Key skills
JavaMongoDBSpringSpring BootSpringBootTerraformIntegration TestingS3RESTfulLeadership
About this role
Role Overview
- Design the Attribute-Based Access Control (ABAC) model, including policy attributes (clearance level, nationality, group/role, context), enforcement points, and decision logic
- Design the RESTful API architecture, including endpoint structure, request/response contracts, and error handling patterns
- Map out query patterns, access flows, and integration touchpoints with external systems (data storage and encryption services provided by partner organisations)
- Collaborate with the database consulting engineer on schema design, search strategy, and encryption approach to ensure the API layer aligns with the underlying data model
- Contribute to Infrastructure as Code design for deployment (Terraform or similar)
- Build a RESTful API layer in Java implementing full catalogue functionality: – CRUD operations for metadata records – Advanced search capability leveraging Atlas Search – ABAC enforcement on all API operations, ensuring search results and data retrieval are filtered by the requestor’s access attributes – Secure storage and retrieval of encrypted key material (shard keys) via CS-FLE
- Implement unit tests to validate functional correctness
- Build automated data load and stress testing harnesses for the combined API and cluster deployment
- Perform integration testing against external partner systems (or appropriate stand-ins) to validate end-to-end data creation and retrieval flows
- Produce API documentation and integration guides for consuming systems
- Support knowledge transfer and handover activities in the final weeks of the engagement
Requirements
- Java development — strong hands-on capability building production RESTful APIs (Spring Boot or similar framework)
- MongoDB — solid working experience with MongoDB, including querying, aggregation pipelines, and integrating MongoDB into Java application layers
- Atlas Search — practical experience designing and implementing search solutions using Atlas Search (or Lucene-based search within MongoDB)
- Security & encryption — experience with Client-Side Field Level Encryption (CS-FLE) or equivalent application-layer encryption patterns; understanding of key management concepts
- Infrastructure as Code — experience with Terraform or equivalent for deploying and managing application infrastructure
- API design — ability to design clean, well-documented RESTful APIs suitable for integration by multiple consuming systems
- Testing — experience with load/stress testing tools and approaches for validating API performance under realistic conditions
- Technical leadership — proven ability to make architectural decisions, produce design documentation, and communicate technical trade-offs to both engineering and non-technical stakeholders
- Experience designing and implementing Attribute-Based Access Control (ABAC) systems; familiarity with policy-as-code frameworks (e.g. Casbin, OPA, or XACML-based systems) (desirable)
- Experience with metadata standards such as DCAT, Dublin Core, or IES (desirable)
- Experience working in UK public sector or defence environments (desirable)
- Familiarity with multi-classification or multi-tenancy access models (desirable)
- Experience with event-driven architectures and asynchronous processing patterns (desirable)
- Understanding of consistency patterns in multi-service architectures (e.g. saga pattern, eventual consistency) (desirable)
- Knowledge of data mesh or federated data architecture concepts (desirable)
- Experience integrating with third-party data storage APIs (e.g. S3-compatible interfaces) (desirable)
Tech Stack
- Java
- MongoDB
- Spring
- Spring Boot
- SpringBoot
- Terraform
Benefits
- Security clearance BPSS (Baseline Personnel Security Standard) required
- Knowledge transfer and handover activities in the final weeks of the engagement