Backend Developer

Ryan Mahoney

Ryan Mahoney

Director of Product, FirstWho

Hiring mid-level backend engineers is where you separate the capable from the truly reliable. You need someone who can handle a 3am page on their own service, but also knows when a hotfix is beyond them and it's time to escalate. The tricky part is finding people who ship solid APIs and optimize database performance without getting possessive about their code or bristling at feedback. Most candidates can build features; fewer can walk you through why they turned down a message queue approach, or own up that their first caching layer failed once they saw the latency numbers. You're really testing for judgment when things are unclear, and that never shows up in algorithm scores.

Skip the setup

Use as-is, or remix to fit your team.

Start hiring now

Competency Questions

1 of 21

Backend Architecture & Systems

Design and implementation of microservices and significant subsystems, emphasizing evolvable API contracts, data persistence strategies, and event-driven communication patterns for complete domain service ownership.

Asynchronous & Event-Driven Systems

Designs event schemas and contracts; implements idempotent consumers and producers; manages message ordering, dead letter queues, and retry logic; handles eventual consistency in data flows.

Interview round: Hiring Manager Technical

Share an experience where you built or significantly modified a system that processed work asynchronously rather than synchronously.

Positive indicators

  • Specific latency or throughput requirements driving choice
  • Acknowledges user experience implications of asynchrony
  • Describes idempotency and duplicate handling
  • Mentions dead letter or poison message patterns

Negative indicators

  • Chose async for perceived elegance without need
  • No visibility into processing state
  • Lost or duplicated messages without detection
  • Users had no feedback on operation status

Attitude Questions

1 of 19

Active Listening

The disciplined cognitive practice of fully concentrating on, comprehending, and accurately interpreting both explicit and implicit information from verbal and non-verbal communication, then responding in ways that validate understanding and surface unstated assumptions—particularly when technical complexity, power asymmetries, or domain translation challenges obscure clear meaning.

Interview round: Peer Technical

Walk me through a situation where you realized you had misunderstood someone else's perspective.

Positive indicators

  • Specific evidence of checking understanding
  • Describes asking clarifying questions
  • Acknowledges impact of misunderstanding
  • Changed behavior to prevent recurrence

Negative indicators

  • Blames other person for being unclear
  • No specific example of discovering misunderstanding
  • Continued with wrong assumption
  • Dismisses importance of alignment

Progression Framework

This table shows how competencies evolve across experience levels. Each cell shows competency at that level.

Backend Architecture & Systems

4 competencies

CompetencyJuniorMidSeniorPrincipal
Asynchronous & Event-Driven Systems

Consumes messages from queues using SDKs; implements basic event handlers and background job workers; understands at-least-once delivery semantics.

Designs event schemas and contracts; implements idempotent consumers and producers; manages message ordering, dead letter queues, and retry logic; handles eventual consistency in data flows.

Architects event-driven microservices using patterns like CQRS and Event Sourcing; implements saga orchestration for distributed transactions; evaluates message brokers for throughput/latency requirements.

Establishes organizational event architecture standards; designs high-throughput streaming platforms; defines event governance, schema registries, and data lineage; drives organization-wide adoption of event-driven patterns.

Data Persistence Architecture

Implements basic CRUD operations using ORMs; writes simple SQL queries with proper indexing awareness; understands ACID properties and transaction boundaries.

Designs normalized relational schemas and document structures; implements migration strategies; optimizes query performance through indexing and denormalization; manages connection pooling and caching strategies.

Architects polyglot persistence strategies (SQL, NoSQL, Graph, Cache); designs data sharding, replication, and partitioning schemes; ensures consistency across distributed systems; evaluates database technologies for specific workloads.

Sets organizational data storage strategy and standards; designs global data architectures with multi-region consistency; evaluates NewSQL and distributed database systems (CockroachDB, Spanner); ensures data sovereignty and compliance.

Service API Development

Implements RESTful endpoints using established frameworks and patterns; handles request/response serialization, basic authentication, and standard HTTP status codes; writes unit tests for handlers.

Designs API contracts with OpenAPI/Swagger specifications; implements middleware, rate limiting, and versioning strategies; optimizes database queries for API performance; handles complex validation logic.

Architects microservice boundaries and API gateway configurations; establishes organizational API design standards; implements distributed transaction patterns (saga, outbox); designs for high availability and failover.

Defines enterprise-wide API architecture strategy; evaluates and adopts emerging protocols (gRPC, GraphQL federation, tRPC); drives platform-level service mesh implementations; influences industry API standards.

Strategic Technical Architecture

Documents technical decisions in ADRs; participates in design reviews; implements features following established architectural patterns.

Leads technical design for complex features; evaluates technology options and trade-offs; creates architecture decision records (ADRs); mentors junior developers on design patterns.

Sets technical direction for engineering teams; architects cross-system integrations; balances technical debt against velocity; establishes coding and design standards.

Defines organizational technical roadmap and vision; drives architectural governance across multiple teams; evaluates emerging technologies for strategic business value; leads industry working groups and standards bodies.

