Updated CV
All checks were successful
CI / build-check (push) Has been skipped
CI / build-and-push (push) Successful in 1m57s

This commit is contained in:
Nik Afiq 2026-03-23 02:01:47 +09:00
parent 1a2e56267d
commit a08219acaa
2 changed files with 99 additions and 93 deletions

View File

@ -8,16 +8,41 @@ nik@nik4nao.com | github.com/nikafiq | nik4nao.com
## PROFESSIONAL SUMMARY ## PROFESSIONAL SUMMARY
Backend engineer with 3 years of professional experience designing and Backend engineer with 3 years of professional experience designing,
operating distributed, high-throughput systems on GCP and AWS. Core building, and operating distributed backend systems on GCP and AWS.
expertise in Go and Python, with hands-on production experience in Strong in Go and Python, with hands-on production experience in
event-driven microservices, Kafka-based pipelines, Kubernetes, and high-throughput event-driven services, Kafka-based pipelines,
cloud-native data infrastructure. Comfortable operating systems at Kubernetes, and cloud-native data platforms. Experienced in designing
hundreds of TPS with reliability and zero-downtime migration systems with strict reliability, ordering, idempotency, retry safety,
constraints. Trilingual (English, Japanese N1, Malay) — routinely and production-safe migration requirements. Applies AI/LLM tools with
bridges Japanese and overseas engineering teams. Actively integrates deliberate guardrails in daily workflows. Trilingual in English,
AI tooling (GitHub Copilot, Gemini, Claude) into daily coding, Japanese (JLPT N1), and Malay. Strong typed-language foundation and
review, and documentation workflows. able to ramp quickly into Java backend development.
---
## SELECTED HIGHLIGHTS
- Designed and operated a Kafka + GKE + Cloud Spanner backend pipeline
for correctness-sensitive, high-throughput user data synchronization
with per-account_id ordering, at-least-once delivery, and durable
retry handling.
- Architected event-driven backend services under constraints including
100120 TPS steady load, 600 TPS burst, 1500 TPS downstream cap, and
1500 TPS sustained Spanner read traffic across two production services.
- Achieved ~30% fewer duplicate downstream calls via singleflight
coalescing; separately refactored a 1500 TPS Spanner read service
(hashed phone number lookup, removed non-indexed searches), cutting
CPU by ~30%.
- Built cloud-native platforms across GCP, AWS, and Azure using
Kubernetes, ECS/Fargate, Lambda, Aurora, DynamoDB, and Kafka.
- Bilingual/trilingual engineer (EN/JA/Malay) with daily
cross-functional communication across Japanese and overseas teams.
--- ---
@ -27,98 +52,79 @@ review, and documentation workflows.
### 株式会社ホープス (Hopes Co., Ltd.) — Tokyo ### 株式会社ホープス (Hopes Co., Ltd.) — Tokyo
**Backend Engineer** | Aug 2025 Present **Backend Engineer** | Aug 2025 Present
Designing and operating a distributed consent management pipeline on Dispatched to a major domestic telecommunications carrier as part of a
GCP/GKE connecting a high-traffic notification delivery system to a next-generation carrier messaging platform initiative. Designing and
downstream fulfillment API. operating a distributed GCP/GKE backend pipeline bridging high-volume
upstream message delivery with a downstream consent fulfillment API.
