We are redirecting you to the source. If you are not redirected in 3 seconds, please click here.

Senior Full Stack Developer at Zenara Health. Role summary . Own a healthcare web application endtoend across backend (Python/Flask/Celery/Postgres) and frontend (Node.js/Express/HTML/CSS/JS), leading feature delivery, integrations, security, and operations. . Key responsibilities . End to end ownership . Plan, design, implement, test, deploy, and monitor features across frontend and backend. . Maintain high code quality, documentation, and developer experience. . Backend (Python/Flask) . Design REST APIs, proxy endpoints, and vendor integrations (e.g., EHR systems, form platforms). . Implement asynchronous processing pipelines with Celery + Redis (audio/transcripts). . Optimize Postgres schemas/queries; manage connection pools (psycopg/psycopg_pool). . Enforce consistent authentication/authorization (API key headers), manage secrets via environment variables. . Operate with Gunicorn and Docker Compose; maintain conda/venv environments. . Frontend (Node.js/Express) . Build secure serverside routes and robust proxy layers to backend APIs. . Implement sessions, CSRF protection, rate limiting, and security headers (helmet + CSP). . Integrate thirdparty form systems; implement file uploads (multer) and streaming (PDF/audio). . Develop pages and flows: login/register, dashboard, patients, action items, billing, invoice generation. . Media ingestion . Implement browser recording UX, file validation, and resilient upload/processing flows. . Coordinate FFmpeg/ffprobe and pydub usage for media processing. . Data & documents . Manage patient sections (agenda, summary, transcripts, blueprints), versioning/history, and exports (ZIP, PDF). . DevOps & operations . Own Docker Compose and CI/CD pipelines; environment parity for dev/stage/prod. . Instrument logging, metrics, tracing; set alerts; optimize performance and cost. . Security & compliance . Apply best practices: input validation, CSRF, CSP, secure cookies/sessions, SSRF prevention, rate limiting. . Handle secret management and least privilege for cloud/database access. . Contribute to security gap analysis and remediation; ensure auditable changes. . Quality & process . Write unit/integration tests for critical flows (auth, uploads, proxies, billing). . Own release notes, migration scripts, rollback plans; drive postmortems and continuous improvement. . Success metrics (first 90 days) . Standardize API key attachment across all proxy calls; eliminate “missing api key” errors. . Stabilize audio/transcript pipeline with retries, idempotency, and user feedback; reduce failures >80%. . Ship two endtoend features with tests and documentation. . Introduce base CI (lint/test/build) and minimal deploy workflow; improve release cadence. . Close top security findings; add monitoring for key endpoints. . Interview focus . Architecture: consistent API key enforcement across Express proxies and Flask APIs. . Systems design: async pipelines for audio/transcripts; retry/backoff; idempotency; observability. . Security: CSP/CSRF/session hardening, SSRF/file upload safety, secrets management. . Live coding: secure PDF streaming proxy with “check vs stream” logic and error forwarding. . DB: schema/index proposals for patient sections/history and efficient exports. . Short job board version . Title: Senior FullStack Engineer . Summary: Own a healthcare web app endtoend (Python/Flask/Celery/Postgres + Node/Express). Build secure APIs and proxies, audio/transcript pipelines, dashboards, billing, and PDF/invoice flows. Lead DevOps, security, and performance. . Musthaves: 5+ yrs; Flask, Celery, Postgres, Node/Express; Docker/Compose; security (CSP/CSRF/headers); file uploads/streaming; CI/CD. . Nicetohaves: EHR integrations, Form.io, Azure/AWS/GCP, HIPAA workflows. . Location: [Remote/Hybrid/Onsite] . Compensation: [Range/Bands] . Apply: [Email/ATS link] . Qualifications . 5+ years of fullstack development with production ownership. . Python ecosystem: Flask, Gunicorn, Celery, Redis, Postgres, psycopg, conda/venv, FFmpeg/pydub. . Node.js ecosystem: Node 18+, Express 5, axios, multer, helmet, expressratelimit, csrf, marked, nodefetch/undici. . Web app delivery: HTML/CSS/JS, UX for dashboards/wizards/modals/drawers, performance optimization. . Architecture & operations: Docker/Compose, environment config, secrets via env vars, git workflows. . Security: API key enforcement, session security, CSRF, CSP, rate limiting, secure headers, file upload safety. . Nice to have . EHR integrations (Charm or similar), HIPAAaligned workflows. . Form platforms (Form.io), PDF generation/signing, invoice pipelines. . Cloud experience (Azure/AWS/GCP) and managed Postgres. . CI/CD (GitHub Actions), IaC/Terraform, container orchestration. . Data privacy/compliance experience (audit trails, access controls). . Company Location: India.