Senior Backend Engineer (Go/Node, AI-Aware)
Help us build privacy-first, AI-aware marketplace services that connect patients with verified providers worldwide.
On This Page
Role Summary
You'll design and ship high-impact backend services (Go or Node.js) that power search, booking, messaging, reviews, and provider quality signals. "AI-aware" means integrating LLM-driven features safely (RAG, semantic search, classification) with strong privacy, observability, and guardrails.
Trust & safety by design
Everything we build respects data minimization, least privilege, and measurable safety outcomes. HIPAA-aware patterns where applicable; consumer-health and state privacy sensitivities considered.
What You'll Do
- Own services from technical design → implementation → rollout → SLOs and on-call quality.
- Model domains (patients, providers, inventory, content, signals) with clear boundaries and events.
- Build APIs & jobs that are observable (traces/metrics/logs), resilient, and cost-aware.
- Collaborate with product, data, security, and ops; write clear design docs and RFCs.
- Improve developer experience (build times, CI, test data, feature flags, safe migrations).
- Mentor engineers; raise the bar on code reviews, testing depth, and incident retros.
AI-Enabled Backend Scope
Retrieval-Augmented Generation (RAG)
Examples: Provider profile Q&A; policy-aware content drafting for staff; internal runbooks.
Risk/Controls: Source attribution, de-identification, caching TTLs, prompt templates versioned, human-in-the-loop for public outputs.
Semantic Search & Matching
Examples: Vector search for treatments, insurance, languages; smarter provider/patient routing.
Risk/Controls: Bias tests, fallback to keyword, A/B holdouts, explainability logs.
Classification / Moderation
Examples: UGC triage, safety flags, spam/abuse heuristics, duplicate detection.
Risk/Controls: Threshold tuning, appeal paths, audit trails, rate-limit & IP allow/deny lists.
Quality Signals
Examples: Responsiveness, fulfillment latency, review integrity features.
Risk/Controls: Feature governance, drift monitoring, periodic recalibration.
| Area | Examples | Risk/Controls |
|---|---|---|
| Retrieval-Augmented Generation (RAG) | Provider profile Q&A; policy-aware content drafting for staff; internal runbooks. | Source attribution, de-identification, caching TTLs, prompt templates versioned, human-in-the-loop for public outputs. |
| Semantic Search & Matching | Vector search for treatments, insurance, languages; smarter provider/patient routing. | Bias tests, fallback to keyword, A/B holdouts, explainability logs. |
| Classification / Moderation | UGC triage, safety flags, spam/abuse heuristics, duplicate detection. | Threshold tuning, appeal paths, audit trails, rate-limit & IP allow/deny lists. |
| Quality Signals | Responsiveness, fulfillment latency, review integrity features. | Feature governance, drift monitoring, periodic recalibration. |
We validate AI features with offline evals, red-team prompts, and production guardrails (feature flags, sampling, rollbacks).
Architecture & Reliability
- Service seams with idempotent endpoints, retry/backoff, circuit breakers, and bulkheads.
- Event-driven patterns for async workflows; outbox/inbox for exactly-once semantics.
- Data: normalized OLTP for correctness; managed caches; columnar/warehouse for analytics.
- Security: MFA, least-privilege IAM, KMS secrets, audit logging, PII scoping & tokenization where sensible.
- Reliability: SLOs, error budgets, canary releases, automated rollbacks, incident runbooks.
Tech Stack & Tooling
Languages
Preferred: Go, Node.js (TypeScript)
Pick the right tool per service; shared lint/test standards.
Data
Preferred: PostgreSQL, Redis
Strong migrations, partitioning/indices, safe online changes.
Messaging
Preferred: Kafka or cloud equivalents
Schema registry, consumer lag dashboards, DLQs.
AI
Preferred: Embeddings/LLMs (provider-agnostic), vector store
RAG pipelines, eval harnesses, prompt/version control.
Infra
Preferred: Containers, IaC, CI/CD
Blue/green or canary deploys, policy as code, artifact signing.
