Updated CV
All checks were successful
CI / build-check (push) Has been skipped
CI / build-and-push (push) Successful in 1m57s

This commit is contained in:
Nik Afiq 2026-03-23 02:01:47 +09:00
parent 1a2e56267d
commit a08219acaa
2 changed files with 99 additions and 93 deletions

View File

@ -8,16 +8,41 @@ nik@nik4nao.com | github.com/nikafiq | nik4nao.com
## PROFESSIONAL SUMMARY
Backend engineer with 3 years of professional experience designing and
operating distributed, high-throughput systems on GCP and AWS. Core
expertise in Go and Python, with hands-on production experience in
event-driven microservices, Kafka-based pipelines, Kubernetes, and
cloud-native data infrastructure. Comfortable operating systems at
hundreds of TPS with reliability and zero-downtime migration
constraints. Trilingual (English, Japanese N1, Malay) — routinely
bridges Japanese and overseas engineering teams. Actively integrates
AI tooling (GitHub Copilot, Gemini, Claude) into daily coding,
review, and documentation workflows.
Backend engineer with 3 years of professional experience designing,
building, and operating distributed backend systems on GCP and AWS.
Strong in Go and Python, with hands-on production experience in
high-throughput event-driven services, Kafka-based pipelines,
Kubernetes, and cloud-native data platforms. Experienced in designing
systems with strict reliability, ordering, idempotency, retry safety,
and production-safe migration requirements. Applies AI/LLM tools with
deliberate guardrails in daily workflows. Trilingual in English,
Japanese (JLPT N1), and Malay. Strong typed-language foundation and
able to ramp quickly into Java backend development.
---
## SELECTED HIGHLIGHTS
- Designed and operated a Kafka + GKE + Cloud Spanner backend pipeline
for correctness-sensitive, high-throughput user data synchronization
with per-account_id ordering, at-least-once delivery, and durable
retry handling.
- Architected event-driven backend services under constraints including
100120 TPS steady load, 600 TPS burst, 1500 TPS downstream cap, and
1500 TPS sustained Spanner read traffic across two production services.
- Achieved ~30% fewer duplicate downstream calls via singleflight
coalescing; separately refactored a 1500 TPS Spanner read service
(hashed phone number lookup, removed non-indexed searches), cutting
CPU by ~30%.
- Built cloud-native platforms across GCP, AWS, and Azure using
Kubernetes, ECS/Fargate, Lambda, Aurora, DynamoDB, and Kafka.
- Bilingual/trilingual engineer (EN/JA/Malay) with daily
cross-functional communication across Japanese and overseas teams.
---
@ -27,98 +52,79 @@ review, and documentation workflows.
### 株式会社ホープス (Hopes Co., Ltd.) — Tokyo
**Backend Engineer** | Aug 2025 Present
Designing and operating a distributed consent management pipeline on
GCP/GKE connecting a high-traffic notification delivery system to a
downstream fulfillment API.
Dispatched to a major domestic telecommunications carrier as part of a
next-generation carrier messaging platform initiative. Designing and
operating a distributed GCP/GKE backend pipeline bridging high-volume
upstream message delivery with a downstream consent fulfillment API.
