Back-end engineer

  • Closed
  • US Company | Small ( employees)
  • LATAM (100% remote)
  • 3+ years
  • Short-term (20h)
  • HR / Recruiting
  • On-site

Required skills

  • Node.js
  • TypeScript
  • Nest.js
  • PHP

Requirements

Must-haves

  • As a Software Engineer – Test Automation, you will be responsible for designing, building, and maintaining our test automation solutions. This includes architecting the test automation capability within Blockgraph, building scripts and tools to identify bugs/defects prior to release into production and creating metrics to measure overall improvement of product/engineering health. We are looking for a developer with a strong affinity for (or is keen to learn) Testing/QA and can help implement bug/defect identification within an observability solution which will minimize manual testing and maximize automation and scalability. Your job will be to create tools which integrate within our CI/CD to help developers test their code and write E2E test cases. You will need to fully understand our product to build tests that will uncover regressions in our software. Your goal is to find the issues earlier (shift left principle) in an automated scalable fashion and minimize their impact in production.
  • This role is best suited for a programmer/developer who is interested in pursuing the Test/QA function. This role will be developing internal capabilities that are focused on our testing framework and processes.
  • This position is not fully remote and will require you to be in the office at least 2x/month to attend our in-person sprint planning sessions.
  • We cannot offer any visa/work authorization sponsorship at this time.
  •  Job Responsibilities:
  • Write a portion of the automation scripts “hands on keyboard” to improve the product quality
  • Build automation testing and scripts for infrastructure and platform
  • Drive optimization, testing, and tooling to improve the performance, availability, and scalability of the platform
  • Lead the conversion of manual ad-hoc processes to a fully automated scalable solution
  • Develop test plans including leading test plan reviews with engineers and cross-functional teams.
  • Participate in product design reviews to contribute to product design, testability and implementation.
  • Automate and improve testing within CI/CD through implementation of observability
  • Define the test framework, test preconditions and other test control and reporting functions to enable others to test functionality.
  • Develop observability into Test Automation Team performance and impact towards continued stability improvement of the product.
  • Provide technical mentorship on Test/QA for more junior members
  •  Minimum Qualifications:
  • Bachelors’ or Masters’ degree in Electrical and Computer Engineering, Computer Science or related field.
  • 3+ years of relevant experience in software engineering
  • Scripting (specifically Python or Bash)
  • Programming (specifically Java, Go, Javascript, Typescript)
  • Testing and/or Test Automation experience, a plus
  • Familiar with various tools or infrastructure used in automation
  • Experience in backend automation
  • Experience working with CI/CD pipelines
  • Collaboration experience with cross-functional teams to define automation solution for new features
  • Experience in cloud technologies (preferably AWS)
  • Detail oriented, flexible in the way that a startup requires, comfortable in a very collaborative and team-oriented environment
  • Strong analytical thinking skills and results driven personality
  • Experience in E2E automation test using Cypress, Selenium, or other tools a plus
  • Experience, interest or industry knowledge of advertising technology e.g. ad servers, SSPs, DSPs, DMPs etc., a plus
  • Our Employees are Guided By Our Company’s Values:
  • Customer Mindset: Our customers and the privacy of our customer’s data are at the center of everything we do.
  • Innovators: We don’t accept the status quo.
  • Seek to Compete: We compete hard for our customers’ business. And we always do it with integrity.
  • Ownership Mentality: We take personal accountability for serving our clients and providing them the best possible solutions.
  • Win Together: We believe that we can go farther together.
  • Why work for Blockgraph?
  • Blockgraph offers employees the best of both worlds – the excitement, speed and flexibility of working in a startup paired with the financial backing and support of some of the world’s largest media, entertainment and technology companies.
  • Come work with great people, solve interesting problems, and create meaningful positive impact for an industry.
  • In addition to these benefits we offer competitive salary and benefits, a flexible work environment, and access to professional development opportunities.
  • Blockgraph recruits, employs, compensates, and promotes regardless of race, religion, color, national origin, gender identity, disability, age, veteran status and other protected status as required by applicable law and as a matter of our company ethics.

Nice-to-haves

  • Desirable: AI/LLM Proficiency: You have experience in AI, particularly with Large Language Models (LLMs), and have used AI/ML frameworks to build practical, user-facing features. You're willing to take on the challenge to incorporate AI-powered recommendations, personalization, and predictive analytics into the mobile app. Mobile App Development Expertise: You have hands-on experience developing and deploying native or cross-platform mobile applications (React Native, Flutter, Swift, or Kotlin). You’re familiar with integrating social and payment-related features into mobile ecosystems. Full-Stack Experience: While mobile app development is your strength, you can also contribute to backend development and APIs to ensure seamless communication between the app and the platform.

