Software Engineer / Tech Lead — Cloud-Native Modernization

Job Title: Software Engineer / Tech Lead — Cloud-Native Modernization Location: Bethesda, MD (Hybrid / Mostly On-Site) Engagement Type: Full - Time Clearance: Able to obtain Public Trust clearance upon hire About us: At Stackular, we are more than just a team – we are a product development community driven by a shared vision. Our values shape who we are, what we do, and how we interact with our peers and our customers. We're not just seeking any regular engineer; we want individuals who identify with our core values and are passionate about software development. Role Overview Stackular is seeking a hands-on Software Engineer / Tech Lead to provide cross-stack technical leadership on a multi-year cloud-native modernization initiative supporting a federal research client within the National Institutes of Health (NIH). This role operates as the senior engineering voice on a cross-functional team that spans application development, cloud infrastructure, data integration, automation, and security. The portfolio under modernization includes roughly twenty legacy applications transitioning from .NET, Oracle, and SAP BusinessObjects on VM-based hosting to an AWS-managed, microservices-based platform delivered through a federated GraphQL API layer and a React/TypeScript frontend. This position is ideal for engineers who can both write production-grade code and exercise sound technical judgment when changes cross domain boundaries — reviewing architecture, APIs, infrastructure, and data work side-by-side, and helping a newly integrated DevSecOps team deliver coherent, secure, operable systems. Key Responsibilities Technical Leadership & Code Review • Provide hands-on technical leadership across modernization engineering work, including application code, APIs, cloud infrastructure, automation pipelines, and database changes. • Review pull requests that affect any layer of the stack; approve or recommend changes based on implementation risk, API design, data impact, security posture, deployment readiness, and architectural alignment. • Enforce consistent engineering patterns for APIs, distributed services, cloud deployment, data integration, observability, and secure configuration. • Uphold the program's modern engineering and cloud architecture standards, including microservice boundaries, schema governance, and infrastructure-as-code guardrails. Architecture & Engineering Execution • Help engineering teams translate target architecture decisions into working, maintainable code on the approved AWS technology stack. • Guide design and implementation of containerized microservices using Python (FastAPI), GraphQL subgraphs (Apollo Federation), and React/TypeScript frontends. • Advise on data architecture decisions involving Amazon RDS PostgreSQL, AWS Glue data pipelines, and legacy system integrations following the Strangler Fig migration pattern. • Support secure-by-default cloud delivery on Amazon EKS using Terraform, GitHub Actions CI/CD, and AWS-native services (Secrets Manager, CloudWatch, X-Ray, WAF, ALB). • Contribute to and review Architecture Decision Records when implementation choices deviate from approved patterns or introduce new technologies. Cross-Team Coordination & Mentorship • Partner with the project stakeholders to identify technical dependencies, blockers, and sequencing issues during backlog refinement, sprint planning, and release coordination. • Coordinate with the Enterprise Architect, application development leads, infrastructure and operations engineers, and security personnel when changes require specialized review or have architectural, operational, or compliance implications. • Translate architecture and security guidance into practical, day-to-day implementation advice for engineers across the team. • Mentor engineers on cloud-native delivery practices, distributed system patterns, secure development, observability, and operational ownership. Required Skills & Qualifications • 7+ years of professional software engineering experience, with at least 2 years in a technical lead, staff engineer, or principal engineer capacity on production cloud systems. • Proven ability to reason across the full stack — frontend, backend, API, database, cloud infrastructure, automation, and security — and to evaluate the downstream impact of cross-boundary changes. • Demonstrated experience designing, building, or reviewing distributed systems and microservice-style architectures, including API contracts, data ownership boundaries, and inter-service communication patterns. • Strong, hands-on proficiency in Python (FastAPI or equivalent framework) and a modern frontend ecosystem (React with TypeScript preferred). • Production experience with GraphQL APIs; familiarity with federated GraphQL (Apollo Federation, schema composition, schema governance, breaking-change detection in CI) is strongly preferred. • Deep working knowledge of AWS cloud-native services, including EKS/Kubernetes, RDS PostgreSQL, S3, IAM, Secrets Manager, CloudWatch, and VPC networking. • Practical experience with Infrastructure as Code (Terraform), containerized delivery (Docker), and CI/CD automation (GitHub Actions or equivalent). • Experience integrating modern services with legacy systems (.NET, Oracle, SAP BusinessObjects, or comparable) and executing incremental migrations using patterns such as Strangler Fig. • Working knowledge of secure software delivery, including identity federation (OIDC, SAML 2.0, OAuth2), secrets management, RBAC, audit logging, and compliance evidence collection. • Strong written and verbal communication; ability to explain technical tradeoffs clearly to engineers, program leadership, and non-technical stakeholders. • Collaborative technical leadership style suited to a cross-functional team where influence comes from clarity, judgment, and trust rather than formal hierarchy. Technical Skills Cloud Platform: AWS (EKS, RDS PostgreSQL, S3, Glue, IAM, Secrets Manager, CloudWatch, X-Ray, WAF, ALB, Route 53) Languages: Python (FastAPI), TypeScript/JavaScript; working familiarity with .NET / C# for legacy interop APIs: GraphQL (Apollo Federation), REST, API gateway design, schema governance and versioning Frontend: React with TypeScript, component-based design systems Data: PostgreSQL, AWS Glue ETL, SQL/NoSQL patterns, integration with legacy Oracle and reporting platforms DevOps Tools: GitHub Actions (preferred), GitLab CI, Jenkins, or equivalent CI/CD platforms Containers & Orchestration: Docker, Kubernetes (Amazon EKS), Helm Infrastructure as Code: Terraform (modules, remote state, policy-as-code) Observability: Amazon CloudWatch, AWS X-Ray, Prometheus, Grafana, ELK stack Security: OAuth2, OIDC, SAML 2.0, AWS Secrets Manager, IAM, container/image scanning, dependency scanning, SAST/DAST integration in CI Preferred Qualifications • Experience supporting federal modernization or compliance-driven environments (FISMA, NIST 800-53, FedRAMP Moderate/High). • Background producing or guiding cATO-related technical evidence (control narratives, scan results, IaC posture, observability artifacts). • Hands-on experience with AWS Glue or comparable serverless ETL tooling for governed data integration. • Exposure to event-driven architectures and change-data-capture (Kafka, Amazon MSK, Debezium, etc.) • Familiarity with Apollo Federation tooling, schema registries, persisted queries, and breaking-change detection workflows. • Prior experience working in or alongside cross-functional DevSecOps teams that integrate infrastructure, application development, and security personnel. Nice to Have • AWS certifications (Solutions Architect Professional, DevOps Engineer Professional, or Security Specialty). • Certified Kubernetes Administrator (CKA) or comparable orchestration certification. • Experience with zero-trust network architectures and federal identity integration (Entra ID, OIDC, SAML 2.0 federation). • Exposure to AI/ML-assisted development practices and developer productivity tooling. • Experience contributing to Architecture Decision Records and engineering guardrails in regulated environments. • Familiarity with NIH or other federal research IT environments and their compliance, identity, and networking baselines.