Job Description

About Us

We’re unifying several self-hosted, open-source platforms (Email, SMS, Meetings, CRM, and Print) into a single, cohesive web application. We own the code and the data: our apps run on our cloud servers (Ubuntu, WHM/cPanel), with select third-party services for delivery (e.g., Twilio, SendGrid, Zoom, Google Calendar). Your work will power a clean, mobile-responsive experience that gives customers real-time oversight across all their subaccounts.

Note: This is a web app role. Some mobile experience is welcome, but if your background is primarily native mobile, this won’t be the best fit.

The Opportunity

Lead the first wave of platform unification: ship an SSO-backed Admin Hub, a tenant/identity directory, an account-linking service, and a read model that provides near-real-time subaccount visibility across Laravel apps, MailWizz (Yii), and WordPress—while driving UX for a fast, consistent, mobile-responsive dashboard.

What You’ll Do

Identity & Access

• Implement SSO (OIDC/OAuth2) via Keycloak or Authentik; integrate with Laravel, MailWizz (Yii), and WordPress/Woo.
• Define RBAC and impersonation flows with comprehensive audit logging.
• Harden session management, JWT handling, and secrets rotation.

Directory, Mapping & Read Model

• Design a canonical directory for organizations, subaccounts, users, and roles.
• Build an Account Linking Service mapping canonical IDs ⇄ app-native IDs (MailWizz customer, Ultimate SMS user, WP user, etc.).
• Expose lightweight metrics endpoints (or read-only SQL views) in each app and implement ETL/cron into an Operational Data Store (ODS) for near-real-time dashboards (≤5-minute lag target).

Admin Hub & UX

• Ship a Laravel Admin Hub with cross-app usage cards, reporting, health indicators, and one-click deep-links.
• Lead UX: wireframes, prototypes, and user flows; establish a responsive design system and reusable component library.
• Validate flows with real users and iterate for speed and clarity.

Development & Integration

• Build and maintain features across Laravel and Yii (MailWizz); create APIs to unify workflows between SMS, Email, Meetings, CRM, and Print.
• Ensure compatibility for multi-PHP environments (e.g., PHP 8.2+ for Laravel and MailWizz requirements) using WHM/cPanel PHP-FPM pools.

Security, Observability & Ops

• Enforce encryption in transit/at rest, least-privilege DB access, and backup integrity.
• Stand up Sentry (errors), Prometheus/Grafana (metrics), and centralized logs (e.g., OpenSearch/ELK).
• Collaborate with infra to keep Ubuntu packages and PHP versions current and stable.

How We Work (Non-Negotiables)

Git & GitHub Discipline

• Daily Git fluency: feature branches, rebasing, clean PRs, code reviews, protected branches, release tagging (SemVer).
• Comfortable with multiple repositories and GitHub Projects/Issues.
• CI/CD with GitHub Actions (or similar).

If you don’t actively use Git/GitHub workflows, this role isn’t a fit.

AI-Native Development

• You use AI as a force-multiplier (e.g., GitHub Copilot, Cursor) to spec, scaffold, test, and refactor safely.
• We expect thoughtful AI use that yields ~3–5× throughput without sacrificing code quality or security.
• Negative stance on AI-assisted development is a poor fit here.

Web-First Mindset

• Strong HTML/CSS/JavaScript fundamentals and responsive UI skills.
• Mobile-responsive web delivery is preferred over pure native mobile.

Qualifications

Must-Haves

• 3–5 years PHP, strong Laravel; working Yii (MailWizz plugin/extension experience a plus).
• HTML/CSS/JavaScript proficiency; building responsive, accessible web UIs.
• Git/GitHub mastery: PR etiquette, reviews, branching strategies, SemVer, GitHub Actions.
• OIDC/OAuth2; hands-on with Keycloak or Authentik preferred.
• RBAC, JWT, impersonation, and audit logging patterns.
• MySQL/MariaDB, SQL views, ETL/cron; designing simple ODS/read-model schemas.
• Ubuntu + WHM/cPanel deployments; managing multi-PHP FPM pools.
• Day-to-day use of GitHub Copilot and/or Cursor (or similar AI tools).

Nice-to-Haves

• WordPress/Woo OIDC SSO integration.
• Vue/React/Tailwind for Admin Hub components.
• Prometheus/Grafana, OpenSearch/ELK.
• Familiarity with Twilio, SendGrid, Zoom, Google Calendar APIs.
• MailWizz internals and deliverability concepts.

Performance Objectives

• 30 Days

o Select IdP; wire SSO into Admin Hub + one Laravel app + WordPress.

o Draft directory schema and account-linking spec; publish lightweight ADRs.

• 60 Days

o Ship Account Linking Service; backfill mappings for existing customers.

o Enable impersonation + audit; expose first metrics endpoints from 2 apps.

• 90 Days

o Launch Admin Hub MVP (read-only): org/subaccount browser, usage dashboards (≤5-minute lag), health flags, deep-links.

• 6 Months

o Harden RBAC; expand feeds to all apps; observability dashboards live; design system standardized.

• 12 Months

o Polished, mobile-responsive unified dashboard across apps; author migration feasibility brief (event bus vs. monolith).

What Makes a Top Performer Here

• Systems thinker: designs for multi-tenant realities and cross-app workflows.
• User advocate: distills complexity into fast, simple flows.
• Builder at scale: anticipates high-volume edge cases and failure modes.
• Security-minded: balances strict authentication with frictionless UX.
• AI-positive craftsperson: pairs judgment with smart tools to move faster.

Red Flags (Save Your Time)

• Light Git experience or discomfort with GitHub PR/review workflows.
• Primarily native mobile background with minimal web app delivery.
• Negative attitude toward AI-assisted development.

Hiring Process (What to Expect)

1. Intro call (fit & portfolio).
2. Technical deep dive (OIDC, RBAC, data modeling).
3. Hands-on exercise (≤2 hrs): scaffold a tiny Laravel Admin Hub stub (OIDC login stub, Organizations into the Subaccounts list from seed data, JSON /metrics contract for one external app, and a stubbed “Open as subaccount” button). We evaluate structure, Git hygiene, security awareness, and smart AI usage, not pixel polish.
4. Team chat (UX + platform alignment).

Apply

Send:

• Your GitHub and portfolio.
• Two PRs you’re proud of (any repo) and a short note on why.
• One example of AI-assisted work (prompt/task to yield assisted outcome).
• (Nice) Any past OIDC/SSO or admin-analytics hub work.

Ready to help us unify a mission-critical web platform, and ship faster with AI?

Apply with the materials above by emailing [email protected]

Job Tags

Similar Jobs