What you will work on

  • This is a full-time role (40 hours/week) for a 2-month contract
  • Estimated Hours: 125-176 hours (depending on complexity and existing codebase readiness)
  • 1. Authenticate with SAML 2.0 using your IDP (8-12 hours)
  • - Configure SAML in Auth0 (e.g., set up a new connection, upload IDP metadata)
  • - Update login flow to replace existing authentication methods with SAML
  • - Ensure correct configuration of redirect URIs, assertion consumers, and logout endpoints
  • - Test using a staging IDP setup and debug assertion/audience mismatches
  • - Key Work: Auth0 setup, React Native login updates, testing
  • 2. Specify which web browser to trigger for SSO authentication (6-8 hours)
  • - Implement react-native-inappbrowser-reborn to control browser selection
  • - Add configuration parameter for browser preference (e.g., Chrome, Safari)
  • - Test integration across iOS and Android browsers
  • - Handle cases where the specified browser is unavailable
  • - Key Work: Browser selection settings, invocation handling, testing
  • 3. IP restrict app access (6-10 hours)
  • - Implement middleware to validate user IP against an allowlist/blocklist
  • - Configure IP restrictions in Auth0 or a proxy layer (e.g., AWS API Gateway)
  • - Add UI error handling to display appropriate access restriction messages
  • - Key Work: Middleware setup, Auth0 configuration, UI updates, testing
  • 4. Operate properly in an Android Enterprise Work Profile (8-12 hours)
  • - Use Android Enterprise test environment (e.g., Android Device Policy)
  • - Verify dependencies (storage, notifications, permissions) within the work profile
  • - Address storage isolation and cross-profile restrictions
  • - Key Work: Test environment setup, compatibility fixes, permissions adjustments
  • 5. Push out app config via MDM (12-18 hours)
  • - Define app configuration parameters (e.g., JSON payload) for MDM distribution
  • - Integrate with MDM provider SDKs (e.g., Intune SDK)
  • - Parse and apply MDM configurations on app startup
  • - Key Work: MDM setup, SDK integration, configuration parsing, testing
  • 6. Prevent unrecorded data exfiltration (10-15 hours)
  • - Enforce proxy/VPN whitelist for server communication
  • - Ensure HTTPS and strong TLS encryption for all transmissions
  • - Log outgoing requests for auditing
  • - Implement domain validation and SSL verification
  • - Key Work: Proxy/VPN setup, auditing, security enhancements, testing
  • 7. Prevent copy/paste (6-10 hours)
  • - Block clipboard access using platform APIs
  • - Implement UIPasteboard override (iOS) and ClipboardManager restrictions (Android)
  • - Use secureTextEntry flag for sensitive fields in React Native
  • - Key Work: Clipboard API overrides, secure input handling, testing
  • 8. Prevent screenshots (4-8 hours)
  • - Implement FLAG_SECURE for all Android activities
  • - Use UIScreenCapturedDidChangeNotification to detect iOS screenshots
  • - Display warnings or block actions when a screenshot is detected
  • - Key Work: Platform-specific security measures, UI enhancements, testing
  • 9. Prevent moving data between apps or to storage (8-12 hours)
  • - Use Android Scoped Storage and iOS App Sandbox for file isolation
  • - Disable sharing intents (e.g., Share API)
  • - Block access to external storage paths
  • - Key Work: File system restrictions, API adjustments
  • 10. Limit email/SMS to a specific app (10-15 hours)
  • - Implement deep links or custom schemes for launching designated email/SMS apps
  • - Add configuration options for preferred app selection
  • - Ensure fallback mechanisms for unavailable apps
  • - Key Work: Deep linking, app configuration, testing
  • 11. Prevent email/SMS (4-6 hours)
  • - Remove app features that invoke email/SMS actions
  • - Block programmatic email/SMS sending using platform APIs
  • - Key Work: Code adjustments, feature restrictions
  • 12. Prevent printing (6-10 hours)
  • - Disable export features that generate printable formats (e.g., PDFs)
  • - Block AirPrint using UIPrintInteractionController (iOS)
  • - Override print intents on Android
  • - Key Work: Export feature removal, platform print restrictions
  • 13. Lock/unlock the app with a code or biometric (12-16 hours)
  • - Use react-native-keychain or similar libraries for biometric authentication
  • - Securely store user-defined PIN or passcode
  • - Implement a custom lock screen to verify PIN/biometric authentication
  • - Key Work: Secure storage, lock screen UI, biometric integration
  • 14. Audit data handling in detail (15-20 hours)
  • - Implement detailed logging for data access and transactions
  • - Store logs securely (e.g., server logs, Datadog)
  • - Provide backend tools for reviewing audit trails
  • - Key Work: Data logging, backend integration, documentation
  • 15. Documentation (10-12 hours)
  • - Provide feature overviews and setup instructions (e.g., SAML, MDM)
  • - Document troubleshooting guides for common issues
  • - Ensure clarity and accessibility for client use
  • - Key Work: Clear, detailed, client-focused documentation