# Platform Engineer — Postgres / NixOS / Security

**Remote · EU & nearby (UA, Balkans, UK, CH) · Full-time · €65–75k**

We're building [therapy-lift](https://therapy-lift.de), a healthcare platform for psychotherapists in Germany. Real medical data, real privacy stakes, real certifications — we're currently mid-process on KBV-Videodienstanbieter and a parallel DSGVO + IT-security certification. We need someone who treats reliability and security as a craft, not a checkbox.

## Who we are

Small team, German-market focus. The product handles encrypted patient–therapist messaging, video consultations (LiveKit), appointment workflows, billing, and clinical documentation. The platform is **end-to-end encrypted** — sensitive data is encrypted on the client before it reaches our backend. Everything is self-hosted, including a **self-hosted AI Scribe running on our own Hetzner GPU on open-source models only** — no third-party LLM providers, no analytics SaaS, no surprise data flows.

The stack today:

- **Flutter** multi-platform app (iOS / Android / Web / Windows / macOS / Linux) with Drift for offline-first local sync
- **Self-hosted Supabase** on NixOS, run via **docker-compose** (Postgres + PostgREST + GoTrue + Realtime + Storage) as primary data, auth, and realtime backend
- A **Node/TypeScript backend service** for integrations outside the data layer (payments, calendaring, push, video tokens)
- **NixOS on Hetzner** — a fleet of ~20 production hosts across app, communications, monitoring, and ops tooling, managed declaratively and deployed via our own automation
- **SOPS + Age** for two-layer secret encryption; WireGuard for monitoring overlay
- **LiveKit** for E2EE-capable WebRTC video
- Daily `nixos-unstable` rollouts with auto-reboot — yes, intentionally, with a 5-year clean track record

## The role

You'd be our **third engineer**, owning the **platform layer end-to-end** — database, infrastructure, deployment, security posture. You'll work alongside the founder (also an engineer) and our senior Flutter / fullstack engineer who owns the app and product code. You'd have real authority over how we run things in production.

Concretely, in the first 6 months you'd:

- Own our **self-hosted Supabase + Postgres stack** end-to-end: schema and index design, query optimization, autovacuum and partitioning, streaming replication, PITR backups with documented restore drills (which double as cert artifacts), and operating the surrounding Supabase services (PostgREST, GoTrue, Realtime, Storage) in production
- Raise the **infrastructure-as-code bar** on our Hetzner/NixOS fleet — extend our deploy and secrets-rotation tooling, introduce Terraform/OpenTofu for cloud-resource provisioning where it earns its keep, harden deploy ergonomics
- **Evolve our secrets approach** beyond SOPS+Age — introduce service-side dynamic secrets (HashiCorp Vault, OpenBao, `agenix`/`sops-nix` patterns — your call, with our input) where it strengthens our certification-required key-management controls
- Take on a meaningful slice of **backend work** on our Node/TypeScript service; we may port parts of it to **Rust** — if that excites you, we'll plan it together
- Strengthen our **security posture**: threat modeling, audit logging, intrusion detection — the things that real DSGVO and IT-security certification actually require
- Occasionally make changes to the **Flutter app** when a backend change crosses the wire

## You'll fit if

- You can talk concretely about **designing and operating Postgres in production** — schema and index design, query optimization with `EXPLAIN (ANALYZE, BUFFERS)` and `pg_stat_statements`, autovacuum tuning, partitioning, streaming and logical replication, PITR with `pgBackRest` or `wal-g`, long-running migrations under load. Not just "I use Postgres."
- **Bonus signal:** you've **run self-hosted Supabase** in production — PostgREST, GoTrue, Realtime, Storage operated as services rather than consumed as a SaaS. Rare and directly relevant.
- You're at home in **NixOS** — you've written flakes and modules, deployed real systems with `nixos-rebuild` / `deploy-rs` / `colmena` or similar
- You're comfortable running **docker-compose-based service stacks** in production — our self-hosted Supabase rides on it, and you've operated comparable multi-container setups
- You've **automated cloud infrastructure declaratively** — Terraform, OpenTofu, Pulumi, or Nix-based equivalents against Hetzner, AWS, or comparable — and like making one-off ops work reproducible
- You've **run a secrets manager in production** — Vault, `sops-nix`, `agenix`, Doppler, Infisical, or similar — and have opinions on the trade-offs
- You have a **systems-engineering mindset** and a genuine **interest in Rust** — we may port parts of our backend to Rust and you'd want to be part of that
- You have a **security-first instinct** — you read the threat model before the spec
- You're **comfortable with modern AI-assisted coding workflows** (Claude Code, Cursor, similar) — not as a gimmick, but as a leverage tool you've integrated into how you work
- You can read and make small edits to **Flutter / Dart** code
- You **drive your own work and bring ideas to the table** — you regularly surface improvements ("hey, we could fix this by…", "I noticed X and we should change it") rather than waiting to be told what's next. We need someone whose ideas and drive we channel, not someone we have to feed tasks one by one.
- You operate well **asynchronously**, write clearly, and treat documentation as part of the work

**The non-negotiables are deep Postgres, production NixOS, and docker-compose.** If you bring those plus a security-first mindset, we're flexible on the rest — IaC tools, secrets-manager specifics, Rust experience, AI workflows, Flutter. We'd rather hire deep on the core and grow the rest together.

Seniority is open. Whether you've been doing this for 4 years or 14, we want to talk.

## Nice to have

- German (any level) — our product, customers, and regulators are German-speaking. Not required; we work in English internally.
- **Production Rust experience** — directly relevant to a possible backend port
- Healthcare or regulated-industry experience (DSGVO, HIPAA, ISO 27001, BSI Grundschutz)
- LiveKit / WebRTC operational experience
- Kubernetes operational experience — not what we run today, but useful context
- Open-source contributions in the Nix or Rust ecosystems

## What we offer

- **€65–75k/year**, full-time, depending on experience and location
- **Virtual share programme** discussable as part of the package
- **Fully remote** within EU and nearby (UA, Balkans, UK, CH). Direct employment in DE, contractor / EOR (Deel etc.) for the rest.
- CET ±3h working-hours overlap
- A mission you can defend at dinner — psychotherapists in Germany are stuck between faxes and clinically-unsafe consumer video tools; we're changing that
- Real ownership — early hire, no committees, no JIRA theater
- Hardware you need, conference budget (NixCon, FOSDEM, EuroRust), books, AI tooling subscriptions
- 28 days vacation

## How to apply

Email **matthias@psyve.de** with:

1. A short note (5–10 sentences) on why this role fits — please include **one Postgres operational problem you've actually solved**
2. **One improvement you proposed to your team in the last 6 months that nobody asked you to think about** — what did you notice, what did you suggest, and what happened?
3. Links: GitHub, blog, NixOS configs, anything you'd like us to look at
4. Your NixOS setup in one sentence

We read everything. First reply within 5 working days.