Back to all jobs

Full-Stack Security Review Engineer

Full
Reddit r/forhire
Apply NowSign in to track
AI-enhanced for better readability

Job Title: Pre-launch Stripe/Security Review for React/Node Registration App

Rate: $75–$125/hr (DOE) Source: reddit-r-forhire

About the Role

I run an after-school children’s program and have built, with AI assistance, a registration/payment app that I would like reviewed before opening it up to real parent registrations.

I am looking for an experienced full-stack or backend-focused engineer to perform a focused pre-launch code review of the payment, security, production-safety, and data-privacy aspects of the application. This is not a rebuild, migration, or UI redesign. I need someone pragmatic who can review the launch-critical areas and return a written findings report.

Tech Stack

  • Frontend: React / TypeScript, Vercel
  • Backend: Node / Express, Railway
  • Database/Auth: Supabase / Postgres
  • Payments: Stripe (PaymentIntents / SetupIntents)
  • Integrations: Resend (email), Google Sheets/runtime config

Main Review Areas

  • Stripe charge-on-submit flow
  • Saved card flow
  • Failed payment and retry behavior
  • Idempotency / duplicate charge risks
  • Backend-trusted payment amount calculation
  • Discount/credit/voucher safety
  • Admin/API auth
  • Production env/config safety
  • Verification that there is no client-side trust of payment amounts, discounts, credits, or voucher status
  • Prevention of private child/family registration data exposure
  • Confirmation/admin email consistency with payment outcome

Compensation & Scope

  • Rate: $75–$125/hr depending on relevant experience.
  • Estimated Effort: Approximately 10–15 hours for the initial review, depending on the repo and scope.
  • Structure: I do not want open-ended work without checkpoints. There will likely be additional review work in the future if this first project goes well.

Ideal First Milestone

  • 2–3 hour paid app orientation/risk scan.
  • Confirm relevant files/flows.
  • Identify any immediate red flags.
  • Estimate remaining review time.
  • Continue into the full review if it is a good fit.

Timing

I am hoping to select someone quickly and have the review underway by Wednesday, 6/24. Please only apply if you have availability this week.

Candidate Requirements

  • Real Stripe PaymentIntent/SetupIntent experience.
  • Understanding of backend trust boundaries.
  • Production config and env safety experience.
  • Ability to explain risks clearly.
  • Willingness to review first and avoid broad refactors.
  • High-quality written findings/report skills.

How to Apply

Please fill out this Google Form.

Note: Please do not send a generic agency pitch. I am looking for someone who can specifically review Stripe/payment correctness, backend trust boundaries, API/auth safety, production configuration, and launch-blocking risks. Please apply through the form rather than in the comments; I will follow up privately by email or Reddit DM with candidates who look like a strong fit.

Similar jobs