Lead Backend & Cloud Engineer
Wonderfil
Lead Backend & Cloud Engineer
Full Time Employment | Hybrid in Santa Cruz, CA
About Wonderfil
Wonderfil builds smart refill stations that eliminate single-use plastics. Our IoT-powered machines dispense shampoo, detergent, and other household essentials across major retailers and universities. We’re scaling rapidly and looking for a Senior Backend / Cloud Engineer to design and build the foundation of our server-side systems — from infrastructure to APIs — powering the next generation of our connected refill ecosystem.
Role Overview
This is a foundational role. You’ll architect and implement Wonderfil’s cloud and backend platform from the ground up — spanning infrastructure, APIs, and data systems. You’ll collaborate closely with the software and hardware teams, but this will be your domain to shape: defining standards, selecting the right tools and services, and building a backend that’s secure, scalable, and easy to grow on. You’ll also be hands-on, writing clean, maintainable, and well-tested code that sets the standard for how we build.
Compensation
Wonderfil is a rapidly growing, venture-backed climate-tech startup, and we’re looking for someone who’s excited to grow with us over the long term. Our compensation package includes a competitive salary, generous stock options, and a full suite of benefits designed to support both your work and life.
-
Salary: $140,000+ DOE, plus equity options in a high-growth public benefit corporation
-
Benefits: Health insurance, unlimited PTO, paid holidays, and flexible work arrangements
You’ll have the opportunity to take ownership of core backend systems powering a national refill network—your work will directly shape the infrastructure eliminating single-use plastics across campuses and retailers nationwide.
What You’ll Do
Platform & Infrastructure
-
Evaluate our current platform and design a scalable, maintainable cloud architecture balancing performance, cost, and growth.
-
Choose and configure the right mix of services (e.g., ECS, Lambda, API Gateway, RDS, S3, CloudFront, IAM, or equivalents) based on best fit — not preset tooling.
-
Implement Infrastructure as Code (e.g., CDK, Terraform, or Pulumi) to ensure consistent, reproducible environments.
-
Oversee domain and certificate management (Route 53, SSL/TLS) as part of infrastructure ownership.
-
Build and maintain CI/CD pipelines with automated testing, deployments, and safe rollbacks.
Database & Data Management
-
Design and maintain a relational database schema (PostgreSQL) as the system of record.
-
Migrate existing NoSQL data (DynamoDB) where appropriate into the new schema.
-
Implement secure backups, replication, migrations, and retention policies.
-
Collaborate with the software team to model data entities that align with IoT devices, customers, and transactions.
Backend & APIs
-
Design and implement secure, high-performance REST or GraphQL APIs powering IoT machines, mobile apps, and internal tools.
-
Develop backend services for payments, subscriptions, credit balances, and receipts (integrating with providers like Stripe).
-
Support internal tools for device configuration, asset management, and reporting — owning the backend and data layer; front-end development handled collaboratively.
-
Integrate with third-party APIs (ERPs, CRMs, analytics, payments, etc.).
-
Implement authentication and authorization (OAuth2, Cognito, JWT, or mutual TLS).
DevOps & Observability
-
Establish monitoring, logging, and alerting pipelines using tools such as CloudWatch, Grafana, or Datadog.
-
Implement telemetry and anomaly detection for proactive issue resolution.
-
Integrate auditing and compliance monitoring for transparency and reliability.
-
Set up deployment strategies that enable zero-downtime releases and automated rollbacks.
Security & Compliance
-
Implement security best practices aligned with standards such as PCI DSS, GDPR/CCPA, and SOC 2.
-
Manage key rotation, secrets, IAM policies, and encryption in transit and at rest.
-
Build systems that meet security and privacy expectations without personally managing audits or legal compliance.
-
Align architecture with frameworks like AWS Well-Architected or NIST for long-term security posture.
Data & Analytics Enablement
-
Build data pipelines for aggregating telemetry and usage data to support future analytics and forecasting.
-
Collaborate with data or product teams to enable insights and predictive capabilities — not required to design ML models directly.
Leadership & Collaboration
-
Own the backend and cloud domain — set technical direction, document decisions, and mentor others as the team grows.
-
Work closely with the software and hardware teams to ensure seamless IoT-to-cloud integration.
-
Provide input on future backend and DevOps hiring needs as the platform scales.
-
Communicate progress, trade-offs, and priorities directly to leadership.
Required Skills & Experience
-
5+ years of experience building and maintaining production backend systems.
-
Proficiency in one or more modern backend languages such as Python, Go, TypeScript (Node.js), or Java — and the ability to choose and justify the right tool for each problem.
-
Strong understanding of cloud platforms, preferably AWS (experience with ECS, Lambda, RDS, API Gateway, S3, or equivalents).
-
Deep experience with PostgreSQL and relational database design.
-
Proven experience with Infrastructure as Code, CI/CD, and cloud networking.
-
Familiarity with IoT protocols (MQTT, device shadows, telemetry ingestion).
-
Working knowledge of DNS, SSL/TLS, and domain management.
-
Comfortable operating autonomously, balancing pragmatism with scalability.
-
Interest in sustainability and technology that reduces waste.
Preferred/Nice to Have
-
Experience with data pipelines, analytics, or machine learning.
-
Background in IoT hardware integration or edge computing.
-
Some front-end experience for internal tools.