- Proposed and led adoption of a Kafka-based queuing architecture
to handle concurrent notification fan-out, identifying it as the
correct solution for account_id ordering under 2040 TPS load
- Designed the request coalescing strategy using singleflight to
suppress duplicate in-flight downstream calls per account_id
- Architected the full event-driven pipeline: GKE + Managed Kafka
(8 partitions, keyed by account_id) + Cloud Spanner, with a
200 TPS global cap and 10-second downstream timeout budget
- Designed graceful shutdown sequence for the consumer service,
ensuring in-flight requests complete cleanly before pod termination
- Designed reliable offset commit ordering: offsets committed only
after durable Spanner write, ensuring at-least-once delivery with
no data loss on crash
- Implemented retry cronjob requeuing up to 5 failed Spanner rows
back to Kafka every 5 minutes with configurable backoff
- Designed a zero-downtime interleaved index migration on a Cloud
Spanner accounts table under 400 TPS sustained read traffic
- Designed OpenTelemetry integration with Datadog, defining trace,
span, and metrics strategy across services; integrated with Wiz
for unified observability and security posture
- Built CI pipeline with semantic version tag enforcement — prevents
image tag overwrites while allowing latest to update freely;
scoped Workload Identity permissions to read-only minimum
- Led performance testing with Locust (40 TPS steady / 120 TPS
burst); applied results to right-size GKE CPU/memory configs
- Led TDD adoption for the team and authored development guidelines
covering milestone structure, ticket definition-of-done standards,
and code review expectations
- Identified a 1-month deadline slip during mob programming,
escalated to leadership, facilitated full task breakdown and
schedule re-baseline across the team
- Stepped up as informal tech lead during a leadership gap —
created progression guidelines, maintained ticket quality, and
kept formal leadership informed of all decisions and scope
- Tasked with onboarding and upskilling Phase 2 application team
members to raise codebase quality ahead of next release
- Proposed and led adoption of a Kafka-based queuing architecture;
designed the end-to-end pipeline with GKE, Managed Kafka
(8 partitions keyed by account_id), and Cloud Spanner under a
1500 TPS downstream global cap with strict per-account_id ordering
- Designed request coalescing with singleflight, reliable offset commit
ordering (offsets committed only after durable Spanner writes),
graceful shutdown, and a cronjob-based retry pipeline — achieving
at-least-once delivery with no data loss on crash
- Refactored the user-info-fetch API (a separate Spanner read service
accessed by the Gateway aggregator team at 1500 TPS): guided a junior
engineer through initial implementation, then led a full refactor
introducing hashed phone number lookup, removing non-indexed searches,
and tuning indexes — cutting CPU usage by ~30% under sustained load
- Led Locust performance testing at 120 TPS steady and 600 TPS burst;
used results to right-size GKE CPU and memory for stable production
behavior
- Designed OpenTelemetry + Datadog + Wiz observability stack; built CI
controls with semantic version tag enforcement and least-privilege
Workload Identity
- Led TDD adoption, authored team dev guidelines, identified and
escalated a 1-month deadline slip, and stepped up as informal tech
lead during a leadership gap
- Applied AI tools (Copilot, Claude, Gemini, ChatGPT) in daily
workflows with deliberate guardrails: output validated through testing
and review, AI excluded from security-sensitive logic
### 株式会社ニッポンダイナミックシステムズ — Tokyo
**Full Stack Engineer, IT Solutions — Pharma Market Team**
| Apr 2023 Jul 2025
- Built a scalable analytical DWH on Amazon Aurora (RDS) for a
pharmaceutical client, integrating Salesforce and multiple
external data sources via daily/weekly ETL batch pipelines using
ECS/Fargate and Lambda; designed for HA with Multi-AZ failover
- Constructed a SaaS data lake using AWS CDK + Glue +
TypeScript/Python, fully automating ETL ingestion across
heterogeneous data sources
- Developed an internal AI application using AWS Bedrock (Claude
Sonnet) + React, implementing RAG-based document retrieval and
SES-based user matching in a small cross-functional team
- Built a license authentication service (Node.js + Docker + Azure
Web Apps + ADB2C), owning requirements definition, auth logic
design, and client-facing communication
- Designed and automated monthly maintenance operations: AMI image
updates, security patching, automated regression testing, and
blue/green deployments via AWS CodePipeline and Azure Pipelines
- Conducted Docker image vulnerability scanning as part of CI/CD
pipeline; managed VPC, WAF, and Security Group configurations
- Mentored junior engineers on cloud architecture patterns;
functioned as bilingual (EN/JA) liaison between domestic and
overseas engineering teams
Backend, cloud infrastructure, data platforms, and internal application
development for enterprise clients, primarily on AWS with some
Azure-based delivery.
