WHAT MAKES US A GREAT PLACE TO WORK

We are proud to be consistently recognized as one of the world’s best places to work. We are currently the top ranked consulting firm on Glassdoor’s Best Places to Work list and have earned the #1 overall spot a record seven times.

Extraordinary teams are at the heart of our business strategy, but these don’t happen by chance. They require intentional focus on bringing together a broad set of backgrounds, cultures, experiences, perspectives, and skills in a supportive and inclusive work environment. We hire people with exceptional talent and create an environment in which every individual can thrive professionally and personally.

WHO YOU’LL WORK WITH

As the premier consulting partner for the private equity industry, Bain's PEG boasts a global practice that is over three times larger than any competitor. Our network of over 1,000 professionals supports private equity and institutional investor clients through every stage of the investment life cycle, from deal generation and due diligence to portfolio value creation and exit planning.

Bain & Company is developing a suite of cutting-edge data and software solutions designed to revolutionize how the private equity industry uses data for investment insights and decision-making.

The PEG Innovation team's mission is to create analytical solutions for Bain clients, teams, and the broader institutional investor space using proprietary software and data products. This includes the development, commercialization, and daily management of Bain's proprietary datasets, data, and software businesses.

WHERE YOU’LL FIT WITHIN THE TEAM

Senior Platform Engineers design and build the shared services that every product and data squad depends on: Auth, RBAC, Session Management, Audit, Notifications, File handling, Search, and more. You own your services end-to-end: design, build, test, deploy, monitor, and operate them. You set the standard for how platform services are built and contribute to the engineering standards and conventions that govern the broader estate. You collaborate closely with Security and Infrastructure to ensure services are secure-by-default, observable from day one, and operable under production on-call expectations.

WHAT YOU'LL DO

Core Platform Service Development, Deployment, and Operations (80%)

• Design, build, test, deploy, and operate core platform services to production quality standards (Auth, RBAC, Session, Audit, Notifications, File, Search).
• Own service APIs and contracts end-to-end: versioning, backwards compatibility, and consumer impact management across product squads.
• Write and maintain Postgres schemas and Alembic migrations using the expand/contract pattern; never ship a breaking schema change without a backwards-compatible transition.
• Implement and enforce authentication and authorisation patterns: JWT, refresh token rotation, RBAC, SAML/OIDC, and service-to-service auth where required.
• Design and operate Redis-backed patterns: caching, session storage, rate limiting, pub/sub, and distributed lock coordination where needed.
• Build and operate event-driven capabilities using Kafka domain events (CloudEvents envelope, schema registry integration) where platform services publish and consume.
• Instrument services with structured logs, distributed tracing, and Prometheus metrics from day one using OpenTelemetry and FastAPI instrumentation.
• Write and maintain Helm charts for owned services; contribute to Kubernetes manifests in the platform-infra repository (health checks, resource limits, HPA readiness).
• Participate in on-call rotation for platform incidents; drive incident response to resolution and maintain runbooks for owned services.

Other (20%)

• Set and enforce engineering standards for platform service development: testing, observability, security, reliability, and operational hygiene.
• Conduct thorough code reviews; enforce standards on PRs and raise the bar for production practices across the platform estate.
• Mentor mid-level and junior platform engineers through pairing, design guidance, and ongoing review feedback.
• Use AI coding assistants to accelerate service scaffolding, API/router generation, migration drafts, and test creation; review all generated code against production and security standards before committing.
• Use LLMs to generate first-draft documentation (runbooks, service docs, API notes) and operational checklists; validate and refine outputs before publishing.
• Collaborate with the Security Engineer on Vault integration (Vault Agent Injector), dynamic secrets usage, policy scoping, mTLS policy, and software supply chain security requirements.

ABOUT YOU

• Bachelor’s degree in Computer Science, Engineering, Information Systems, or a related field (or equivalent practical experience).
• 6+ years of experience building and operating backend services, APIs, or platform components in production environments, including on-call responsibility.
• Demonstrated experience owning production backend services end-to-end (design, build, test, deploy, monitor, and operate), including on-call operational responsibility.
• Production experience building and operating REST and event-driven microservices at scale in a Kubernetes environment.
• Experience designing and operating data stores in Postgres, including schema migration practices, query optimisation, and performance tuning.
• Experience implementing authentication and authorization systems (JWT, refresh token rotation, RBAC, SAML/OIDC) in production environments.
• Demonstrated ability to mentor other engineers and raise engineering standards through code review and shared conventions.

