Briefly: I do not need a developer. I need a "Digital Auditor" to oversee the development of a complex infrastructure SaaS platform.
Project stack: Python 3.12+, FastAPI, Redis (as message broker & cache), PostgreSQL (SQLAlchemy/Tortoise), Docker.
Your mission:
You act as the owner's trusted representative. You ensure that the developer builds a reliable system, not a "patchwork" pyramid that will collapse after going into production.
Responsibilities (Strict Control):
1. Zero-Trust Code Review: Every iteration of the developer goes through your audit. Check for Memory Leaks, SQL injections, and the security of Pydantic schemas.
2. Backdoor Hunting: Searching for hidden vulnerabilities, unauthorized logs, or third-party requests.
3. Architecture Validation: Monitoring compliance with SOLID and Clean Architecture. You must prohibit "spaghetti code" at early stages.
4. Disaster Recovery Check: Confirming that the project can be deployed in 5-10 minutes from scratch (Docker) and any other Senior can pick it up tomorrow.
5. Milestone Approval: You are the last barrier before payment. The developer receives money only after your technical report.
Requirements (Senior/Lead only):
• Experience as an architect or tech lead for at least 5 years.
• Deep knowledge of asynchronous programming in Python (Asyncio).
• Understanding of how residential proxies work, HTTP header spoofing, and bypassing anti-fraud systems (will be a critical advantage).
• Ability to convincingly "reject" a developer's poor solution.
Filter questions for response (MANDATORY):
1. How will you check asynchronous code for blocking I/O operations that could "bring down" the system under load?
2. What signs in Dockerfile or docker-compose.yml indicate that the project's architecture is not isolated?
3. What is the Bus-factor in your understanding and how will you minimize it in this project?
Audit object and scope of work:
The project consists of 4 key modules, each requiring a separate stage of technical acceptance:
1. CORE Module (Python/FastAPI): In-depth Code Review of the architecture. Checking for Memory Leaks, Race Conditions in Redis queues, and auditing the security of Pydantic schemas.
2. NETWORK Module (Proxy/Stealth): Analyzing outgoing traffic for Backdoors and leaking the real IP of the server. Checking the logic of HTTP header spoofing.
3. INFRA Module (Docker): Checking Disaster Recovery. Validating that the system can be deployed from scratch in 5-10 minutes without the involvement of the code author.
4. JS Module (Injection): Auditing the quality of obfuscation and protection against debugging (Anti-F12).
Responsibilities involve auditing the 4 modules (Core, Network, Infra, JS) for vulnerabilities and Bus-factor. Each audit concludes with a written report. This is a fixed scope of work.
Client's review of cooperation with Oleg C.
Tech Lead / Security Auditor (Python/FastAPI) — Architecture Control and Bus-factorIf you need a Lead who is not afraid to speak the truth, knows how to "reject" a weak solution, and guarantees system stability under load — Oleg is the best choice. He is a top-level specialist. I recommend him.
Freelancer's review of cooperation with Yevhenii N
Tech Lead / Security Auditor (Python/FastAPI) — Architecture Control and Bus-factorAlthough we did not continue the collaboration, the overall communication and conditions were adequate.
-
Winning proposal1 day23 USD
1910 14 0 Winning proposal1 day23 USD
Hello. I have 4 years of experience in Python development. For the last 3 years, I have been involved in product development, where I was essentially the Lead Developer and worked directly on what is described in the project (building architecture, developing complex microservices systems, complete testing, refactoring, fixing vulnerabilities, etc.). I would be happy to join your team and lead it. I have a solid understanding of asynchronous development principles in Python. Having experience in independently solving all the problems mentioned in the description, I am confident that I can help in monitoring and preventing this from other developers. I have also repeatedly worked with someone else's code (conducted code reviews, searched for vulnerabilities, fixed problematic issues, etc.). I can provide more details about this in person.
In short, I now want to try myself specifically in the role of Tech Lead, not just Lead Engineer.
Regarding questions:
1. First of all, I will look for obvious synchronous operations in the code that will block threads (synchronous functions, use of synchronous libraries, lack of wrapping synchronous methods in multithreading, etc.). After checking for obvious problems - stress tests on the running project.
2. Use of localhost hosts in the container, lack of defined networks, storing all data in one volume, absence of depends_on fields, using critical data directly in the container.
3. The bus factor for me is how "irreplaceable" the developers of the project are in it. To minimize this, I will actually work on the project, meaning I will be engaged in checking code quality, correctness of the project's architecture, assessing the quality of documentation, and the "entry threshold" for a new person in the project. Everything should be done in such a way that in case of anything, the project can be quickly handed over to another developer, and they could start working on the project and further develop it within a few days (with sufficient expertise on their part as well). For this, among the main requirements for me will be logging, clear and consistent documentation, clean code, and absence of "workarounds."
I want to discuss all this in more detail in person. I am confident that I can help improve the development processes at all stages.
-
Який обсяг регулярноъ роботи
-
Current freelance projects in the category Python
A bot needs to be created in Telegram for subscription payment.
45 USD
A bot needs to be created in Telegram where users can subscribe for access to the webcams located in the yard. Organize payment for two types of subscriptions (monthly and daily) in the bot. The bot should automatically check the payment and then provide access links. Python, Bot Development ∙ 5 hours 56 minutes back ∙ 57 proposals |
Python / Network Engineer: Network optimization of the bot (WAF, Connection Pooling, Asyncio)Simplified version! Please respond only if you understand and are knowledgeable. About the project: An automated bot for sniping. The basic business logic (parsing, authorization, assembling JSON/XML packages) is already ready and works on Python. The target environment is Linux… Python, Data Parsing ∙ 8 hours 25 minutes back ∙ 14 proposals |
Parsing and classification of a large array of imagesIt is necessary to implement a project for collecting and structuring a large array of architectural images from open web sources.The task includes: automated collection of images; uploading files in the highest available quality; classification of images by categories:… Python, Data Parsing ∙ 12 hours 56 minutes back ∙ 29 proposals |
Business logic of the platform: class confirmation, attendance control, and lesson history (DjangoRefinement of the business logic of the educational platform: lesson confirmation, attendance control, and lesson history (Django + React) A complete system for lesson confirmation, attendance control, and storage of confirmation history needs to be implemented. Important… Python ∙ 2 days 18 hours back ∙ 29 proposals |
Improvement of the administrative panel of the educational platform (Django + React)Improvement of the administrative panel of the educational platform (Django + React) Project description: There is an existing educational platform (marketplace, similar to Preply), developed on Django + React. It is required to enhance the existing administrative panel and… Python, Web Programming ∙ 4 days 15 hours back ∙ 58 proposals |
Kyiv