Bubble Developer Needed — Secure Multi-Tenant Advisory Platform (MVP Build)

Project Overview

We are building a secure, multi-tenant web application designed for families with complex financial lives and the independent advisors who support them.

This is a production-grade MVP, not a prototype or demo app.
The platform will be used by real clients and must meet a high bar for privacy, permissioning, and correctness.

Engagement Details

• Type: Freelance / Contract

• Time commitment: ~20–30 hours per week

• Duration: 8–12 weeks

• Location: Remote

• Start: As soon as the right fit is identified

• Workflow: Async-friendly, with weekly check-ins

This role is best suited for a senior Bubble developer who prefers well-scoped, security-conscious builds.

Required Skills & Experience

You should have deep experience with:

Bubble Core

• Advanced workflows and backend logic

• Database design for SaaS products

• Multi-tenant architecture

• Bubble privacy rules (strong understanding required)

• Performance-aware queries and conditions

Security & Permissions (Critical)

• Role-based access control

• Entity-level permissions (e.g., join tables)

• Secure handling of private files

• Preventing unauthorized access via direct URLs

• Immediate access revocation when users are removed

Execution

• Translating detailed written specs into Bubble implementations

• Building from clarity, not guesswork

• Testing edge cases intentionally

• Writing clean, maintainable workflows

Nice to Have

• Experience with fintech, legal-tech, or healthcare tools

• Audit logging patterns

• Figma-to-Bubble workflows

• Client portal or internal tool experience

What Success Looks Like

By the end of the engagement:

• Users can only see data they are explicitly permitted to access

• Advisors can only view assigned entities

• Removing a user instantly revokes access

• No cross-tenant data leakage

• Audit logs record all critical actions

• The app is stable, secure, and ready for pilot users

Security and correctness matter more than visual polish.

Budget

We are flexible and realistic.

Please include:

• Your hourly rate

• Your preferred working cadence

We are prioritizing experience and judgment over lowest cost.

Must-Haves

• Strong English fluency (written and spoken)

• Demonstrated Bubble experience beyond simple CRUD apps

• Ability to explain architectural decisions clearly

• Comfort working with sensitive data and permission-heavy systems

• Willingness to sign:

  • Mutual NDA

  • Independent Contractor + Work-for-Hire + IP Assignment

Timezone

• Preference for US or overlapping US hours (not required)

How to Apply

Please include:

1. A short introduction (1–2 paragraphs)

2. Links to 2–3 Bubble apps you’ve built (ideally SaaS or permission-heavy)

3. A brief response to:

   How would you implement entity-level permissions in a multi-tenant Bubble app?

4. Your hourly rate

5. Your availability over the next 2–3 months

Initial conversations will remain high-level until an NDA is in place.

If you enjoy building secure, well-architected Bubble applications, we’d like to talk.

Hey @rrussell8586

All of the questions are answered here, as well as a way to book a meeting with me: NoCodeMinute - Development

US Based

Intro:

Been around since 2016 using Bubble. Before the plugin store, if you could even imagine! Currently working with several multi-tenant client apps as well as NoCodeMinute apps. Would love to have a chat to see if we might be a good fit.

Availability over the next 2-3 months: Currently available for 10-15 hours per week but will be opening up over time as other projects finish up.

Hope to chat soon!

Hi @rrussell8586 sent you a message

You can also schedule a call here

Hi rrussell8586,

Welcome to the forum first post and you jumped straight into a really interesting project
I’m Hans, a senior Bubble developer who’s been building production apps full time for years, mostly secure multi tenant SaaS tools and client/advisor portals where privacy and correctness are everything. This one hits close to home for me I’ve shipped very similar platforms where families/advisors handle complex financial info and one wrong permission could be a big deal. I love the emphasis on “production-grade MVP” with security over polish.

For your question on entity-level permissions in a multi-tenant Bubble app:

I use a dedicated EntityAssignment data type (or Membership/AccessGrant whatever fits the naming) that links each Entity (family portfolio, document, account, etc.) to specific Users with a Role field (Viewer, Editor, Full, etc.) and an Active yes/no flag.

Privacy rule on the Entity type (and any child data) is something like: This Entity’s EntityAssignments :filtered (User = Current User and Active = yes) :count > 0 (or combined with tenant-level checks for advisors who can see multiple entities under their assigned families).

All mutations run through backend-only workflows that revalidate the assignment server-side before anything touches the database. When you remove a user, we just flip Active to no or delete the assignment record access disappears instantly on the next load because Bubble evaluates privacy rules in real time. No direct URL access issues either, since I never expose raw unique IDs and always gate data behind these checks + page conditions.

It’s the same pattern I’ve used in live apps that handle sensitive client data, and it’s passed every security review I’ve thrown at it.
You can see a couple of recent examples including multi-user portals with role-based and entity-level controls in my portfolio here: Hans Kipropyego — No-Code · AI · Automation Builder
My rate is $20/hour. I’m available for 25–30 hours per week starting immediately and can commit straight through the full 8–12 weeks and longer if the pilot needs it.

Happy to sign the mutual NDA, independent contractor agreement, work for hire, and IP assignment right away no hesitation.

Would be glad to jump on a quick call once the NDA is sorted so I can show you exactly how I’d map this out for your entities and workflows. Totally understand you want to keep things high level until then.
Looking forward to chatting if it feels like a good fit

Hi @rrussell8586 ,
I’ve sent you a DM.

You can check my website here: https://tangent.es

See you soon,
Cristian

@rrussell8586 Hey! Welcome to the community. Kindly check my DM. I can absolutely help you with this

Hi @rrussell8586 ,
I’ve sent you a DM.

Scott W

Hi @rrussell8586 , I’ve sent you a DM.

You can check my portfolio here. You can also schedule a call here.

Talk soon,
Mehul

@rrussell8586 please check DM

As a tip, that’s not going to work given that you can’t use :filtered in privacy rules…

Thank you all for your thoughtful applications. We are narrowing down our list and will be reaching out to the finalists shortly.

you’re absolutely right, thanks for catching that.
:filtered doesn’t work inside privacy rules. The right approach is using a Do a search for directly in the condition instead.
Appreciate the correction.

Hi there @rrussell8586,

We’ve delivered similar projects before and can work within a clearly defined fixed scope. If you’d like to discuss your project, you’re welcome to schedule a call here: Calendly - No-Code Venture

You can explore our background and services below, along with detailed pricing:

• Contributor profile: No-Code Venture Contributor Profile | Bubble
• Website: https://nocodeventure.com
• Pricing: No-Code Venture - Visual Development Agency | Netherlands
• LinkedIn: https://www.linkedin.com/in/melmathari/

Looking forward to connecting.

Hi @rrussell8586,

We can absolutely hep at RapidDev. Sent you a DM. Kindly check. Thanks.

Best,
Jayson Tobes
BDR, RapidDev