Backend/Platform Engineering

• Strong Python proficiency: FastAPI, Pydantic v2, SQLAlchemy 2.0 async, Alembic, pytest, Ruff, mypy (strict).
• Production microservices: REST APIs, event-driven patterns, idempotency, retries, backwards-compatible versioning, and consumer contract discipline.
• PostgreSQL: query plan analysis, indexing strategies, partitioning approaches, and schema evolution patterns for high-availability systems.
• Redis: caching strategies, session storage, pub/sub, and rate limiting patterns; understands operational trade-offs and failure modes.
• Apache Kafka: producing/consuming domain events, CloudEvents envelope conventions, schema registry integration, and consumer group semantics.
• Docker: multi-stage builds, non-root containers, image scanning (e.g., Trivy), and secure base-image practices.
• Kubernetes: Helm charts, pod lifecycle, probes/health checks, resource requests/limits, and HPA concepts; comfortable operating services on-cluster.
• Observability: OpenTelemetry instrumentation, structured logging (structlog), distributed tracing, and Prometheus metrics for FastAPI services.
• Secrets and security: familiarity with HashiCorp Vault (Vault Agent Injector, dynamic secrets, policy scoping) and secure service-to-service patterns.

Generative AI and agentic systems

• Uses AI coding assistants (Cursor, GitHub Copilot, or equivalent) to accelerate feature development and reduce repetitive boilerplate; reviews all generated code against production and security standards before committing.
• Uses agents to generate first-draft Pydantic schemas, SQLAlchemy models, and FastAPI router skeletons; refines outputs to match domain conventions and security requirements.
• Uses LLM assistance to draft unit and integration test cases; validates coverage gaps and supplements with manually authored tests.
• Understands how platform services (Auth, RBAC, Audit) interact with the Agent Gateway and what security constraints (permissions, auditability, data minimisation) that interaction requires.

General

• Treats every service as a production system from the first commit: tests, observability, documentation, and runbooks are not optional.
• Communicates blockers early and escalates appropriately; does not quietly struggle for days before raising a risk.
• Uses AI tooling to move faster, but applies critical judgement and rigorous review to all generated code and documentation before it enters the codebase.
• Keeps runbooks and service documentation current as services evolve; treats operability as part of delivery.
• This role follows a hybrid model, requiring in-office presence at least 1 day per week

U.S. COMPENSATION INFORMATION

Compensation for this role includes base salary, annual discretionary performance bonus, 401(k) plan with an annual employer contribution based on years of service and Bain’s best in class benefits package (details listed below).

Some local governments in the United States require a good-faith, reasonable salary range be included in job postings for open roles. The estimated annualized compensation for this role is as follows:

In Atlanta, the good-faith, reasonable annualized full-time salary range for this role is between $140,875 - $153,750
In Boston, the good-faith, reasonable annualized full-time salary range for this role is between $162,000 - $176,750

In Dallas, the good-faith, reasonable annualized full-time salary range for this role is between $147,625 - $161,250

In Chicago, the good-faith, reasonable annualized full-time salary range for this role is between $155,125 - $169,250

In New York, the good-faith, reasonable annualized full-time salary range for this role is between $176,250 - $192,250

Placement within these ranges will vary based on factors such as experience, education, training, and skill level.

Compensation also includes a discretionary annual performance bonus, 401(k) plan with employer contribution, and Bain’s best-in-class benefits—including full premium coverage for medical, dental, and vision, generous paid time off, and more.

Annual discretionary performance bonus

This role may also be eligible for other elements of discretionary compensation

4.5% 401(k) company contribution, which increases after 3 years of service and is 100% vested upon start date

Bain & Company's comprehensive benefits and wellness program is designed to help employees achieve personal independence, protection and stability in the areas most important to you and your family.

Bain pays 100% individual employee premiums for medical, dental and vision programs, offering one of the most comprehensive medical plans for employees without impacting your paycheck

Generous paid time off, including parental leave, sick leave and paid holidays

Fully vested 401(k) company contribution

Paid Life and Long-Term Disability insurance

Annual fitness reimbursements