I build enterprise software from idea to production.
Ten years of designing, building, and operating secure, scalable platforms for government, energy, and healthcare — and shipping my own production SaaS. I solve business problems with software, not just tickets with code.

I'm hired to own software products — architecture to operations.
I specialize in enterprise software: systems with real users, real money, and real compliance requirements. My work sits at the intersection of architecture and delivery — I design systems that hold up over years, then build and ship them myself.
Companies bring me in when they need someone who thinks in products, not tasks: clean, framework-independent architecture; security designed in from the start; cloud infrastructure that a small team can actually operate; and code the next engineer can maintain without me in the room.
I treat AI-assisted development as a core engineering skill — I use it daily for architecture exploration, testing, and speed, with the judgment to know what to keep and what to throw away. Long-term thinking is the through-line: I optimize for the total cost of a system over its life, not the demo.
One person. One complete enterprise platform.
Proof, in production: I architected, designed, built, deployed, and now operate a full SaaS platform — every layer, every decision.
JJT — Child Education Sponsorship Platform
sponsorone.app ↗Education NGOs run sponsorships on spreadsheets, WhatsApp, and paper receipts — no audit trail, no donor accountability, reconciliation done by hand. JJT replaces all of it: every payment recorded against an immutable ledger, every sponsor seeing exactly where their money went, every action auditable for board and regulatory review — including Islamic-compliant Zakat tracking.
- Clean Architecture — framework-free domain layer; JPA never crosses into business logic
- Append-only financial ledger — immutability enforced at both domain and PostgreSQL levels
- Security by design — memory-only access tokens, rotating hashed refresh tokens, claims-scoped data access
- Multi-tenant & compliance-ready — organisation scoping on every table; system-wide immutable audit trail
Not what I built — how I solved it.
Each case study walks through the problem, the architecture, the hard decisions, and what the business got out of it.
JJT Platform
Problem: sponsorship money moving with no audit trail. Solution: an append-only ledger enforced at the database level, claims-scoped access, and full reconciliation — built solo, live in production.
TAMM Platform
Problem: multiple product teams shipping inconsistent frontends at government scale. Solution: a shared component library, design system, and CI/CD standards that cut deployment time ~30%.
Halliburton Digital Well
Problem: real-time well data over unstable field networks. Solution: resilient WebSocket streams with backoff, versioned APIs, and an aggregation layer that cut response times ~15%.
How I build — the part that doesn't show up in a stack list.
Clean boundaries, boring core
Domain logic stays framework-free. Frameworks, databases, and clouds are replaceable details at the edges — that's what makes a system last a decade.
Security by design
Auth, access control, and data scoping are architecture — not features added later. Claims-scoped access means parameter manipulation simply can't work.
Invariants enforced twice
Critical rules — like an append-only financial ledger — live in the domain model and again at the database level. Guarantees you can't bypass, even by accident.
CI/CD as a product
Pipelines, environments, and observability get the same design care as user features. Teams ship faster when the path to production is engineered, not improvised.
Test against reality
Integration tests run against a real database (Testcontainers), not mocks. If the test doesn't exercise the real behavior, it's documentation, not verification.
Decisions are documented
Architecture decision records and C4 diagrams keep the "why" alive after the meeting ends. A system nobody can explain is a liability, however well it runs.
Optimize for the next engineer
Code is read far more than written. I design systems the next engineer can maintain without me in the room — that's the real measure of quality.
AI-assisted, engineer-verified
AI accelerates exploration, testing, and delivery — but every line ships under engineering judgment. The skill is knowing what to keep.
AI is part of how I engineer — not a bullet point.
I work daily with Copilot, Claude, and GPT-based tools across the development cycle — and my ML coursework background (NumPy, Pandas, Scikit-learn, TensorFlow) means I understand what's underneath, not just the prompt box.
A decade of increasing ownership.
Elm Company
- Own the frontend architecture for the TAMM government platform — the shared component library, design system, and coding standards that every Angular and React product team builds on.
- Build and maintain the backend APIs (Java Spring Boot, Node.js/NestJS) that connect government systems to citizen-facing apps at national scale, with PostgreSQL and MongoDB per service.
- Designed platform-wide authentication: JWT/OAuth2, role-based access control, and API key management for third-party integrations — plus WebSocket infrastructure for real-time notifications.
- Rebuilt CI/CD pipelines across product teams (GitHub Actions, GitLab CI), cutting deployment time ~30%; profiling and bundle work delivered 20–25% performance gains across several products.
- Run containerised deployments on AWS, Kubernetes, and OpenShift with Datadog observability designed to catch problems before users see them.
- Mentor engineers, run code reviews, and write ADRs and system diagrams so the architecture outlives any one person — including me.
LMKR
- Built mission-critical software for Halliburton's Digital Well Program — well planning and daily operations tools drilling engineers depend on.
- Designed versioned REST and GraphQL APIs so evolving the system never broke existing clients — an early lesson in designing for change.
- Engineered real-time well monitoring over WebSocket streams with retry and exponential backoff, built for unstable field networks where naive implementations fail.
- Consolidated scattered backend calls into a single aggregation layer, cutting API response times ~15%; refactored a legacy Node.js codebase into independently deployable services.
RISETech
- Built enterprise Angular and React applications for healthcare and IoT clients — domains where correctness and security are non-negotiable.
- Implemented authentication and role-based access control end to end: JWT, route guards, session management, secure API access.
- Developed real-time dashboards on RxJS streams with error handling and automatic retry; replaced manual deployments with Docker pipelines for consistent environments.
Deep where it matters.
The core I'd bet a product on — plus the surrounding toolkit.
Extensive coursework in Python for machine learning and data analysis — NumPy, Pandas, Scikit-learn, and TensorFlow/Keras.
Have a product that needs an owner?
Open to senior engineering and architecture roles. The fastest way to reach me is email — I'll get back to you quickly.