- Proposed and led adoption of a Kafka-based queuing architecture - Proposed and led adoption of a Kafka-based queuing architecture;
to handle concurrent notification fan-out, identifying it as the designed the end-to-end pipeline with GKE, Managed Kafka
correct solution for account_id ordering under 2040 TPS load (8 partitions keyed by account_id), and Cloud Spanner under a
- Designed the request coalescing strategy using singleflight to 1500 TPS downstream global cap with strict per-account_id ordering
suppress duplicate in-flight downstream calls per account_id - Designed request coalescing with singleflight, reliable offset commit
- Architected the full event-driven pipeline: GKE + Managed Kafka ordering (offsets committed only after durable Spanner writes),
(8 partitions, keyed by account_id) + Cloud Spanner, with a graceful shutdown, and a cronjob-based retry pipeline — achieving
200 TPS global cap and 10-second downstream timeout budget at-least-once delivery with no data loss on crash
- Designed graceful shutdown sequence for the consumer service, - Refactored the user-info-fetch API (a separate Spanner read service
ensuring in-flight requests complete cleanly before pod termination accessed by the Gateway aggregator team at 1500 TPS): guided a junior
- Designed reliable offset commit ordering: offsets committed only engineer through initial implementation, then led a full refactor
after durable Spanner write, ensuring at-least-once delivery with introducing hashed phone number lookup, removing non-indexed searches,
no data loss on crash and tuning indexes — cutting CPU usage by ~30% under sustained load
- Implemented retry cronjob requeuing up to 5 failed Spanner rows - Led Locust performance testing at 120 TPS steady and 600 TPS burst;
back to Kafka every 5 minutes with configurable backoff used results to right-size GKE CPU and memory for stable production
- Designed a zero-downtime interleaved index migration on a Cloud behavior
Spanner accounts table under 400 TPS sustained read traffic - Designed OpenTelemetry + Datadog + Wiz observability stack; built CI
- Designed OpenTelemetry integration with Datadog, defining trace, controls with semantic version tag enforcement and least-privilege
span, and metrics strategy across services; integrated with Wiz Workload Identity
for unified observability and security posture - Led TDD adoption, authored team dev guidelines, identified and
- Built CI pipeline with semantic version tag enforcement — prevents escalated a 1-month deadline slip, and stepped up as informal tech
image tag overwrites while allowing latest to update freely; lead during a leadership gap
scoped Workload Identity permissions to read-only minimum - Applied AI tools (Copilot, Claude, Gemini, ChatGPT) in daily
- Led performance testing with Locust (40 TPS steady / 120 TPS workflows with deliberate guardrails: output validated through testing
burst); applied results to right-size GKE CPU/memory configs and review, AI excluded from security-sensitive logic
- Led TDD adoption for the team and authored development guidelines
covering milestone structure, ticket definition-of-done standards,
and code review expectations
- Identified a 1-month deadline slip during mob programming,
escalated to leadership, facilitated full task breakdown and
schedule re-baseline across the team
- Stepped up as informal tech lead during a leadership gap —
created progression guidelines, maintained ticket quality, and
kept formal leadership informed of all decisions and scope
- Tasked with onboarding and upskilling Phase 2 application team
members to raise codebase quality ahead of next release
### 株式会社ニッポンダイナミックシステムズ — Tokyo ### 株式会社ニッポンダイナミックシステムズ — Tokyo
**Full Stack Engineer, IT Solutions — Pharma Market Team** **Full Stack Engineer, IT Solutions — Pharma Market Team**
| Apr 2023 Jul 2025 | Apr 2023 Jul 2025
- Built a scalable analytical DWH on Amazon Aurora (RDS) for a Backend, cloud infrastructure, data platforms, and internal application
pharmaceutical client, integrating Salesforce and multiple development for enterprise clients, primarily on AWS with some
external data sources via daily/weekly ETL batch pipelines using Azure-based delivery.
