Backend Developer Job Description Template (2026)

Full JD (copy-ready)

Paste this into your ATS or careers page. Edit the company name and any bracketed placeholders.

# Backend Developer — Job Description

## Role summary
A Backend Developer owns the server-side of our product: API design, data modeling, transactional correctness, and the operational health of the services behind our web and mobile clients. They ship REST and GraphQL endpoints in Node.js, Python, or Go, design PostgreSQL schemas that survive production scale, defend against OWASP Top 10 classes of attack, carry a pager for the services they ship, and partner with frontend and mobile engineers to keep API contracts stable across releases.

## Responsibilities
- Design REST and GraphQL APIs that handle 5K-10K RPS with rate limiting, idempotency keys, and circuit breakers around downstream calls.
- Model normalized PostgreSQL schemas with correct indexes, foreign keys, and constraints; write reversible migrations that run zero-downtime on tables with tens of millions of rows.
- Tune slow queries using EXPLAIN ANALYZE, add composite or partial indexes with measured impact, and manage connection pooling through PgBouncer or RDS Proxy.
- Implement OAuth2, OIDC, and JWT auth flows with refresh token rotation, revocation lists, and authorization checks on every resource (not just authentication).
- Set up background job processing in BullMQ, Sidekiq, or Celery with retry policies, dead-letter queues, and idempotent handlers.
- Instrument services with OpenTelemetry traces, structured logs in JSON, and Prometheus or Datadog metrics tied to user-facing SLOs.
- Define SLOs and error budgets; write PagerDuty alerts that fire on customer impact, not log noise. Own incident response and postmortems for services in their domain.
- Ship Terraform for the databases, caches, and queues their services depend on; review infra PRs for blast-radius implications.
- Defend against SQL injection, CSRF, SSRF, IDOR, and broken authorization through code review, parameterized queries, and CI-stage static analysis.
- Partner with frontend engineers on API contract design before implementation; version APIs without breaking older mobile clients in the field.
- Run load tests with k6 or Artillery before major releases; publish capacity plans that project growth headroom for the next 12 months.

## Must-have skills
- 4+ years shipping production backend services in at least one of Node.js (Express/NestJS/Fastify), Python (Django/FastAPI), Go, or Ruby on Rails.
- PostgreSQL 14+ fluency including query plan analysis, index strategy, and transaction isolation levels.
- Practical understanding of REST API design, idempotency, pagination, and versioning strategies.
- Hands-on experience with Redis for caching, rate limiting, or queueing, and ability to reason about cache invalidation trade-offs.
- Docker and at least one orchestrator (Kubernetes, ECS, Fly.io, or Nomad) at the level of writing and debugging manifests.
- CI/CD exposure in GitHub Actions, CircleCI, or GitLab CI including image builds, vulnerability scans, and canary or blue-green deploys.
- Solid grasp of OWASP Top 10, authentication flows, and production secret management via Vault, AWS Secrets Manager, or Doppler.
- Strong written English for async PR review, incident write-ups, and architecture design docs.

## Nice-to-have skills
- Experience with event-driven systems using Kafka, Pulsar, or NATS including consumer lag monitoring.
- gRPC and Protocol Buffers for internal service-to-service communication.
- SOC 2, HIPAA, or PCI compliance work at the application layer.
- Distributed transactions, sagas, or outbox patterns in a microservices environment.
- Contributions to an open-source backend framework, database driver, or tooling project.
- On-call leadership, incident command, or SRE-adjacent work.

## Tools and technology
- PostgreSQL / MySQL
- Redis
- Docker & Kubernetes
- Terraform
- GitHub Actions
- Datadog / Grafana / Prometheus
- Sentry
- PagerDuty
- AWS (RDS, SQS, ECS, Lambda)
- OpenTelemetry

## Reporting structure
Reports to the Engineering Manager or Backend Lead. Collaborates daily with frontend and mobile engineers on API contracts, with DevOps on infrastructure and deploys, and with product and QA on acceptance criteria and regression risk.

## Success metrics (KPIs)
- p95 API latency under 200ms on core endpoints; p99 under 500ms.
- Error rate under 0.5% on critical paths, tracked weekly in Datadog or Sentry.
- Zero unplanned downtime caused by shipped migrations.
- Mean time to recovery (MTTR) on P1 incidents trending down quarter-over-quarter.
- Test coverage on core business logic maintained or improved each sprint (behavioral, not line).
- Zero high-severity findings on the latest OWASP-style internal security review of owned services.