Software Developer | Backend & Full-Stack | Distributed Systems, IAM, Cloud

Software Developer focused on building production-ready backend and full-stack systems, with strong experience in identity platforms (IAM), distributed architectures, and enterprise integrations.

Backend: NestJS · ASP.NET Core · Spring Boot · Django
Languages: Java · C# · TypeScript · Go · Python · C++
Architecture: Microservices · Event-Driven · DDD · TDD · Clean Architecture
APIs & Messaging: Kafka · gRPC · REST · GraphQL
Databases: PostgreSQL · MongoDB · Oracle · SQL Server
Cloud & DevOps: AWS · Azure · Docker · Jenkins · GitHub Actions · CI/CD
Security: OAuth2 · OIDC · JWT · SAML · ADFS · Microsoft Entra ID
Frontend: Vue.js · React · Next.js
AI Integration: LLM API integration · Chatbot backend development

Multi-Tenant IAM Backend Platform

Multi-tenant IAM backend focused on secure organization boundaries — tenant isolation, permission-based RBAC, refresh token rotation, membership modeling, auditability, and protected API access across multiple organizations.

Key focus areas

• Tenant isolation enforced across guards, services, and repository-level queries to prevent cross-tenant object access
• Permission-based RBAC with tenant-scoped memberships, roles, permissions, and explicit route authorization metadata
• Secure authentication flow with JWT access tokens, opaque refresh token rotation, hashed token storage, reuse denial, and expiration checks
• Audit events for authentication, tenant, membership, role, and permission-sensitive mutations
• Operational backend patterns including correlation IDs, safe error responses, strict validation, health/readiness checks, metrics, OpenAPI, and security-focused tests

NestJS · TypeScript · PostgreSQL · Prisma · JWT · RBAC · Docker

Commerce Sync Platform

Integration backend for syncing commerce orders across unreliable external platforms — webhook ingestion, scheduled polling, vendor connectors, rate limits, replayable failures, and canonical order mapping.

Key focus areas

• HMAC-validated webhook ingestion with durable inbox, Redis idempotency, and Kafka handoff for fast acknowledgement and async processing
• Scheduled polling with per-tenant Redis locks, durable sync watermarks, and out-of-order protection using remote update timestamps
• Vendor connector pattern hiding auth, pagination, rate limits, and provider-specific fields behind a stable canonical Order model
• Token-bucket rate limiting in atomic Redis Lua, bounded retries, and durable DLQ with auditable replay endpoint
• OpenTelemetry traces and metrics across API, worker, and scheduler roles, wired to Jaeger, Prometheus, and Grafana

NestJS · TypeScript · PostgreSQL · Drizzle · Kafka · Redis · OpenTelemetry · Docker

PayFlow

Go payment gateway API modeling a regulated payment lifecycle — idempotent commands, state-machine transitions, bank failure handling, distributed rate limiting, and full audit history.

Key focus areas

• Idempotent payment processing with atomic database transactions for payment state, audit trail, and outbox event persistence
• Payment lifecycle modeled through explicit state transitions to prevent invalid status changes and duplicate side effects
• Circuit breaker and retry with exponential backoff and jitter for simulated bank API failures
• Transactional outbox pattern for reliable payment event delivery to Kafka
• Redis + Lua atomic scripts for distributed rate limiting and idempotency coordination

Go · PostgreSQL · Redis · Lua · Kafka · Docker · chi · slog

AI SOC Investigator

Governed AI security investigation system — deterministic threat rules, LLM-assisted triage, prompt-injection guardrails, human approval gates, MCP tooling, and auditable incident response workflows.

Key focus areas

• Multi-agent supervisor pattern with triage, enrichment, and response agents under least-privilege permissions and token budget governance
• Deterministic rules engine for known threat patterns before LLM escalation, reducing unnecessary model calls and hallucination risk
• Input/output guardrails for prompt injection, unsafe actions, and unsupported security conclusions
• Human-in-the-loop approval gates for destructive actions with structured audit trail and trace IDs
• MCP server exposing investigation tools to AI hosts such as Claude Desktop, VS Code, and MCP Inspector

Python · FastAPI · MCP · LLM Integration · Multi-Agent · Pydantic · Docker

Enterprise Microservices Platform

Java/Spring microservices reference implementation focused on distributed consistency — transactional outbox, Kafka inbox/retry/DLQ, gRPC reservation flows, concurrency-safe inventory, and reproducible integration tests.

Key focus areas

• Transactional outbox for reliable Kafka publishing across products and orders without losing events after database commits
• Kafka inbox idempotency with retry/DLQ handling for safe event consumption under at-least-once delivery
• Concurrency-safe inventory reservations using atomic SQL updates, order-level idempotency, and PostgreSQL-backed tests
• Service-to-service communication using Kafka for asynchronous events and gRPC for synchronous reservation flows
• Production-style backend foundations: Flyway migrations, BigDecimal money handling, JWT security, OpenTelemetry, Prometheus, Grafana, and CI

Java · Spring Boot · Apache Kafka · gRPC · PostgreSQL · Redis · Flyway · Testcontainers · OpenTelemetry · Docker

• Prioritize correctness, maintainability, and clarity over feature quantity
• Make explicit design decisions with well-defined boundaries
• Apply the same architectural and testing principles across multiple languages and stacks