Observability
Preferred: OpenTelemetry, logs/metrics/traces
SLOs on p95 latency, error rate, saturation, cost.
| Layer | Preferred | Notes |
|---|---|---|
| Languages | Go, Node.js (TypeScript) | Pick the right tool per service; shared lint/test standards. |
| Data | PostgreSQL, Redis | Strong migrations, partitioning/indices, safe online changes. |
| Messaging | Kafka or cloud equivalents | Schema registry, consumer lag dashboards, DLQs. |
| AI | Embeddings/LLMs (provider-agnostic), vector store | RAG pipelines, eval harnesses, prompt/version control. |
| Infra | Containers, IaC, CI/CD | Blue/green or canary deploys, policy as code, artifact signing. |
| Observability | OpenTelemetry, logs/metrics/traces | SLOs on p95 latency, error rate, saturation, cost. |
Requirements
Must-have
- • 5+ years building production backend services in Go or Node.js.
- • Strong PostgreSQL schema design, query tuning, and migration discipline.
- • Experience with event-driven architectures and structured observability.
- • Security mindset: authN/Z, secrets, least privilege, safe logging.
- • Clear writing: design docs, RFCs, post-incident reviews.
- • Time-zone overlap with US/EU teams; professional English.
Nice-to-have
- • LLM/RAG, embeddings, vector search, semantic pipelines.
- • Performance profiling (pprof, flamegraphs) and cost optimization.
- • Healthcare marketplace or other safety-critical domains.
- • Privacy-preserving data handling (tokenization, k-anonymity patterns).
- • Infra as code, policy as code, or SRE experience.
| Must-have | Nice-to-have |
|---|---|
|
|
We welcome diverse backgrounds. If you meet most requirements and are eager to learn the rest, please apply.
30/60/90-Day Milestones
30 days
Prod access & on-call shadow; ship a small service change; draft your 6-month growth plan.
60 days
Lead a medium project; add dashboards & SLOs; reduce a top p95 by ~15% with a focused PR set.
90 days
Own a service area; propose an AI-aware improvement with metrics & guardrails; mentor a teammate.
| Timeframe | Outcomes |
|---|---|
| 30 days | Prod access & on-call shadow; ship a small service change; draft your 6-month growth plan. |
| 60 days | Lead a medium project; add dashboards & SLOs; reduce a top p95 by ~15% with a focused PR set. |
| 90 days | Own a service area; propose an AI-aware improvement with metrics & guardrails; mentor a teammate. |
Hiring Process
Intro
15–25 min with recruiter/hiring manager on role, logistics, motivations.
Technical
Design exercise + code review or live pairing; we accept prior work samples when feasible.
Panel
Cross-functional conversations; system design, reliability, security, collaboration.
Offer
Transparent comp band (location-indexed where required), benefits, start date. Background check post-offer where lawful.
| Stage | What to expect |
|---|---|
| Intro | 15–25 min with recruiter/hiring manager on role, logistics, motivations. |
| Technical | Design exercise + code review or live pairing; we accept prior work samples when feasible. |
| Panel | Cross-functional conversations; system design, reliability, security, collaboration. |
| Offer | Transparent comp band (location-indexed where required), benefits, start date. Background check post-offer where lawful. |
Accommodation requests: email care@clinicbooking.com with subject "Interview Accommodation".
Apply
Send your CV/LinkedIn/GitHub and a few lines on a system you're proud of to careers@clinicbooking.com. Please include your location and possible start date.
Apply NowLegal Notices
- Equal Opportunity Employer: We provide equal employment opportunities regardless of protected status and comply with applicable laws.
- Export controls: Some roles may be subject to U.S./EU export control or sanctions screening; employment may require eligibility under those rules.
- Privacy: See our Applicant/Candidate Privacy Notice and Records Retention Summary.
- Security: Employees must follow our Security & Vulnerability Disclosure expectations.
- Owner/Operator: Spyface Tech Company, LLC (d/b/a "ClinicBooking"), 30 N Gould St Ste N, Sheridan, WY 82801, USA · Contact: hello@spyface.com (corporate), care@clinicbooking.com (careers).