diff --git a/content/cv.md b/content/cv.md index 5379963..2530047 100644 --- a/content/cv.md +++ b/content/cv.md @@ -1,10 +1,3 @@ ---- -title: "CV" -type: "cv" -date: 2026-03-17 -draft: false ---- - # NIK AFIQ Tokyo, Japan @@ -38,23 +31,42 @@ Designing and operating a distributed RCS consent management pipeline (SO→FoRCE) on GCP/GKE connecting a high-traffic notice delivery system to a downstream fulfillment API. -- Architected an event-driven pipeline using GKE + Managed Kafka - (8 partitions, keyed by account_id) + Cloud Spanner, handling a - global cap of 200 TPS with a 10-second downstream timeout budget -- Built the Go consumer service (so-notice-receiver) with - singleflight coalescing to prevent duplicate in-flight requests, - and circuit breaker logic to shed load under downstream failure +- Proposed and led adoption of a Kafka-based queuing architecture + to handle concurrent notification fan-out, identifying it as the + correct solution for account_id ordering under 20–40 TPS load +- Designed the request coalescing strategy using singleflight to + suppress duplicate in-flight downstream calls per account_id +- Architected the full event-driven pipeline: GKE + Managed Kafka + (8 partitions, keyed by account_id) + Cloud Spanner, with a + 200 TPS global cap and 10-second downstream timeout budget +- Designed graceful shutdown sequence for the consumer service, + ensuring in-flight requests complete cleanly before pod termination - Designed reliable offset commit ordering: offsets committed only after durable Spanner write, ensuring at-least-once delivery with no data loss on crash -- Implemented a retry cronjob requeuing up to 5 failed Spanner rows - back to Kafka every 5 minutes, with configurable backoff +- Implemented retry cronjob requeuing up to 5 failed Spanner rows + back to Kafka every 5 minutes with configurable backoff - Designed a zero-downtime interleaved index migration on a Cloud Spanner accounts table under 400 TPS sustained read traffic -- Right-sized GKE resource configs (CPU/memory requests and limits) - from Locust load test data at 40 TPS steady / 120 TPS burst -- Propagated distributed traces across service boundaries for - end-to-end production observability +- Designed OpenTelemetry integration with Datadog, defining trace, + span, and metrics strategy across services; integrated with Wiz + for unified observability and security posture +- Built CI pipeline with semantic version tag enforcement — prevents + image tag overwrites while allowing latest to update freely; + scoped Workload Identity permissions to read-only minimum +- Led performance testing with Locust (40 TPS steady / 120 TPS + burst); applied results to right-size GKE CPU/memory configs +- Led TDD adoption for the team and authored development guidelines + covering milestone structure, ticket definition-of-done standards, + and code review expectations +- Identified a 1-month deadline slip during mob programming, + escalated to leadership, facilitated full task breakdown and + schedule re-baseline across the team +- Stepped up as informal tech lead during a leadership gap — + created progression guidelines, maintained ticket quality, and + kept formal leadership informed of all decisions and scope +- Tasked with onboarding and upskilling Phase 2 application team + members to raise codebase quality ahead of next release ### 株式会社ニッポンダイナミックシステムズ — Tokyo @@ -92,18 +104,20 @@ system to a downstream fulfillment API. **Frameworks:** Gin, Flask, Next.js, Node.js **Cloud — AWS:** ECS/Fargate, Lambda, Aurora/RDS, DynamoDB, Glue, CDK, CodePipeline, Bedrock, Secrets Manager -**Cloud — GCP:** GKE, Cloud Spanner, Managed Kafka (Pub/Sub), - BigQuery, Cloud Trace +**Cloud — GCP:** GKE, Cloud Spanner, Managed Kafka, BigQuery, + Cloud Trace **Cloud — Azure:** Web Apps, ADB2C, Azure Pipelines **Data:** MySQL, Aurora, PostgreSQL, DynamoDB, Cloud Spanner, Kafka, Redis -**DevOps:** Docker, Kubernetes, ArgoCD, CI/CD, IaC (AWS CDK) -**Observability:** Distributed tracing, ELK stack, Kibana +**DevOps:** Docker, Kubernetes, ArgoCD, CI/CD, IaC (AWS CDK, + Ansible) +**Observability:** OpenTelemetry, Datadog, distributed tracing, + ELK stack, Kibana **AI Tooling:** GitHub Copilot (daily coding + code review), Gemini (documentation + research), Claude (architecture reasoning + coding), AWS Bedrock RAG (production) **Security:** VPC, WAF, Security Groups, Secrets Manager, - Docker vulnerability scanning + Workload Identity, Wiz, Docker vulnerability scanning **Other:** Homelab (k3s, self-hosted services, Ansible/IaC), personal dev blog at nik4nao.com @@ -146,4 +160,4 @@ added IT minor upon return.* - **Homelab:** Self-hosted k3s cluster, Gitea, Jellyfin, Cloudflare Tunnel, Ansible-based IaC on Minisforum UM790 Pro - **Dev blog / personal site:** nik4nao.com -- **Self-hosted Git:** git.nik4nao.com (mirrored to github.com/nikafiq) \ No newline at end of file +- **Self-hosted Git:** gitea.nik4nao.com (mirrored to github.com/nikafiq) diff --git a/static/cv/nik-afiq-cv.pdf b/static/cv/nik-afiq-cv.pdf new file mode 100644 index 0000000..4a770fd Binary files /dev/null and b/static/cv/nik-afiq-cv.pdf differ