About
I design and operate secure, scalable backend systems for enterprise and government platforms.
Hands-on Technical Lead and Solution Architect with 8+ years of experience designing, building, and operating secure, scalable, and high-availability systems across enterprise and government environments. Currently at Terato Tech Sdn Bhd, owning end-to-end solution architecture across applications, APIs, CMS platforms, cloud infrastructure, CI/CD, and security.
Highlights
API-First Architecture
Headless CMS & RESTful APIs powering mobile and web platforms
Laravel / PHPDevSecOps & SSDLC
SAST via SonarQube, CI/CD quality gates, secure coding standards
SecurityCloud & Migration
AWS, Alibaba Cloud, Kubernetes — on-prem to cloud transitions
InfrastructureTechnical Leadership
20+ tender proposals, 80% top-3 rate, primary escalation point
LeadershipEngineering Philosophy
How I think about systems
Architecture First
Every system starts with a clear architecture blueprint. I design for clarity, not cleverness.
Security by Design
Security is not a phase. It is embedded from requirements through deployment via SSDLC and SAST enforcement.
API-First Thinking
Decouple early, integrate cleanly. APIs are contracts — versioned, documented, and tested.
Long-Term Maintainability
I optimize for the engineer who inherits the system in 3 years, not just the sprint deadline.
Tech Stack
Tools I work with
Technologies and platforms used across production systems — selected for reliability, not trends.
Languages
Frameworks & Libraries
Databases
Cloud & Infrastructure
DevOps & Tools
Experience
Career timeline
Work Experience
Apr 2021 – Present
Lead Back-End Developer / Tech Lead
Terato Tech Sdn Bhd
Owning end-to-end solution architecture across applications, APIs, CMS platforms, cloud infrastructure, CI/CD, and security for enterprise and government systems.
- Lead end-to-end solution architecture across 20+ projects covering application, API, CMS, cloud, infrastructure, and security layers
- Define and enforce Secure Software Development Lifecycle (SSDLC) across requirements, design, development, testing, and deployment
- Establish code-level security practices including secure coding guidelines, dependency risk management, and SAST via self-hosted SonarQube
- Integrate SAST into CI/CD pipelines and enforce quality gates to maintain security and code quality standards
- Design scalable CMS and API architectures, including migration from traditional CMS to Headless CMS and API-first models
- Architect, manage, and monitor dedicated servers and cloud environments for reliability, observability, and cost efficiency
- Lead technical solution design for 20+ tender proposals, achieving an 80% top-3 shortlisting rate
- Act as the primary technical escalation point across all active projects
Jan 2020 – Apr 2021
Senior Software Engineer
Terato Tech Sdn Bhd
Led CMS and API platform management for enterprise clients, with focus on system overhauls and infrastructure reliability.
- Led management and maintenance of CMS and API platforms for Air Selangor
- Overhauled and upgraded Kitajaga CMS to a more efficient and maintainable platform
- Set up and configured dedicated servers to support performance and reliability requirements
- Monitored server and cloud resources to ensure system stability and performance optimization
- Provided continuous technical support across multiple production systems
Jan 2017 – Jan 2020
Software Engineer
Terato Tech Sdn Bhd
Full-stack development spanning Android and Laravel, from on-premise monoliths to cloud-native Kubernetes deployments.
- Developed frontend and backend components of the Bepunct System using Android and Laravel
- Designed and implemented BCiS API using CodeIgniter 2 with Laravel-inspired architecture
- Led development of CMS and API platforms for Air Selangor
- Set up monolithic on-premise architecture (Ubuntu 16.04, PHP 7.2, Nginx)
- Migrated systems from on-premise to Alibaba Cloud utilizing Kubernetes clusters
- Implemented CI/CD pipelines to streamline build, test, and deployment workflows
- Built multiple Android applications using Android Java, delivering production-ready mobile solutions
Jul 2016 – Jan 2017
Android Developer
Terato Tech Sdn Bhd
Android application development for government and enterprise mobile solutions.
- Developed Android applications using Android Java and published to Google Play Store
- Participated in User Requirement Specification (URS) discussions
- Implemented API integrations and application enhancements
Feb 2016 – Jul 2016
Android Developer Intern
Terato Tech Sdn Bhd
Internship focused on hybrid mobile application development and proof-of-concept projects.
