18 questions and 18 skills to help you find and hire the perfect Backend Developer

Backend Developer

A three-stage interview process for assessing junior, mid-career, or senior level backend developer candidates. This flow includes interviews for evaluating soft skills, technical skills, as well as architecture skills.

Interviews

  1. Backend Technical
  2. Backend Soft Skills
  3. Backend Problem Solving

Evaluated skills

  • Software Development
  • Engineering
  • API Design
  • Communication
  • Engineering Management
  • Programming Concepts
  • JSON
  • REST API
  • Team Leadership
  • Teamwork
  • Agile Software Development
  • Code Review
  • Eslint
  • Http2
  • Incident Management
  • Product Lifecycle Management
  • Software Architecture
  • SQL Injection
Share
Anchor tag to questionAnchor tag to question

Start interviewing the right way

Want to run an exceptional interview for Backend Developer?

  1. Backend Technical

    A journey through the fundamentals of every backend developer's bread and butter: programming languages, RESTful APIs and SQL databases.

    1. Question #1
      3 minutes
      What do the terms "immutable" and "mutable" mean and what are the strengths and weaknesses of the two concepts?
      Anchor tag to question
      1. Programming Concepts

      Evaluation criteria

      1. Immutable data structures can not be changed, instead one has to create a copy to make a modification
      2. Immutability shines in concurrent environments and should be used as the general default paradigm
      3. Mutable data structures can be altered after initialization and changes are propagated to each reference of this value
      4. Mutability is useful for highly optimized algorithms, but should be treated as an implementation detail
      5. Mutable data structures are a common source of bugs and race conditions and should therefore only be used when necessary
    2. Question #2
      4 minutes
      Why is 0.1 + 0.2 ≠ 0.3 in most programming environments? in which scenarios can this be a problem and how can it be avoided?
      Anchor tag to question
      1. Software Development

      Evaluation criteria

      1. Precision errors when doing decimal calculations due to computers working in Base 2 while decimal is Base 10
      2. Precision errors are not tolerable in a lot of domains (e.g. finance)
      3. It can be avoided by alternative number representations (e.g. the java.math.BigDecimal package)
      4. When the precision errors are tolerable in the domain, it may be okay to check for equality with an error margin
    3. Question #3
      6 minutes
      What are the most common HTTP methods and what are they used for?
      Anchor tag to question
      1. Http2
      2. API Design

      Evaluation criteria

      1. GET: Retrieve information from the server, but do not apply any other effects on the data
      2. HEAD: Same as GET, but it only returns the status line and header section, not the body
      3. POST: Sends a request body payload to the server (e.g. form data, file upload, customer information, ...)
      4. PUT: Replace the entire target resource with the given request body payload
      5. DELETE: Remove the target resource
    4. Question #4
      5 minutes
      Why might it be a bad idea to return a JSON array or a primitive value without a wrapper object in an API?
      Anchor tag to question
      1. API Design
      2. JSON
      3. REST API

      Evaluation criteria

      1. Backwards compatibility is usually a top priority for REST APIs
      2. By returning a JSON array or primitive value it is impossible to evolve the API without breaking it
      3. This becomes easier when there is always a JSON object on the top level, because one can always add a field to it
    5. Question #5
      6 minutes
      Why is it considered bad practice to expose auto-incrementing database IDs in an API? What can you do instead?
      Anchor tag to question
      1. API Design

      Evaluation criteria

      1. Auto-incrementing IDs are easily guessable and can be iterated to find weaknesses in the API authorization
      2. When it comes to unauthorized endpoints, requesting data from auto-incrementing IDs is a critical security flaw
      3. The API should exclusively rely on additional identifiers like human-friendly alphanumeric references or UUIDs
      4. Alternatively, the database ID could be encrypted and decrypted to an alphanumeric reference
    6. Question #6
      6 minutes
      Some APIs send and receive image data in a Base64 encoding as part of their JSON payloads. To what problems can this approach lead?
      Anchor tag to question
      1. API Design
      2. JSON
      3. REST API

      Evaluation criteria

      1. Base64 encoding requires ~30% more space which increases loading times
      2. Encoded strings must be fully loaded into memory for processing, leading to high memory pressure on clients and serves
      3. The browser cannot use its caching mechanism, which it could if an image URL was used instead
    7. Question #7
      5 minutes
      What are SQL injections and how can an API be protected against them?
      Anchor tag to question
      1. SQL Injection
      2. Software Development

