software engineer · full-stack builder
I ship production backend and platform systems for enterprise SaaS — multi-cloud infrastructure, identity, and security that run across AWS, GCP, and Azure in 10+ regions. Off the clock, I build whatever a problem needs: AI-agent infrastructure, Android and iOS apps, CLIs, and ML pipelines.
scroll to traverse to the next checkpoint ▾
Five years across enterprise security, fintech, and platform infrastructure — owning services end to end.
I owned multiple core backend services (Go & Python) for a multi-tenant, browser-native enterprise security platform on GCP, AWS, and Azure. A few of the systems I built and led:
A node-orchestration control plane that provisions, autoscales, and upgrades compute across AWS, GCP & Azure in 10+ regions — with a warm instance pool and spot-eviction handling to cut cloud spend.
Built largely solo: ingests users, groups & devices from five identity providers — Entra, Okta, Google, JumpCloud, Ping — into per-tenant Postgres + BigQuery over gRPC.
A multi-tenant OpenID Connect / OAuth2 provider — full authorization, token & JWKS surface with per-tenant isolation and federated login via Entra & Ping.
A six-service Go suite for credential management, domain categorization, WHOIS, and breach detection on GKE — fed by a Kafka / Pub-Sub event multiplexer.
Plus the policy & access-control layer (policy engine, DLP, SSO, members/groups/devices), the deployment toolkit that stands up per-tenant infrastructure across five regions, and the reliability layer underneath it all — CI/CD, observability, SLO alerting, and secret management.
end of intel — keep scrolling to traverse to the next checkpoint ▾
Real, shipped side projects — from AI-agent infrastructure to mobile apps, CLIs, and ML pipelines.
AI & agent infrastructure
A structured personal-knowledge service that any AI agent can query over MCP (Model Context Protocol). It stores preferences, policies, vendor ratings, and order history across domains — food, coding, cabs, services — so an agent calls get_briefing() for fast, token-frugal context before it acts. Built with Go, Postgres + pgvector, and MCP over HTTP/SSE, with a React dashboard for feedback and metrics. Includes sensitivity classification, provenance tracking, and idempotent markdown import.
Live Hindi sales-call coaching. Two people role-play a loan call with push-to-talk; it transcribes via local whisper-cpp (Metal-accelerated), whispers real-time nudges, then scores the call across 7 dimensions with evidence-verified quotes. Runs entirely locally — no API keys, no cloud.
A local AI-agent manager — like nvm, but for open-source AI agents. Install, configure, and launch tools like Ollama and OpenCode. No API keys, no cloud — everything runs locally. Named after the sage Lomasa from the Mahabharata.
Apps, tools & ML
Turns event photos into a deployed site where guests click a face to see every photo that person appears in. RetinaFace + ArcFace for detection and recognition, agglomerative clustering to group faces, collaborative naming. Deployed on Cloudflare Pages + R2 + KV with password protection. Used at real weddings and events.
Bilingual (English + Hindi) Android app and FastAPI backend giving farmers in Kanpur Dehat, UP actionable insights — IMD weather, severe-weather nowcasts, and advisory bulletins parsed from DAAS PDFs. Every card shows its source and freshness. Offline-first with WorkManager sync. In internal testing.
A browser extension that adds a "skin" to YouTube — save videos and channels without logging in, solving the problem of losing recommendations when watch history is off. Published on both the Firefox Add-ons and Chrome Web Store.
A rental marketplace where owners and renters connect directly. Full-stack: a Kotlin Android app with a FastAPI backend, containerized with Docker. A complete product, pitch deck and all.
end of intel — keep scrolling to traverse to the next checkpoint ▾
I don't stick to one platform. Android in Kotlin, iOS in Swift, browser extensions in JS, CLIs and backends in Go, services and ML pipelines in Python. If it solves a real problem, I'll learn whatever stack gets it done — and ship it.
My day job is backend and platform engineering at scale: multi-cloud orchestration, identity and access, and the reliability work that keeps multi-tenant systems running across regions. The throughline is ownership — I like holding a service end to end, from the data model to the deploy pipeline to the 2am alert.
Right now I'm deep in the AI/LLM space — not just using these tools, but building infrastructure around them. second-brain is an MCP-native memory service for agents; sales-saathi runs local whisper + LLM for real-time Hindi coaching; lomasa-ai is where the open-source work lives. I build for domains I care about — agritech, AI tooling, and the small tools that make daily life better. Human ideas, AI-assisted execution.
Enterprise security · Identity & access · Multi-cloud orchestration · Fintech · Agritech · AI/LLM tooling
GCP · AWS · Azure · Kubernetes/GKE · Docker · Terraform · gRPC · Kafka/Pub-Sub · Postgres · BigQuery · Elasticsearch · Redis · Cloudflare
Tvash is my AI collaborator — a Claude-powered agent that's an actual part of my workflow, not a gimmick. The lomasa-ai projects are human–AI pair-programmed: I bring the ideas and judgment, Tvash helps execute. @claudeforssb
end of intel — keep scrolling to traverse to the next checkpoint ▾
// final checkpoint — channels open
© Shivam Som Bajpai
end of patrol — or scroll up to retrace the path ▴