SourceIQ

Compensation

Full Description

Company: SourceIQ Location: Remote Compensation: Equity Competitive, based on experience Start Date: ASAP About SourceIQ SourceIQ is an AI-powered supplier intelligence, sourcing, and procurement platform built for enterprise-scale complexity. We help organizations discover, evaluate, onboard, and collaborate with suppliers while enforcing strict compliance, security, and audit requirements. We are building the infrastructure layer for enterprise procurement—a system of record that combines shared global supplier intelligence with tenant-isolated execution layers, AI-driven matching, and enterprise-grade governance. SourceIQ is not a CRUD app or a marketplace. It is a multi-tenant, workflow-heavy operating system for procurement. The Role We are hiring a Senior Backend Systems Engineer to build and harden the most complex backend systems in SourceIQ: authorization-aware APIs, tenant-scoped workflows, secure communications, and auditable state transitions. This role is for an engineer who thrives on systems correctness. You will work on backend services where mistakes don’t show up as bugs—they show up as security incidents, compliance failures, or broken enterprise trust. You will work closely with our Platform & Security Architect, product leadership, and frontend engineers to translate strict system rules into clean, enforceable backend implementations. What You’ll Do Backend Systems Engineering (Primary Focus) • Build and maintain API-level authorization and permission enforcement • Implement backend logic for RBAC, workflows, approvals, and messaging • Design and enforce tenant isolation across all data access paths • Implement object-level authorization to prevent IDOR and privilege escalation • Own backend correctness for: Supplier master vs tenant overlays RFPs, quotes, engagements, and messages Admin and enterprise configuration actions Workflow & State Management • Implement stateful workflows (approvals, registrations, lifecycle stages) • Model and enforce valid state transitions • Ensure all state changes are: Permission-checked Tenant-scoped Audit-logged (before/after) • Handle concurrency, idempotency, and race conditions safely APIs & Data Modeling • Design and implement clean, versioned REST APIs • Work with MongoDB / Cosmos DB using tenant-aware schemas • Optimize queries and indexes for multi-tenant scale • Avoid unsafe joins or cross-tenant data access patterns • Collaborate with frontend teams on API contracts and edge cases Security, Audit & Quality • Ensure all write operations emit audit events • Write backend tests covering: Permission boundaries Cross-tenant access attempts Role escalation edge cases • Participate in security reviews and architecture discussions • Help raise backend quality standards across the codebase Required Qualifications Core Technical Skills (Must Have) • 5+ years backend engineering experience in production systems • Strong experience with Node.js + TypeScript • Deep understanding of REST APIs and backend authorization • Experience working with multi-tenant data models • Strong grasp of RBAC, permissions, and access control • Experience with NoSQL databases (MongoDB, Cosmos DB, etc.) • Ability to reason about edge cases, failure modes, and abuse scenarios • Git/GitHub proficiency (PRs, reviews, CI workflows) SourceIQ-Relevant Experience • Backend enforcement of permissions (not UI-only checks) • Workflow-driven systems (approvals, statuses, transitions) • Secure messaging or engagement systems • Experience with cloud-native architectures (Azure preferred) • Writing code that must stand up to enterprise scrutiny Startup DNA (Essential Mindset) • You think in systems, not tickets • You care deeply about correctness, not just velocity • You don’t ship “we’ll fix it later” backend logic • You take ownership of what you build in production • You’re comfortable working in ambiguous problem space Nice to Have • Experience with SOC 2 or regulated enterprise platforms • Familiarity with Azure (App Services, Functions, Key Vault) • Experience with audit logging or compliance-heavy systems • Knowledge of distributed systems or event-driven architectures • Experience writing integration or API-level E2E tests Tech Stack (Context) • Backend: Node.js, TypeScript, NestJS / Express • Data: MongoDB / Cosmos DB, Azure SQL • Cloud: Microsoft Azure (App Services, Functions, Key Vault) • Architecture: API-driven, multi-tenant, audit-first • AI: Vector search, embeddings, Databricks, OpenAI APIs** Ready to Apply? Send your resume or GitHub profile and a brief note describing: A backend system you’ve built where permissions and data isolation mattered A complex edge case or failure mode you had to design around