- Re-architected a legacy Python service into a real-time Go identity resolver that classifies users into tenants and organizational groups using email domain rules, directory group memberships, and Redis-cached lookup lists, processing 100M+ daily requests to power downstream AI detection models. Delivered low-latency lookups, eliminated a 24-hour data-staleness dependency, and built the dashboards and production alerts keeping it healthy at scale.
- Designed and built a pipeline (Go → Kafka → PostgreSQL) that reports per-job record counts for a distributed event hydration service processing 200M+ events/day across 3M batches, unblocking downstream teams that depend on these counts. Worker replicas publish partial counts that a consumer aggregates per job, isolated from the hydration path on failure, with Grafana dashboards, production alerts, internal tooling, and a documented REST API.
- Built CLI tooling and a Claude Code skill for deterministic, staged feature-flag rollouts from 5% to 100% batches, significantly reducing deployment risk.
- Led a time-critical Microsoft 365 security-alerts API migration after upstream endpoint deprecation, coordinating with other teams to stabilize and restore alert ingestion.
Backend · Distributed Systems · IAM
Software engineer building identity and backend systems at scale.
I work on high-throughput services, distributed infrastructure, and security-sensitive product surfaces, with recent focus on real-time identity resolution, IAM, and safe production rollouts.
Systems
Backend work should make the product faster, simpler to operate, and easier to reason about under load.
Production
I care about boring releases, observable behavior, rollback paths, and changes that survive contact with real traffic.
Identity
Recent work sits close to trust boundaries: IAM, authorization, security-sensitive APIs, and identity resolution at scale.
Experience
Full engineering history
- Led the design and rollout of M2M Access for Organizations and delivered two critical security fixes that protected customers from high-impact vulnerabilities.
- Engineered core IAM features, including JWT for Client Authentication and Fine-Grained Machine-to-Machine Token Quotas, from architectural design to at-scale implementation, ensuring high reliability through performance tuning, query optimization, and load testing.
- Conducted technical interviews for engineering candidates, evaluating system design and coding proficiency to support team expansion.
- Architected and delivered Node.js microservices for franchise operations, including staffing and inventory, driving features end-to-end from initial system design to deployment on AWS EKS Kubernetes clusters.
- Engineered containerized .NET and Node.js backend services using event sourcing for a port vehicle logistics platform.
- Owned frontend development of React and React Native MVP applications for port vehicle management, partnering directly with the CTO and clients to evolve early prototypes into production-ready software.
- Developed full-stack web and mobile applications with Angular and Spring Boot for a leading insurance provider, collaborating with cross-functional stakeholders to translate complex business requirements into scalable technical solutions.
Skills
Backend-first stack
Backend & Systems
GoNode.js.NETgRPCKafkaDistributed SystemsMicroservicesEvent Sourcing
Identity & Security
IAMOAuth2OpenID ConnectJWTM2M AuthSecurity Reviews
Cloud & Data
KubernetesDockerAWSAzurePostgreSQLMongoDBDatadogGrafanaSnowflake
Frontend
TypeScriptReactReact NativeAngular
Education
B.Eng. Civil Engineering
Universitat Politecnica de Valencia · 2013 - 2019 · ABET accredited