Java Engineer Java Platform Engineer
Share
Job Location:
Monthly Salary:
Posted on:
20 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Title: Java Engineer/ Java Platform Engineer
Location: TX/Dallas
Duration: 3 Months CTH
Job Description:
IIoT Platform (On Prem Kubernetes MQTT TimescaleDB Schema Registry)
About the role develop the backend of Nexus: build resilient microservices that speak MQTT enforce data contracts via Forge and deliver high throughput reliable ingest into TimescaleDB on on prem Kubernetes. Drive service SLIs/SLOs security and multi tenant operations. Partner with OT (often via Ignition) while keeping the focus on backend reliability and developer experience. Optional secure hybrid to AWS for backup/analytics.
Key Responsibilities
Backend services and APIs
Build stateless performant services (Go/Java/Python) for ingest validation enrichment and persistence.
Define versioned contracts (REST/gRPC) ensure backward compatibility idempotency and robust retries.
Provide shared libraries for schema validation authN/Z tracing.
MQTT messaging
Implement producer/consumer services with QoS 0/1 retained messages shared subs session persistence.
Design tenant aware topic hierarchies ACLs and secure device onboarding.
Enforce TLS/mTLS certificate rotation; optimize throughput with batching and backpressure.
Data contracts (Forge) and CI enforcement
Model telemetry/events with JSON Schema; strict compatibility rules and gated CI checks.
Validate in the data plane; route bad payloads to DLQ with replay tooling.
Lead producer/consumer versioning and migrations.
Time series storage (TimescaleDB)
Design hypertables compression retention; high throughput ingest with ordering dedupe upserts.
Optimize reads via continuous aggregates and indexes; own backup/restore and PITR.
On prem Kubernetes
Ship Helm charts; manage Deployments/StatefulSets HPA/VPA probes resource tuning.
Establish end to end observability (metrics/traces/logs) actionable alerts; GitOps for promotion/rollback.
Security multi tenancy and reliability
Zero trust defaults: mTLS RBAC hardening network policies per tenant isolation.
Secrets/PKI management (Vault/KMS) audit logging; ingress/egress controls and rate limits.
Define SLIs/SLOs; canary/blue green chaos testing; runbooks on call post mortems; DLQ/quarantine and replay.
Collaboration and delivery
Strong PR hygiene branch protections semantic versioning release tagging in GitHub.
Document ADRs runbooks and APIs; align OT tag models/payloads with backend contracts.
Build stateless performant services (Go/Java/Python) for ingest validation enrichment and persistence.
Define versioned contracts (REST/gRPC) ensure backward compatibility idempotency and robust retries.
Provide shared libraries for schema validation authN/Z tracing.
MQTT messaging
Implement producer/consumer services with QoS 0/1 retained messages shared subs session persistence.
Design tenant aware topic hierarchies ACLs and secure device onboarding.
Enforce TLS/mTLS certificate rotation; optimize throughput with batching and backpressure.
Data contracts (Forge) and CI enforcement
Model telemetry/events with JSON Schema; strict compatibility rules and gated CI checks.
Validate in the data plane; route bad payloads to DLQ with replay tooling.
Lead producer/consumer versioning and migrations.
Time series storage (TimescaleDB)
Design hypertables compression retention; high throughput ingest with ordering dedupe upserts.
Optimize reads via continuous aggregates and indexes; own backup/restore and PITR.
On prem Kubernetes
Ship Helm charts; manage Deployments/StatefulSets HPA/VPA probes resource tuning.
Establish end to end observability (metrics/traces/logs) actionable alerts; GitOps for promotion/rollback.
Security multi tenancy and reliability
Zero trust defaults: mTLS RBAC hardening network policies per tenant isolation.
Secrets/PKI management (Vault/KMS) audit logging; ingress/egress controls and rate limits.
Define SLIs/SLOs; canary/blue green chaos testing; runbooks on call post mortems; DLQ/quarantine and replay.
Collaboration and delivery
Strong PR hygiene branch protections semantic versioning release tagging in GitHub.
Document ADRs runbooks and APIs; align OT tag models/payloads with backend contracts.
Required qualifications
5 years building production backend services in Go/Java/Javascript/C/Python.
Deep MQTT understanding (EMQX/HiveMQ/Mosquitto): QoS 0/1 retained shared subs sessions ACLs TLS/mTLS.
On prem Kubernetes or docker: Helm compose observability autoscaling GitOps secure multi tenant ops.
Time Series Database/historian: hypertables compression retention continuous aggregates performance backup/restore.
Schema registry with JSON Schema; CI enforced compatibility.
CI/CD (GitHub Actions or similar): build/test canary/blue green artifacts automated rollbacks.
Security: PKI certificates least privilege network segmentation Vault/KMS audit logging.
5 years building production backend services in Go/Java/Javascript/C/Python.
Deep MQTT understanding (EMQX/HiveMQ/Mosquitto): QoS 0/1 retained shared subs sessions ACLs TLS/mTLS.
On prem Kubernetes or docker: Helm compose observability autoscaling GitOps secure multi tenant ops.
Time Series Database/historian: hypertables compression retention continuous aggregates performance backup/restore.
Schema registry with JSON Schema; CI enforced compatibility.
CI/CD (GitHub Actions or similar): build/test canary/blue green artifacts automated rollbacks.
Security: PKI certificates least privilege network segmentation Vault/KMS audit logging.
Nice to have
Ignition (Transmission/Engine) OPC UA/Modbus/EtherNet/IP.
Kafka/Pulsar and MQTT bridges; CDC/outbox patterns.
IaC (Terraform/Ansible) Rancher/OpenShift; edge (K3s).
Service mesh (Istio/Linkerd) for mTLS/traffic policy.
Hybrid AWS for backup/analytics (ECR/S3/Glacier secure tunneling).
Ignition (Transmission/Engine) OPC UA/Modbus/EtherNet/IP.
Kafka/Pulsar and MQTT bridges; CDC/outbox patterns.
IaC (Terraform/Ansible) Rancher/OpenShift; edge (K3s).
Service mesh (Istio/Linkerd) for mTLS/traffic policy.
Hybrid AWS for backup/analytics (ECR/S3/Glacier secure tunneling).
Keywords: MQTT Java Python Kubernetes JSON CI/CD API JavaScript
Key Skills
- Access Control System
- Engineering
- Bar Management
- Jpa
- Law
- Jdbc
