Senior Full-Stack Developer β LifeChef Healthcare Platform | Medically Tailored Meals | HIPAA-Compliant
Hard requirements: Next.js App Router (not Pages) β’ TypeScript β’ AWS serverless β’ PostgreSQL β’ AI-assisted development workflow β’ Regulated industry experience. If you don't meet all of these, this isn't the role.
What You'll Build
LifeChef delivers Medically Tailored Meals through a HIPAA-compliant healthcare platform with clinical workflows, insurance billing, and third-party integrations. You're not building a food app β you're building healthcare infrastructure that touches patients, providers, and payers.
We're a small, senior team building toward an agentic AI layer for clinical operations. The platform integrates with NetSuite, HubSpot, RCM billing systems, Stripe, Canvas (LMS), and healthcare APIs. The work is complex, consequential, and interesting.
We're hiring two senior full-stack developers simultaneously. Both will work on parallel tracks: one focused on the AI/backend integration layer, the other on the patient-facing experience. If both perform, both stay. This isn't a bait-and-switch β it's a deliberate strategy to compress our roadmap.
The Stack
Core (daily use):
- Frontend: Next.js 16 App Router, React 19, React Server Components, TypeScript 5.9
- State management: XState (complex clinical workflow state machines), Zustand (client state)
- UI: Radix UI primitives / shadcn/ui component architecture, Tailwind CSS 4, CVA
- Forms & validation: React Hook Form + Zod v4 schema validation
- Backend: Node.js, TypeScript, Python (for AI/ML pipelines)
- Database: PostgreSQL with Drizzle ORM, complex queries, window functions, ledger patterns
- Cloud: AWS β Lambda, CDK, Amplify Gen 2, EventBridge, Step Functions, S3, SQS/SNS, KMS
- Observability: Pino structured logging, AWS Lambda Powertools (metrics), PHI-safe audit trails
- Payments: Stripe (webhooks, reconciliation, idempotency)
- Testing: Vitest (unit, integration, security test suites), Testing Library
- IaC: TypeScript-first infrastructure (CDK + Amplify), not ClickOps
Integrations:
- NetSuite (ERP / source of truth for financials)
- HubSpot (CRM / patient engagement)
- RCM billing systems
- Canvas EMR
- OpenWebUI (internal AI gateway with RBAC)
Dev workflow:
- Enso methodology with BMAD framework for spec-driven, AI-assisted development
- Husky + lint-staged with automated secret scanning on every commit
- PHI scanning enforced in CI (not optional β the pipeline blocks on violations)
- Environment isolation validation, compliance checks, audit-PHI validation β all automated
- Docker Compose for local development
- GitHub Actions CI/CD
What We Actually Require
If you don't meet these, save us both the time. We're direct about this because we respect yours.
- 5+ years full-stack development with TypeScript as your primary language
- Next.js App Router in production. Not Pages Router. Not tutorials. Shipped, maintained, Server Components and all.
- PostgreSQL depth. You can write window functions, CTEs, and think in terms of ledger patterns, double-entry accounting, and audit trails.
- AWS serverless architecture. Lambda, CDK or Amplify Gen 2, event-driven patterns. IaC, not console clicking.
- 2+ years in a regulated industry (healthcare, fintech, payments). You understand what it means to handle PHI/PII, write audit logs, and build with compliance as a design constraint β not a checkbox.
- AI-assisted development is your default workflow. You use Claude Code, Cursor, Copilot, or similar daily. Not as autocomplete β as a thinking partner. You plan before prompting, you validate output, you know when to trust it and when not to. This is non-negotiable.
- Spec-driven development mindset. We use the Enso methodology with the BMAD framework β every feature starts with a clear spec before code is written. If you're used to jumping straight to code without understanding the problem first, this will be a culture mismatch.
- Strong async communication. You write clearly, you document decisions, you don't need to be chased for updates.
What Sets You Apart
Not required, but moves you to the top:
How We Evaluate
No algorithm puzzles. No whiteboard hazing.
- Quick-filter questionnaire (15 min) β Short, specific technical questions. If your answers show depth, you move forward.
- System design conversation (60 min) β Real scenario from our domain. We'll discuss architecture, tradeoffs, and how you think about data integrity in a healthcare context.
- AI-assisted live coding (90 min) β Build a real feature using AI tools. We're evaluating how you work with AI, not whether you can memorize APIs. Bring your preferred tools.
- CTO conversation (60 min) β Architecture, culture fit, your questions for us. If we both like what we see, we start the trial.
The 60β90 day trial sprint has defined success criteria at 30, 60, and 90 days. You'll know exactly what "success" looks like before day one.
The Team
Small, senior, primarily Ukraine-based. No junior developers. No dead weight. Everyone ships.
The CTO has 20+ years of full-stack experience across healthcare, threat intelligence (FBI/CIA/DOD clients), and enterprise platforms. Technical, direct, builds systems β not org charts.
We use the Enso methodology β spec-driven, AI-augmented development with the BMAD framework. Every feature has a clear spec, validation criteria, and defined outcomes before a line of code is written. Compliance isn't a department β it's enforced in the pipeline. PHI scanning, secret detection, environment isolation, and audit validation all run automatically on every commit and in CI.
We're building toward an agentic AI architecture for clinical operations. If you want to work at the intersection of healthcare, AI, and serious infrastructure β this is the role.
How to Apply
Reply with:
- One paragraph on why this role specifically interests you (not a generic cover letter)
- Your experience with regulated industries β what compliance constraints have you built around?
- Which AI tools you use daily and how
We read every response. Generic templates get skipped.