ECS/Fargate and Lambda; designed for HA with Multi-AZ failover
- Constructed a SaaS data lake using AWS CDK + Glue + - Built a scalable analytical DWH on Amazon Aurora for a pharmaceutical
TypeScript/Python, fully automating ETL ingestion across client, integrating Salesforce and multiple external sources via
heterogeneous data sources ECS/Fargate and Lambda ETL pipelines; designed for HA with Multi-AZ
- Developed an internal AI application using AWS Bedrock (Claude failover
Sonnet) + React, implementing RAG-based document retrieval and - Constructed a SaaS data lake using AWS CDK, Glue, TypeScript, and
SES-based user matching in a small cross-functional team Python, automating ETL ingestion across heterogeneous data sources
- Built a license authentication service (Node.js + Docker + Azure - Built a license authentication service using Node.js, Docker, Azure
Web Apps + ADB2C), owning requirements definition, auth logic Web Apps, and Azure AD B2C; owned requirements definition through
design, and client-facing communication client delivery
- Designed and automated monthly maintenance operations: AMI image - Automated monthly maintenance operations (AMI updates, patching,
updates, security patching, automated regression testing, and regression testing, blue/green deployments) via AWS CodePipeline and
blue/green deployments via AWS CodePipeline and Azure Pipelines Azure Pipelines
- Conducted Docker image vulnerability scanning as part of CI/CD - Mentored junior engineers on cloud architecture; functioned as
pipeline; managed VPC, WAF, and Security Group configurations bilingual (EN/JA) liaison between domestic and overseas engineering
- Mentored junior engineers on cloud architecture patterns; teams
functioned as bilingual (EN/JA) liaison between domestic and
overseas engineering teams
--- ---
## SKILLS ## SKILLS
**Languages:** Go, Python, TypeScript/JavaScript | Category | Details |
**Frameworks:** Gin, Flask, Next.js, Node.js |---|---|
**Cloud — AWS:** ECS/Fargate, Lambda, Aurora/RDS, DynamoDB, Glue, | **Languages** | Go, Python, TypeScript/JavaScript, Java (learning; strong typed-language foundation) |
CDK, CodePipeline, Bedrock, Secrets Manager | **Backend** | Distributed systems, event-driven architecture, REST APIs, pub/sub, concurrency, retry design, idempotency, fault tolerance |
**Cloud — GCP:** GKE, Cloud Spanner, Managed Kafka, BigQuery, | **Cloud — AWS** | ECS/Fargate, Lambda, Aurora/RDS, DynamoDB, Glue, CDK, CodePipeline, Bedrock, Secrets Manager |
Cloud Trace | **Cloud — GCP** | GKE, Cloud Spanner, Managed Kafka, BigQuery, Cloud Trace |
**Cloud — Azure:** Web Apps, ADB2C, Azure Pipelines | **Cloud — Azure** | Web Apps, ADB2C, Azure Pipelines |
**Data:** MySQL, Aurora, PostgreSQL, DynamoDB, Cloud Spanner, | **Data** | MySQL, Aurora, PostgreSQL, DynamoDB, Cloud Spanner, Kafka, Redis |
Kafka, Redis | **DevOps** | Docker, Kubernetes, ArgoCD, CI/CD, IaC (Terraform, AWS CDK, Ansible) |
**DevOps:** Docker, Kubernetes, ArgoCD, CI/CD, IaC (AWS CDK, | **Observability** | OpenTelemetry, Datadog, distributed tracing |
Ansible) | **AI Tooling** | GitHub Copilot, ChatGPT, Gemini, Claude — applied with guardrails: test-validated output, excluded from security-critical paths |
**Observability:** OpenTelemetry, Datadog, distributed tracing | **Security** | VPC, WAF, Security Groups, Secrets Manager, Workload Identity, Wiz |
**AI Tooling:** GitHub Copilot (daily coding + code review),
Gemini (documentation + research), Claude (architecture
reasoning + coding), AWS Bedrock RAG (production)
**Security:** VPC, WAF, Security Groups, Secrets Manager,
Workload Identity, Wiz, Docker vulnerability scanning
**Other:** Homelab (k3s, self-hosted services, Ansible/IaC),
personal dev blog at nik4nao.com
--- ---
@ -146,12 +152,12 @@ Major: Electrical and Electronic Engineering
Minor: Information Technology Minor: Information Technology
Graduated: March 2023 Graduated: March 2023
--- ---
## ADDITIONAL ## ADDITIONAL
- **Languages:** English (business), Japanese (JLPT N1), Malay (native) - **Languages:** English (business), Japanese (business, JLPT N1), Malay (native)
- **Homelab:** Self-hosted k3s cluster, Gitea, Jellyfin, Cloudflare - **Homelab:** Self-hosted k3s cluster, Gitea, Ansible/IaC, ArgoCD —
Tunnel, Ansible-based IaC on Minisforum UM790 Pro gitea.nik4nao.com (mirrored to github.com/nikafiq)
- **Dev blog / personal site:** nik4nao.com - **Dev blog / personal site:** nik4nao.com
- **Self-hosted Git:** gitea.nik4nao.com (mirrored to github.com/nikafiq)

Binary file not shown.