- Built a scalable analytical DWH on Amazon Aurora for a pharmaceutical
client, integrating Salesforce and multiple external sources via
ECS/Fargate and Lambda ETL pipelines; designed for HA with Multi-AZ
failover
- Constructed a SaaS data lake using AWS CDK, Glue, TypeScript, and
Python, automating ETL ingestion across heterogeneous data sources
- Built a license authentication service using Node.js, Docker, Azure
Web Apps, and Azure AD B2C; owned requirements definition through
client delivery
- Automated monthly maintenance operations (AMI updates, patching,
regression testing, blue/green deployments) via AWS CodePipeline and
Azure Pipelines
- Mentored junior engineers on cloud architecture; functioned as
bilingual (EN/JA) liaison between domestic and overseas engineering
teams
---
## SKILLS
**Languages:** Go, Python, TypeScript/JavaScript
**Frameworks:** Gin, Flask, Next.js, Node.js
**Cloud — AWS:** ECS/Fargate, Lambda, Aurora/RDS, DynamoDB, Glue,
CDK, CodePipeline, Bedrock, Secrets Manager
**Cloud — GCP:** GKE, Cloud Spanner, Managed Kafka, BigQuery,
Cloud Trace
**Cloud — Azure:** Web Apps, ADB2C, Azure Pipelines
**Data:** MySQL, Aurora, PostgreSQL, DynamoDB, Cloud Spanner,
Kafka, Redis
**DevOps:** Docker, Kubernetes, ArgoCD, CI/CD, IaC (AWS CDK,
Ansible)
**Observability:** OpenTelemetry, Datadog, distributed tracing
**AI Tooling:** GitHub Copilot (daily coding + code review),
Gemini (documentation + research), Claude (architecture
reasoning + coding), AWS Bedrock RAG (production)
**Security:** VPC, WAF, Security Groups, Secrets Manager,
Workload Identity, Wiz, Docker vulnerability scanning
**Other:** Homelab (k3s, self-hosted services, Ansible/IaC),
personal dev blog at nik4nao.com
| Category | Details |
|---|---|
| **Languages** | Go, Python, TypeScript/JavaScript, Java (learning; strong typed-language foundation) |
| **Backend** | Distributed systems, event-driven architecture, REST APIs, pub/sub, concurrency, retry design, idempotency, fault tolerance |
| **Cloud — AWS** | ECS/Fargate, Lambda, Aurora/RDS, DynamoDB, Glue, CDK, CodePipeline, Bedrock, Secrets Manager |
| **Cloud — GCP** | GKE, Cloud Spanner, Managed Kafka, BigQuery, Cloud Trace |
| **Cloud — Azure** | Web Apps, ADB2C, Azure Pipelines |
| **Data** | MySQL, Aurora, PostgreSQL, DynamoDB, Cloud Spanner, Kafka, Redis |
| **DevOps** | Docker, Kubernetes, ArgoCD, CI/CD, IaC (Terraform, AWS CDK, Ansible) |
| **Observability** | OpenTelemetry, Datadog, distributed tracing |
| **AI Tooling** | GitHub Copilot, ChatGPT, Gemini, Claude — applied with guardrails: test-validated output, excluded from security-critical paths |
| **Security** | VPC, WAF, Security Groups, Secrets Manager, Workload Identity, Wiz |
---
@ -146,12 +152,12 @@ Major: Electrical and Electronic Engineering
Minor: Information Technology
Graduated: March 2023
---
## ADDITIONAL
- **Languages:** English (business), Japanese (JLPT N1), Malay (native)
- **Homelab:** Self-hosted k3s cluster, Gitea, Jellyfin, Cloudflare
Tunnel, Ansible-based IaC on Minisforum UM790 Pro
- **Languages:** English (business), Japanese (business, JLPT N1), Malay (native)
- **Homelab:** Self-hosted k3s cluster, Gitea, Ansible/IaC, ArgoCD —
gitea.nik4nao.com (mirrored to github.com/nikafiq)
- **Dev blog / personal site:** nik4nao.com
- **Self-hosted Git:** gitea.nik4nao.com (mirrored to github.com/nikafiq)

Binary file not shown.