- Developed Domino App POC, converting Domino MY/SG websites into hybrid mobile applications
- Built a file-sharing application combining web-based and native mobile features
Education
Bachelor of Science (Mathematics & Computer Science)
Universiti Teknologi MARA (UiTM)
2014 – 2016
Diploma in Computer Science
Universiti Teknologi MARA (UiTM)
2011 – 2013
Licenses & Certifications
Cloud, Architecture & Strategy
Building a Generative AI Tech Strategy
LinkedIn Learning · Jun 2024
Software Architecture: Domain-Driven Design (DDD)
LinkedIn Learning · Jun 2024
Architecting on AWS
Trainocate Malaysia · May 2021
DevOps, DevSecOps & Security
DevSecOps: Automated Security Testing
LinkedIn Learning · Jun 2024
DevOps Foundations: DevSecOps
LinkedIn Learning · Jun 2024
CTCSW – CompTIA Cybersecurity Workshop
Trainocate Malaysia · Dec 2023
Cloud Certifications
AWS Certified Cloud Practitioner
Amazon Web Services (AWS) · Nov 2020 · Expired Nov 2023
AWS SSCA – Shift and Shape Your Cloud with AWS
Trainocate Malaysia · Jun 2024
AI & Automation
RASA Developer Certification
Rasa · Nov 2020
ID: GQ5 SA6 ED6
Engineering Leadership
Tech Career Skills: Moving from Developer to Engineering Manager
LinkedIn Learning · Jun 2024
Core Competencies
What I bring to the table
Featured Projects
Case studies in engineering
Selected projects demonstrating architecture decisions, security practices, and delivery across government and enterprise environments.
Air Selangor Mobile App
Feb 2018 – Aug 2025
Backend API and CMS for the official mobile application serving consumers across Selangor, KL, and Putrajaya.
Farmbyte Downstream
Sep 2023 – Oct 2025
Architecture and development of a scalable eCommerce platform connecting consumers with Agrofood products.
LTAT MyWira Application
Oct 2020 – Jan 2026
CMS and API for the Armed Forces Fund Board mobile application, managing pension fund member services.
SAMB Mobile App
Jul 2025 – Present
Complete backend system for Melaka water utility mobile application with cloud-native architecture.
Customer Experience Dashboard
Oct 2022 – Aug 2025
Internal analytics dashboard aggregating customer experience data across all Air Selangor service channels.
iERP Air Selangor
Jul 2020 – Jun 2025
Emergency response plan system for water disruption scheduling and monitoring across Selangor regions.
Ranhill SAJ E-Submission
Nov 2022 – Jun 2024
Digital transformation of project submission workflow, replacing manual processes with a modern web platform.
Security & DevSecOps
Security embedded, not bolted on
Security is integrated into every stage of the development lifecycle — from requirements through production deployment.
Delivery Pipeline
Secure Coding Standards
Established and enforced secure coding guidelines across development teams. Every line of code follows standards designed to prevent OWASP Top 10 vulnerabilities.
SAST Integration
Self-hosted SonarQube integrated into CI/CD pipelines for static application security testing. Automated scanning catches vulnerabilities before code review.
CI/CD Quality Gates
Mandatory quality gates in deployment pipelines. No code reaches production without passing security scans, code quality checks, and test coverage thresholds.
Dependency Risk Management
Continuous monitoring and assessment of third-party dependencies. Proactive vulnerability tracking and timely patching across all active projects.
Infrastructure & Operations
Cloud platforms in context
Cloud choices driven by project requirements, compliance constraints, and cost-efficiency — not vendor preference.
AWS
SAMB, Farmbyte — CloudFormation, S3, cloud-native deployments
Projects: SAMB Mobile App, Farmbyte Downstream
Alibaba Cloud
Air Selangor — Kubernetes clusters, container orchestration at scale
Projects: Air Selangor Mobile App, Customer Experience Dashboard, iERP
DigitalOcean
Supporting infrastructure for smaller-scale services and staging
Projects: Supporting services
Migration Story — Air Selangor
On-Premise
Ubuntu 16.04 · PHP 7.2 · Nginx
Alibaba Cloud
Kubernetes · CI/CD · Container Orchestration
Technical Leadership
Leading through technical authority
Decision Ownership
Architecture decisions across 20+ projects — from database schema to cloud topology. Every decision documented, every tradeoff evaluated.
Tender & Proposal Architecture
Led technical solution design for 20+ tender proposals, achieving an 80% top-3 shortlisting rate. From requirements analysis to architecture blueprints.
Technical Escalation
Primary technical escalation point across all active projects. First contact for production incidents, architecture debates, and cross-team technical challenges.
Stakeholder Translation
Bridging technical and non-technical stakeholders. Translating complex architecture and security concepts into clear, actionable guidance for project managers, clients, and executives.