Secure Deployment & Hardening of VAT Tool

Title: Need a Full-Stack Developer to Securely Deploy and Harden an Existing Internal React-Based VAT Automation Tool

Description:

I am looking for a freelancer to help securely deploy and lightly harden an internal VAT automation web application that I have already built.

The application is already substantially developed. The backend logic is working, and the UI/workflows are largely in place. This is not a build-from-scratch project. I am looking for someone who can work carefully with an existing codebase, preserve the current working logic, and help move it into a properly hosted and more secure internal-use setup.

Project context:

• This is an internal business tool related to VAT workflow automation
• It processes uploaded Excel files and generates outputs for review/download
• The tool is intended for internal office use, including eventual use with client data
• The immediate goal is to deploy and harden the app so it can first be used for controlled internal testing and then for secure internal use with client data, once appropriate security, access-control, and file-handling safeguards are in place
• I am not looking for unnecessary over-engineering or a major rewrite at this stage

Current status:

• Frontend is React-based
• Backend is already built and functioning
• Core workflows are already in place
• API keys are currently handled through a local development ".env" setup
• The codebase may have internal inconsistencies or areas that can be improved, but I do not want someone to come in with the mindset of rebuilding the entire project
• I need a practical person who can stabilize and improve what already exists

Scope of work:

• Review the existing codebase and current setup
• Deploy the application to a secure hosted environment
• Connect the project properly to a private GitHub repository
• Configure environment variables and secret handling properly so no sensitive keys are exposed in code or frontend
• Set up internal user authentication/for office users
• Protect preview/test deployments from public access
• Review and improve file upload/download handling so it is safe and practical for internal use
• Review any temporary file handling, processing flow, and logging/debug exposure related to uploaded Excel data
• Help implement the minimum practical safeguards needed before real client data is used through the web app
• Keep the implementation lean and practical, without forcing a major architectural rewrite unless clearly necessary

What I am looking for: I am not looking for a generic website developer or only a frontend/UI person.

I am looking for someone with hands-on experience in:

• React application deployment
• backend integration in an existing app
• secure environment variable / secrets setup
• authentication and internal user access control
• file upload and download handling
• GitHub-based workflows
• Vercel or similar hosting platforms
• practical security hardening for internal business tools or small SaaS applications

The ideal freelancer should be able to:

• work with an existing, imperfect codebase pragmatically
• explain things clearly to a non-technical founder/user
• avoid unnecessary complexity
• identify what is essential now versus what can wait for a later production-hardening phase
• maintain confidentiality

Important notes:

• Confidentiality is critical
• This is a real internal business workflow tool, not a sample exercise
• I want to preserve the current working logic as much as reasonably possible
• I need someone who understands how to improve deployment, access, and security without destroying momentum
• I am open to practical recommendations, but I do not want a proposal that assumes a complete rebuild from scratch

Please include the following in your proposal:

• A brief description of similar work you have done
• Your experience with existing React/internal-tool deployments
• Your recommended setup for hosting, auth, and secure file handling for this type of application
• Your expected timeline for this scope
• Whether you can work with an already-built codebase without requiring a major refactor
• How you would approach confidential file-processing workflows in an internal tool
• Whether you can help distinguish what is needed immediately for secure internal use versus what can be deferred to a later stage

Preferred outcome: A securely hosted internal version of the tool that can be used for controlled internal testing and then be made ready for secure internal use with client data, with a clear understanding of any remaining steps required for broader long-term rollout.

Please keep your proposal practical, specific, and focused on the actual scope above. Budget: USD 10–100 Skills: Web Hosting, API, Full Stack Development, Security, Cloud Security, GitHub, Data Protection, Vercel