Lead Java Developer/Solution Architect (15-week contract)

The contractor will be responsible for leading the design and delivery of the API layer and application logic. A dedicated database consulting engineer will handle MongoDB cluster configuration, schema design, indexing, and performance tuning - the contractor will collaborate closely with them but will own the application-layer delivery.

Architecture & Design (Weeks 1-4, half-time)

• Design the Attribute-Based Access Control (ABAC) model, including policy attributes (clearance level, nationality, group/role, context), enforcement points, and decision logic
• Design the RESTful API architecture, including endpoint structure, request/response contracts, and error handling patterns
• Map out query patterns, access flows, and integration touchpoints with external systems (data storage and encryption services provided by partner organisations)
• Collaborate with the database consulting engineer on schema design, search strategy, and encryption approach to ensure the API layer aligns with the underlying data model
• Contribute to Infrastructure as Code design for deployment (Terraform or similar)

Build & Implementation (Weeks 5-15, full-time)

• Build a RESTful API layer in Java implementing full catalogue functionality:

• CRUD operations for metadata records

• Advanced search capability leveraging Atlas Search

• ABAC enforcement on all API operations, ensuring search results and data retrieval are filtered by the requestor's access attributes

• Secure storage and retrieval of encrypted key material (shard keys) via CS-FLE

• Implement unit tests to validate functional correctness
• Build automated data load and stress testing harnesses for the combined API and cluster deployment
• Perform integration testing against external partner systems (or appropriate stand-ins) to validate end-to-end data creation and retrieval flows
• Produce API documentation and integration guides for consuming systems
• Support knowledge transfer and handover activities in the final weeks of the engagement, * The contractor will work as part of a small, focused delivery team operating within a multi-vendor programme
• The catalogue integrates with separate data shredding/storage and encryption services delivered by other organisations - the contractor will need to collaborate across these boundaries but will not be responsible for those components
• All work will be conducted via VPN access to the client's cloud environment
• The client operates within a security-conscious environment; the contractor must be comfortable working within defined information handling and access constraints
• The role includes a knowledge transfer component in the final weeks of the engagement, including API documentation and integration guides for the client team

  If you require alternative methods of application or screening, you must approach the employer directly to request this as Indeed is not responsible for the employer's application process.

Do you have experience in VPN?, Do you have a Bachelor's degree?, * Java development - strong hands-on capability building production RESTful APIs (Spring Boot or similar framework)

• MongoDB - solid working experience with MongoDB, including querying, aggregation pipelines, and integrating MongoDB into Java application layers
• Atlas Search - practical experience designing and implementing search solutions using Atlas Search (or Lucene-based search within MongoDB)
• Security & encryption - experience with Client-Side Field Level Encryption (CS-FLE) or equivalent application-layer encryption patterns; understanding of key management concepts
• Infrastructure as Code - experience with Terraform or equivalent for deploying and managing application infrastructure
• API design - ability to design clean, well-documented RESTful APIs suitable for integration by multiple consuming systems
• Testing - experience with load/stress testing tools and approaches for validating API performance under realistic conditions
• Technical leadership - proven ability to make architectural decisions, produce design documentation, and communicate technical trade-offs to both engineering and non-technical stakeholders

Desirable

• Experience designing and implementing Attribute-Based Access Control (ABAC) systems; familiarity with policy-as-code frameworks (e.g. Casbin, OPA, or XACML-based systems)
• Experience with metadata standards such as DCAT, Dublin Core, or IES
• Experience working in UK public sector or defence environments
• Familiarity with multi-classification or multi-tenancy access models
• Experience with event-driven architectures and asynchronous processing patterns
• Understanding of consistency patterns in multi-service architectures (e.g. saga pattern, eventual consistency)
• Knowledge of data mesh or federated data architecture concepts
• Experience integrating with third-party data storage APIs (e.g. S3-compatible interfaces)