Senior Full Stack Developer
Role details
Job location
Tech stack
Job description
We are a clinical diagnostic laboratory serving customers under HIPAA and PCI DSS regulatory frameworks. We are hiring a Senior Full Stack Developer to design, build, and own our new customer portal - a secure, customer-facing web application hosted in Microsoft Azure that will handle customer identity, online payments, order and billing history, and (in a later phase) laboratory results delivery.
This is a builder-owner role. You will be the primary developer on a greenfield product with real users, real revenue impact, and real regulatory stakes - supported by a technical Director (your manager, an experienced .NET/SQL developer), a dedicated security lead who owns identity policy and the security architecture, and a junior Python developer/DBA who will look to you for code direction and review.
You will not inherit legacy code. You will make foundational decisions, defend them in code review, and live with them - with senior technical backup, not in a vacuum.
What You Will Own
- The customer portal, end to end. Architecture, implementation, deployment, and operation of a customer-facing web application: C#/.NET backend, TypeScript/React front end, Azure PaaS (App Service or Container Apps, Azure SQL, Key Vault, managed identities).
- Payment integration. Integrate our payment gateway (currently PayFabric) using hosted-checkout / tokenization patterns so that cardholder data never touches our systems, keeping us in minimal PCI scope. You will be expected to understand why this matters and to protect that boundary.
- Customer identity integration (app side). Implement sign-up, sign-in, and session handling against Microsoft Entra External ID. Our security lead owns the tenant, Conditional Access, and identity policy; you own the OIDC integration, token validation, and application-side account experience.
- Audit instrumentation. Build structured audit logging for sensitive data access (who viewed what, when) into the application from day one, feeding Azure Log Analytics. This is a core deliverable in a HIPAA environment, not an afterthought.
- System integrations. Build and own API integrations with Salesforce (including a Salesforce-based LIMS delivered by an external implementation partner) and, in partnership with our Director, Microsoft Business Central. You will work directly with the LIMS vendor to obtain sandbox access, schema documentation, and realistic timelines - comfort managing an external vendor is part of this job.
- Code direction for a junior developer. Set the code-quality bar for our junior Python developer/DBA: review her work, establish secure coding standards (secrets management, dependency hygiene), and model good delivery habits. This is technical mentorship, not people management - she does not report to you.
- Internal web applications (later phases). After the portal ships, help build self-hosted internal tools alongside the Director.
Requirements
- 5+ years of professional full stack development experience, with at least one product or major application you carried from design through production operation.
- C#/.NET backend development (ASP.NET Core preferred) and TypeScript with a modern front-end framework (React or similar).
- Microsoft Azure PaaS experience: App Service or Container Apps, Azure SQL, Azure Key Vault with managed identities, CI/CD (Azure DevOps or GitHub Actions).
- REST API integration depth, including OAuth 2.0 / OIDC flows, webhook handling, retry/error design, and working against third-party vendor APIs.
- Secure development habits as reflexes: secrets in Key Vault (never in code or config), least-privilege service identities, input validation, and dependency management. We operate under Zero Trust principles and will ask you to demonstrate this in the interview.
- Ability to work independently, communicate clearly with non-developers, and push external vendors for what you need without being steamrolled.
Strongly Preferred
- Experience building or operating applications in a regulated environment (HIPAA, PCI DSS, SOC 2, or similar) - especially audit logging, data classification, or compliance-driven design.
- Customer-facing identity experience: Entra External ID / Azure AD B2C, Auth0, Cognito, or equivalent.
- Payment gateway integration experience with hosted-fields or tokenization patterns.
Nice to Have
- Salesforce familiarity - consuming Salesforce data via its REST/Bulk APIs. Expertise is not required.
- Python (our junior developer works in Python; being able to review her code is a plus).
- Microsoft Business Central or other ERP integration exposure.
- Experience working alongside external implementation partners or consultancies.
Benefits & conditions
Pulled from the full job description 401(k) Health insurance 401(k) matching Paid time off Vision insurance Dental insurance Life insurance, Our Environment
- Microsoft shop: Azure, Microsoft 365, Entra ID, Intune-managed endpoints, Defender/Sentinel security stack, Purview compliance tooling.
- Small, senior-friendly team: you, a technical Director (.NET/SQL), two systems and security admins, a junior developer/DBA, and two help desk technicians supporting 175 users.
- HIPAA and PCI DSS regulated. Security is not a slide deck here - phishing-resistant FIDO2 authentication, Conditional Access, and Zero Trust architecture are already deployed. You will build on that foundation, and your work will be held to it.
- Background check required prior to hire, consistent with our regulatory obligations.
Pay: $140,000.00 - $175,000.00 per year, * 401(k)
- 401(k) matching
- Dental insurance
- Health insurance
- Life insurance
- Paid time off
- Vision insurance