      Evaluation criteria

      1. Malicious user input that is injected into SQL queries without santization
      2. Attackers can abuse them to fetch data they are not authorized to access or delete entries from the database
      3. "Prepared Statements" close the attack window by submitting the SQL query and the user input separately
      4. Additional database access libraries can sanitize queries, but usually also rely on "Prepared Statements"
    8. Question #8
      7 minutes
      ORM (Object-Relational Mapping) libraries are a popular solution for communication with SQL databases. What are their advantages and disadvantages?
      Anchor tag to question
      1. Programming Concepts
      2. Software Development

      Evaluation criteria

      1. Data models are defined in one place, and it's easier to update, maintain, and reuse code
      2. Common use cases are modeled very well, which gets you up and running rather quickly
      3. It adds an additional abstraction layer between the application and the database and allows to swap database systems
      4. The additional layer adds complexity, forcing developers to understand the library, its shortcomings and limitations
      5. Complex use cases are often much more difficult to implement and lead to poorly performing SQL queries
    9. Question #9
      6 minutes
      What are the alternatives to ORM (Object-Relational Mapping) libraries for interacting with an SQL database? Which solution do you prefer?
      Anchor tag to question
      1. Programming Concepts
      2. Software Development

      Evaluation criteria

      1. Writing raw SQL queries allows to leverage features specific to the underlying database systems
      2. Raw SQL queries make the communication with the database transparent and it's easy to fine tune and optimize them
      3. DSLs (domain specific languages) are a solution between ORMs and raw SQL where queries are composed by code
      4. DSLs allow for better composition and reusability, but also add complexity and hide the actual SQL queries
  2. Backend Soft Skills

    A backend developer soft skill interview, focused on assessing the candidates teamwork and process related skills.

    1. Question #1
      5 minutes
      What excites or interests you about coding? What technologies do you find interesting?
      Anchor tag to question
      1. Software Development
      2. Engineering

      Evaluation criteria

      1. Clear preferences and aversions reflect experience
    2. Question #2
      5 minutes
      Tell us about your preferred development environment, what tools you are comfortable with, and what tools you want to learn?
      Anchor tag to question
      1. Software Development
      2. Engineering
    3. Question #3
      3 minutes
      If you jumped on a project and you had a different opinion about linting rules or code formatting, how would you handle this in regards to your fellow team members?
      Anchor tag to question
      1. Communication
      2. Engineering Management
      3. Teamwork
    4. Question #4
      5 minutes
      What aspects are essential for a good code review? How do you make sure you are providing constructive criticism?
      Anchor tag to question
      1. Communication
      2. Code Review
      3. Teamwork
    5. Question #5
      8 minutes
      You are assigned to a ticket, and you are asked to gather information, estimate, and solve it. What does this process look like for you?
      Anchor tag to question
      1. Agile Software Development
      2. Product Lifecycle Management
      3. Communication
    6. Question #6
      10 minutes
      Are there any questions you would like to ask us about our development processes or technology choices?
      Anchor tag to question
      1. Engineering
      2. Engineering Management
  3. Backend Problem Solving

    Intended as a back and forth, assessing their ability to breakdown requirements and develop a working plan.

    1. Question #1
      5 minutes
      You are in a position where you can make architectural choices. Two developers are arguing over an arbitrary linting rule; how do you decide which rule to implement?
      Anchor tag to question
      1. Engineering Management
      2. Team Leadership
      3. Eslint

      Evaluation criteria

      1. We are looking for an understanding that business needs dictate developer standards
    2. Question #2
      15 minutes
      You are hired as the founding backend developer for a to-do list startup. What technical and methodological solutions do you choose as the foundation for this project?
      Anchor tag to question
      1. Engineering
      2. Software Architecture
      3. Team Leadership

      Evaluation criteria

      1. Focusses on problem solving and business needs as a top priority
      2. Not exclusively focusses on purely technical topics, but also takes hiring market and tool maturity under consideration
      3. Avoids risks and relies on the tools that are known with confidence
      4. Attempts to build an MVP-like solution first, rather than over-engineering for uncertain use cases
      5. Emphasizes the importance of tooling, such as code repositories, collaboration, continuous integration & delivery
    3. Question #3
      10 minutes
      The response times of an API service suddenly increase significantly, and you are tasked with investigating this. What steps are you taking to address the situation?
      Anchor tag to question
      1. Engineering
      2. Incident Management

      Evaluation criteria

      1. Identify whether this was caused by a change to the code or external causes
      2. For external causes find a suitable counter measure, like rate limiting, more server resources, or database replicas
      3. Identify the commit that caused the regression, revert it and redeploy the system
      4. After that, closely examine the flawed code, fix it and consider what measures can be taken to avoid such errors
hireproof logo

Sign up for Hireproof Beta. It's free.

Screen shot of big app