Backend Developer

Build the server side of the web — APIs, databases, authentication, caching, message queues, and scalable architecture.

Programming Language

Pick a backend language and master it deeply before moving on. Each has its own ecosystem and strengths.

Node.js / JavaScript

Event-driven, non-blocking I/O, npm ecosystem, CommonJS vs ESM, Express, Fastify.

Python

Clean syntax, vast ecosystem. Django (batteries-included) or FastAPI (async, modern).

Optional Go

Compiled, fast, great concurrency model. Gin, Echo, standard library HTTP.

Optional PHP / Laravel

Rapid API and web development. Eloquent ORM, queues, broadcasting, Sanctum/Passport.

REST API Design

Internal

Design consistent, versioned REST APIs that clients can rely on — the backbone of modern backend work.

RESTful Conventions

Resource naming, plural nouns, nested resources, HTTP method semantics.

API Authentication

JWT, OAuth 2.0, API keys, sessions, refresh token rotation, PKCE flow.

Rate Limiting & Throttle

Token bucket / leaky bucket algorithms, per-user limits, 429 responses, Retry-After headers.

Optional GraphQL (Alternative)

Schema-first API design, resolvers, mutations, subscriptions, DataLoader for N+1 prevention.

Databases

Choose and master the right database for each problem. SQL for structured data, NoSQL for flexibility, time-series for metrics.

SQL & PostgreSQL

DDL/DML, joins, indexes, transactions, window functions, EXPLAIN ANALYZE, connection pooling (PgBouncer).

Database Design & Normalisation

1NF–3NF, BCNF, ER diagrams, foreign keys, choosing between normalised and denormalised schemas.

Optional MongoDB / NoSQL

Document model, aggregation pipeline, indexing, schema design patterns (bucket, outlier, extended reference).

Redis

In-memory data store. Caching, session storage, pub/sub, sorted sets for leaderboards, Lua scripting.

Caching Strategies

Internal

Cache aggressively and correctly to reduce latency and database load.

Redis Caching Patterns

Cache-aside, write-through, TTL design, cache stampede prevention, Redis Cluster.

CDN & HTTP Caching

Cache-Control, ETag, Vary header, stale-while-revalidate, Cloudflare / CloudFront configuration.

Message Queues & Async Processing

Decouple services and handle background work reliably with queues and event streams.

RabbitMQ

AMQP protocol, exchanges (direct/fanout/topic/headers), queues, consumers, dead-letter exchanges, message persistence.

Optional Apache Kafka

Distributed event streaming. Topics, partitions, consumer groups, offsets, compaction, exactly-once semantics.

Background Jobs

Bull/BullMQ (Node), Celery (Python), Laravel Queues — job retry, backoff, concurrency, monitoring with Horizon/Flower.

Security Best Practices

Internal

Every backend engineer is responsible for the security of the data they handle.

Authentication & Authorisation

JWT best practices, OAuth2/OIDC flows, RBAC, attribute-based access control.

Input Validation & Sanitisation

Allowlists, parameterised queries, output encoding, Content Security Policy.

Secrets & Config Management

Environment variables, HashiCorp Vault, AWS Secrets Manager, never commit secrets.

Testing & API Quality

Automated testing is non-negotiable. Unit, integration, and contract tests keep your API reliable.

Unit & Integration Tests

Jest (Node), Pytest (Python), PHPUnit (PHP) — mocking, fixtures, test databases, coverage.

API Testing

Supertest, Postman/Newman, Pactum — test all status codes, edge cases, malformed input.

Optional Load Testing

k6, Artillery, Gatling — simulate traffic, find bottlenecks, set SLOs.

Scalability & Architecture

Optional

Design systems that handle growth — from a single server to global scale.

Optional Microservices Patterns

Saga, CQRS, Event Sourcing, API Gateway, service discovery, circuit breaker (Hystrix/Resilience4j).

Optional Database Scaling

Read replicas, sharding, partitioning, connection pooling, database proxy (RDS Proxy).

Optional System Design Fundamentals

CAP theorem, eventual consistency, idempotency, distributed transactions, saga pattern.