Lead Web Developer(TypeScript, PostgreSQL, NestJS, and Next.js)

We are looking for a Senior Web Developer with strong expertise in TypeScript, bPostgreSQL, NestJS, and Next.js, along with deep understanding of web security and scalable architectures. This is a hands-on role where you'll build the foundation of our web systems - designing, implementing, and optimizing the core architecture that other developers will build upon.

About the RoleYou'll act as the backbone developer, responsible for setting the technical direction, writing production-grade code, and ensuring every system is built for performance, security, and scalability. Your implementations will define the standard for the rest of the team. You'll work closely with backend engineers and product managers to deliver reliable, high-performing web applications that can evolve and scale over time.
Key Responsibilities

• Architect and develop scalable web applications using TypeScript, NestJS, and Next.js.
• Design and optimize PostgreSQL schemas, queries, and indexing for performance and reliability.
• Implement secure authentication systems, including passwordless and multi-factor authentication, passkeys, etc.
• Ensure compliance with best practices in web security, including encryption, CSRF/XSS protection, and API access control.
• Build core frameworks and reusable modules that enable other developers to work efficiently and maintain consistency across the codebase.
• Design and implement core logic for multi-vendor marketplace systems, including vendor onboarding, catalog management, and secure transaction flows.
• Lead architectural decisions that improve system reliability, scalability, and performance.
• Collaborate closely with other developers, conduct code reviews, and guide other engineers in following established patterns.
• Contribute hands-on to performance tuning, debugging, and refactoring.

Requirements

• At least 5+ years of experience in full-stack web development, with a strong focus on TypeScript, Node.js, NestJS, and Next.js.
• Expert-level TypeScript proficiency, including advanced concepts like generics, utility types, conditional types, mapped types, and discriminated unions.
• Demonstrated experience working across multiple programming languages and paradigms, with hands-on exposure to low-level systems languages like C++, Rust, or Go. Deep TypeScript expertise is required, but the ability to quickly pick up new syntax, understand language-level trade-offs, and apply cross-paradigm insights to TypeScript development is equally important.
• Strong command of advanced data structures and algorithms (trees, graphs, heaps, hash maps, etc.) and their practical application in real-world systems.
• Deep experience with data and type validation libraries (Zod, Yup, class-validator, io-ts, etc.) for runtime type safety and schema validation.
• Deep proficiency with PostgreSQL, including schema design, optimization, and performance tuning.
• Proven ability to architect and build secure, scalable, and maintainable systems.
• Solid understanding of authentication, encryption, and secure communication protocols.
• Experience applying TypeORM or similar ORM tools.
• Strong grasp of web application security fundamentals and ability to enforce them throughout the stack.
• Extensive experience in designing and integrating RESTful APIs and GraphQL endpoints, including schema design, query optimization, and secure data access patterns.
• Hands-on experience with WebSockets and real-time communication patterns, including Socket.io, WebSocket protocol and managing connection state at scale.
• Strong understanding of event-driven architecture patterns with hands-on experience in:
• Job queues and async task processing (BullMQ, Bull, Bee-Queue, or similar)
• Message brokers and event streaming (RabbitMQ, Apache Kafka, or AWS SNS/SQS)
• Idempotency guarantees, retry strategies with exponential backoff, and failure recovery patterns
• Event sourcing concepts and handling distributed system challenges
• Hands-on experience with monorepo tooling (Nx or npm workspaces) for managing multi-package architectures, shared libraries, and coordinated deployments across multiple applications.
• Proven experience architecting and implementing comprehensive authentication and authorization systems, including:
• Multi-method authentication (passkey support, email/password flows)
• Role-Based Access Control (RBAC) with granular permissions
• Email verification workflows and TOTP-based two-factor authentication
• Audit logging for security and compliance tracking
• Strong understanding of webhooks and reverse webhooks (polling, long-polling) for third-party integrations and event-driven communication between systems.
• Deep knowledge of Next.js rendering strategies (SSR, SSG, ISR, CSR) and ability to choose the optimal approach based on performance, SEO, and user experience requirements.
• Advanced data fetching expertise, including:
• Async/await patterns, Promise handling, and error boundaries
• Data caching strategies (in-memory, Redis, CDN)
• Connection pooling and database optimization
• Request deduplication and batching
• Pagination, infinite scroll, and lazy loading patterns
• Background jobs and queue management
• Familiarity with payment gateway integrations (Stripe, PayPal, etc.) and PCI compliance standards for handling sensitive financial data securely.
• Excellent written and verbal communication skills - ability to articulate complex technical concepts clearly to both technical and non-technical stakeholders.
• Strong documentation practices - experience writing clear, maintainable technical documentation, API documentation (with swagger), architecture decision records (ADRs), and code comments that help teams scale.
• Self-driven and equally productive working remotely or on-site - proven ability to manage time effectively, maintain consistent output, and communicate proactively regardless of work location.
• Hands-on programming ability - comfortable building first implementations from scratch that serve as the base for others.
• Ability to work collaboratively in cross-functional teams.

