Software Architect focused on Open Source, supply chain security, enterprise automation, and backend/platform systems.
I design and build platforms that make complex OSS ecosystems safer, reproducible, auditable, and governable at enterprise scale. My work connects software architecture, DevSecOps, CI/CD automation, SBOM generation, dependency governance, observability, and distributed systems.
- Open Source governance and software supply chain security
- SBOM generation, normalization, and compliance automation
- Backend and platform architecture for enterprise-scale systems
- Distributed systems, observability, and streaming data pipelines
- Local-first code intelligence and AI-assisted developer tooling
SBOMs · CycloneDX · cdxgen · license analysis · dependency governance · compliance automation · multi-repo controls · DevSecOps
Java 21 · Spring Boot · Reactor · API-first systems · Redis · Docker · GitHub Actions · GitOps · reproducible toolchains · GPG signing
Apache Flink · Kafka · streaming pipelines · metrics processing · alerting platforms · Prometheus · Grafana · operational visibility
Rust · code intelligence · local-first tooling · architecture evidence · AI-assisted engineering workflows
- Build secure and governable systems by design, not as an afterthought.
- Treat reproducibility, auditability, and observability as architectural requirements.
- Prefer explicit boundaries, evidence-backed decisions, and automated controls.
- Design platforms that reduce operational risk and manual compliance effort.
- Optimize for long-term maintainability across multi-language, multi-repo ecosystems.