and understanding mobile-specific constraints. * Familiarity with rate-limiting strategies, anomaly detection, and abuse prevention patterns. * Background in telehealth, mental health, or healthcare technology platforms. * Experience with Python async frameworks and async/await patterns. * Familiarity with PostgreSQL or relational databases. * Prior experience in a lead or mentorship role. * GitHub-based workflows and conventional commits.
Our benefits: * No micromanagement * Freedom to engage in decision-making and implementation * Ability to work in a team of professionals (the ratio of middle and above specialists 80/20) * Participation in the development of high-quality products * Direct communication with clients on a partnership level * Professional development opportunities ($600 education budget, well-managed processes, communities, internal library) * Health insurance * $600 extra for health care, sports, or mental health * Accounting services * 20 paid working days off and 10 days sick leave * Opportunity to work remotely * Soulful team buildings and corporate events
Join us and be among those who care!
Please note: the review process may take up to 7 days. If your experience aligns with what we’re looking for, we’ll reach out to discuss the next steps. If not, we’ll hang onto your details and let you know if something relevant opens up.