Nice to Have

• Hands-on experience with TanStack Query (React Query) - including cache management, optimistic updates, prefetching, and advanced invalidation strategies.
• Experience with KYC/AML process setup and integration with identity verification providers (e.g., Jumio, Onfido, Veriff) for compliance-driven applications.
• Background or familiarity with accounting principles, financial systems, or double-entry bookkeeping concepts.
• Security-first mindset with proactive attention to threat modeling, secure coding practices, and staying current with OWASP guidelines and common vulnerability patterns.
• Proficiency with code quality and formatting tools (ESLint, Prettier, Biome) and establishing consistent linting/formatting standards across large codebases.
• Familiarity with containerization and orchestration tools (Docker, Kubernetes).
• Experience with CI/CD pipelines and automated testing frameworks.
• Experience with monitoring and observability tools (Prometheus, Grafana, Sentry).
• Contributions to open-source projects or active technical blogging.

Do Not Apply If

• You have less than 5 years full-stack experience with TypeScript, NestJS, Next.js and PostgreSQL in production
• Cannot architect systems from scratch or make foundational architectural decisions
• No experience with systems languages (C++, Rust, Go) or polyglot development
• Haven't built authentication systems, job queues, WebSockets, or event-driven architectures
• Looking for fully remote work (3 days on-site in Rawalpindi is required) or unable to relocate.

If you're missing ANY of the above, do not apply. We will reject applications that don't meet these requirements.

Why Join Us?

• High Impact & Ownership: Your work will define the core systems that power our products and enterprise solutions. You'll have real technical ownership - not just writing code, but shaping architectural decisions that matter.
• Diverse Technical Challenges: Work on both our own innovative products (where you'll build from the ground up and see your vision come to life) and high-stakes enterprise client projects (where you'll solve complex, real-world problems at scale). This dual exposure keeps the work dynamic and accelerates your growth.
• Product Equity & Growth Potential: As you contribute to our own products, you'll share in their success and have the opportunity to grow with the company as our products scale.
• Premium Client Exposure: Working with enterprise clients means exposure to cutting-edge requirements, larger budgets for proper implementation, and the satisfaction of delivering solutions that impact major organizations.
• Technical Excellence: We prioritize doing things right - security, scalability, and long-term maintainability aren't optional. You'll work in an environment that values craftsmanship and best practices.
• Flexibility & Balance: Hybrid setup with 3 days on-site in Rawalpindi and 2 days remote. We trust you to manage your time and deliver results wherever you work best.
• Competitive Compensation: Attractive salary package with performance-based bonuses that reward your impact.

Job DetailsLocation: Hybrid (3 days on-site at Saddar, Rawalpindi [YOUR ADDRESS])Employment Type: Full-TimeCompensation: Competitive salary with performance-based bonuses.

Ready to Apply?If you’re driven by building secure, scalable web systems and want to own the backbone of complex architectures, we’d love to hear from you. Apply now or reach out for more information.

Job Type: Full-time

Pay: Rs300,000.00 - Rs700,000.00 per month

Work Location: In person