Senior Software Developer - backend-focused, based in New Brunswick, Canada. 🇨🇦
I care about getting it done - and getting it right.
Open to new opportunities.
Speaker, Atlantic Security Conference 2026
"Fortune Tiger: A Tale of Subdomain Takeover"
A cleanup script gone wrong deleted a critical S3 redirection bucket, allowing an attacker to claim the globally unique bucket name and hijack a corporate subdomain - serving illegal Fortune Tiger iGaming content to all visitors for 90 minutes before mitigations were in place.
Slides:
I build backend systems and APIs - and I understand them deeply enough to break them too.
6+ years across REST APIs, serverless architectures, data pipelines, and quality engineering.
I've shipped production systems as a sole backend developer and in a team, led security remediations that moved a client from an F to an A ScoreCard rating in one sprint, and built monitoring systems that eliminated customer-reported outages for 12+ months. I also write tests - real ones, not the kind that pass without testing anything.
On AI-assisted development: I use it. I supervise it closely. It helps with the bulk of the work and gets a lot of things wrong. I've learned to treat it like a junior dev: useful, but needs review.
Languages: Python · JavaScript / Node.js · Java · SQL (Postgres, MySQL) · Shell
Frameworks: Next.js · Django · Nest.js · Flask · FastAPI
AWS: Lambda · DynamoDB · S3 · CloudWatch
Testing: Playwright · Cypress · Jest · Pytest · Unittest · JUnit
Observability: Checkly · Prometheus · Grafana
Tools: Docker · Git · GitHub Actions · GraphQL · Prisma
Most of my professional work lives in private repos, but here's what's public:
| Project | What it shows |
|---|---|
| Code Samples | Python from 2019, revisited: OOP, API queries, data processing, unittest + pytest. Found real bugs on the re-test. History matters. |
| AppCheckWizard | My portfolio site, built with Next.js and TypeScript. |
| GNB News Digest | User subscription through e-mail for daily delivery of the news published by the GNB. Scraping with Python (requests + BeautifulSoup), API with Cloudflare Workers (TypeScript), PostgreSQL Database with Neon, E-mail service with Resend, anti-bot: Cloudflare Turnstile. |
| Travel Page | Responsive front-end from a design mockup — infinite carousel with swipe, hamburger menu, pixel-perfect diagonal dividers, pure CSS + vanilla JS. No Bootstrap. No Tailwind. Full build–test–refactor cycle. |
- Joined as backend developer on a nationwide car subscription platform (Kinto Brasil): took ownership in Phase 2 as the sole backend dev, expanding and maintaining REST APIs, webhooks, serverless document processing, and CI/CD — on AWS with Next.js and Lambda.
- Led the effort to raise the SecurityScorecard rating from F (57) to A (94) in a single sprint.
- Built proactive API monitoring (Checkly, Playwright) for client Salesforce integration, detecting undocumented breaking changes and clarifying accountability with evidence.
- Contributed to data streaming pipelines at Azion (Apache Flink + Kafka) processing CDN logs from high-traffic e-commerce at Black Friday scale.
- Selected for ThoughtWorks University - a competitive global training program covering TDD, agile, and consulting practices.