[Remote] Sr. Software Engineer

Note: The job is a remote job and is open to candidates in USA. Bixal is a consulting company headquartered in Fairfax, VA, working alongside governments and organizations to improve service delivery. They are seeking a Senior Software Engineer to design and deliver a Generic Data API Platform, ensuring compliance with healthcare regulations and leading the onboarding of data partners.

Responsibilities

• Lead the design, development, and deployment of the Generic Data API Platform — a reusable Terraform module and Lambda-based pipeline that enables rapid onboarding of new data source APIs across different programs without custom infrastructure builds per dataset
• Complete and deliver remaining platform phases: implement generalized data validation logic; work with data source teams to implement and configure endpoint querying logic; implement API capability discovery endpoints; conduct end-to-end integration testing across platform components; lead security review and performance validation; and drive the initial dataset API to production go-live
• Implement OAuth 2.0 machine-to-machine authentication via AWS Cognito, ensuring that external consumers can authenticate against the platform with appropriate scope enforcement and usage-tier access controls
• Champion the API platform internally — serve as the primary point of contact for partner data teams seeking to onboard new datasets, define the onboarding contract, and guide teams through the configuration and deployment process
• Develop and maintain operational runbooks, FHIR API documentation, and data team onboarding guides that enable partner teams to self-serve troubleshooting and data refreshes without requiring infrastructure team involvement
• Own platform SLOs: API availability > 99.9%, error rate
• Lead the API migration to the generic platform (Phase 2), validating that the module generalizes and establishes shared operational patterns across multiple concurrent datasets
• Coordinate across teams to advance platform delivery: work with partner data teams on data delivery contracts, timelines, and search parameter definitions; engage CloudOps on security reviews and network security configuration changes; align with solutions architects on platform generalization and multi-dataset scale decisions; and involve data strategists when new data sharing agreements are required for a partner onboarding
• Enforce defense-in-depth security controls across all platform deployments: network-layer threat protection, encryption at rest and in transit, identity and access management, API key lifecycle management, and long-term audit log retention
• Monitor and optimize cloud infrastructure costs across platform deployments, leveraging serverless billing models, data lifecycle policies, and right-sized compute configurations to keep per-dataset costs sub-linear as the platform scales to 10 or more concurrent datasets
• Contribute to and maintain cloud infrastructure Terraform across infrastructure and application repositories, including importing manually managed cloud resources, refactoring existing modules, and applying community best practices
• Other relevant duties as assigned and qualified/trained to perform

Skills

• Bachelor's degree in a relevant field plus at least 8 years of experience, or a Master's degree plus 6 years of experience
• Demonstrated hands-on experience building and operating AWS serverless architectures: API Gateway (REST), Lambda, DynamoDB, S3, EventBridge, SQS, SNS, SSM Parameter Store, Secrets Manager, CloudWatch, and WAF
• Proficiency writing and maintaining Terraform at production scale, including modular design, multi-environment configuration (dev/val/prod), and state management
• Experience developing serverless functions in Python, including NoSQL database operations and writing testable, maintainable business logic with unit and integration test coverage
• Working knowledge of OAuth 2.0 flows, specifically client credentials (machine-to-machine), and practical experience with AWS Cognito user pools and resource server scopes
• Experience designing and implementing REST APIs with well-defined, versioned request/response contracts — including rate limiting, tiered usage plans, and consumer-facing API key management
• Strong understanding of defense-in-depth security: encryption at rest and in transit, network access controls, audit logging, and compliance requirements for federal systems handling PHI (HIPAA, FedRAMP, FISMA)
• Ability to work independently as the sole developer on a complex, multi-phase effort — managing phased delivery, communicating status to stakeholders, and making sound architectural decisions without day-to-day oversight
• Familiarity with CI/CD tooling — specifically GitHub Actions — sufficient to maintain existing workflows, manage secrets, configure cloud authentication, and diagnose failed runs
• Excellent written communication skills: capable of producing runbooks, architecture documentation, and onboarding guides that a new team member or partner data team can follow without additional context
• Ability to obtain and maintain a Public Trust clearance
• Familiarity with HL7 FHIR R4 standards — resource types, search parameter conventions, Bundle response format, and Capability Statement structure — and understanding of why FHIR compliance is mandated under federal agencies interoperability rules
• Familiarity with Databricks
• AWS certifications (Solutions Architect, Developer, or DevOps Engineer — Associate or Professional)

Benefits

• Flex hours
• 401K with matching incentive
• Parental Leave
• Medical/dental/vision benefits
• Flex Spending Account
• Company provided short-term disability and life insurance
• Commuter benefits
• Paid Time Off (PTO)
• 11 Paid holidays

Company Overview