Domain-Specific Systems

4 competencies

CompetencyJuniorMidSeniorPrincipal
Data Pipeline Engineering

Maintains existing ETL scripts and batch jobs; monitors pipeline failures; understands basic data formats (Parquet, Avro); implements simple data transformations.

Develops batch and streaming pipelines using frameworks like Spark or Flink; implements data quality checks and validation; manages schema evolution; optimizes pipeline throughput and cost.

Architects data lakehouse and warehouse solutions; designs real-time streaming architectures with exactly-once semantics; implements data governance and lineage tracking; evaluates OLAP engines.

Sets organizational data platform strategy; designs unified data mesh architectures; drives data democratization while ensuring privacy compliance; evaluates next-gen data technologies.

Financial Systems Infrastructure

Implements basic transaction processing endpoints; understands double-entry bookkeeping principles; handles currency formatting and precision.

Designs ledger and account systems; implements idempotency and deduplication for payment processing; manages reconciliation processes; ensures basic PCI DSS compliance.

Architects high-volume payment processing platforms; designs for financial audit trails and immutability; implements complex settlement and clearing systems; ensures regulatory compliance (SOX, PCI-DSS, GDPR).

Drives financial platform strategy and partnerships; designs global payment architectures with multi-currency support; evaluates blockchain/DLT for settlements; ensures financial data sovereignty and auditability.

IoT & Edge Systems

Consumes device telemetry from MQTT brokers; implements basic device shadow/state management; handles time-series data ingestion.

Designs device provisioning and management systems; implements edge computing logic and offline-first capabilities; manages IoT security certificates and OTA updates.

Architects IoT platforms supporting millions of devices; designs digital twin architectures; implements fleet management at scale; ensures low-latency command and control.

Establishes edge computing and IoT strategy; designs hybrid cloud-edge architectures; drives IoT security and standards adoption; evaluates 5G/MEC integration for real-time processing.

Machine Learning Infrastructure

Deploys pre-trained models as REST/gRPC services; manages basic model versioning; implements simple feature engineering scripts.

Designs feature stores for offline/online consistency; implements model serving infrastructure with auto-scaling; manages training pipelines and experiment tracking; optimizes inference latency.

Architects end-to-end MLOps platforms; designs model monitoring and drift detection systems; implements distributed training infrastructure; ensures model governance and explainability.

Drives AI infrastructure strategy for the organization; designs scalable ML platforms supporting hundreds of models; evaluates federated learning and privacy-preserving ML; ensures ethical AI compliance.

Platform Engineering & Operations

4 competencies

CompetencyJuniorMidSeniorPrincipal
Developer Platform & Tooling

Uses existing CI/CD pipelines and internal tools; writes basic Dockerfiles and deployment manifests; follows established GitOps workflows.

Builds and optimizes CI/CD pipelines; implements Infrastructure as Code (Terraform, Pulumi, CloudFormation); develops internal CLI tools and libraries; manages multi-environment configurations.

Designs self-service developer experience platforms; architects GitOps and progressive delivery systems; establishes platform engineering standards; optimizes build and deployment times.

Leads platform engineering strategy and vision; evaluates build-vs-buy decisions for PaaS solutions; drives developer productivity metrics and developer experience initiatives; influences cloud-native tooling standards.

Observability & Site Reliability

Adds structured logging to applications; monitors existing dashboards; responds to automated alerts; participates in incident response.

Implements distributed tracing and custom metrics; creates actionable dashboards and alerts; defines initial SLOs/SLIs; conducts blameless post-mortems.

Architects comprehensive observability platforms (metrics, logs, traces); designs SRE practices and error budgets; implements chaos engineering; optimizes on-call rotations and alert fatigue.

Establishes organizational reliability engineering standards; drives observability-driven development culture; designs disaster recovery and business continuity strategies; defines availability targets across business units.

Performance Optimization

Identifies obvious performance bottlenecks through logging; implements basic caching strategies; understands Big O complexity in code review.

Profiles application performance using APM tools; optimizes database queries and N+1 issues; implements connection pooling and async I/O; tunes JVM/runtime parameters.

Architects for horizontal and vertical scalability; designs multi-layered caching strategies; optimizes distributed system latency; implements load balancing and auto-scaling policies.

Establishes performance engineering culture and standards; designs capacity planning models; drives cost-performance optimization initiatives; evaluates edge computing and CDN strategies for global latency.

Security & Compliance Engineering

Follows secure coding guidelines (OWASP Top 10); implements input validation and sanitization; keeps dependencies updated; uses secrets management tools correctly.

Implements authentication/authorization mechanisms (OAuth, RBAC, ABAC); conducts security code reviews; manages secrets rotation and PKI; addresses vulnerability scan findings.

Architects zero-trust security models; implements automated security scanning (SAST/DAST) in pipelines; designs compliance frameworks (SOC2, GDPR, HIPAA); leads threat modeling sessions.

Defines organizational security architecture and strategy; drives DevSecOps transformation; evaluates post-quantum cryptography; ensures regulatory compliance at global scale; manages security incident response planning.