> PROFESSIONAL_EXPERIENCE

Solutions Architect

Kernel Technology Limited (formerly Nano Kernel), Bengaluru | January 2026 - Present

  • Lead solution architecture across projects, defining scalable system design and technical direction for development and infrastructure teams
  • Establish engineering standards, evaluate technology and stack choices, and guide cross-team integrations to ensure long-term platform stability
  • Identify risks early and drive architectural decisions that improve performance, maintainability, and growth readiness

Engineering Team Lead - Architecture & Full-Stack Delivery

Nano Kernel Ltd, Bengaluru | January 2020 - Present

Key Projects & Achievements:
Enterprise ERP/DMS Platform (Microservices SaaS)
  • Architected the decomposition of a monolithic ERP into independently deployable Management, Assets and HRMS microservices (database-per-service), owning the service boundaries and integration contracts
  • Designed OAuth2 service-to-service auth and JWT single sign-on, with Redis pub/sub event-driven user & permission synchronization across services
  • Established the platform's API standards - 1000+ REST APIs with real-time WebSockets and OpenAPI/Swagger contracts - spanning 11+ business domains
  • Drove a 60% performance gain via Redis caching and asynchronous task pipelines
  • Standardized Dockerized deployments and GitHub Actions CI/CD across all services
IoT Platform (Telemetry & Device Management)
  • Architected a multi-tenant IoT backend (Node.js/TypeScript, Express, TypeORM) processing real-time telemetry over MQTT/TLS
  • Defined the PostgreSQL + InfluxDB data architecture for time-series telemetry and analytics
  • Designed a secure OTA firmware-update pipeline and WebSocket-driven monitoring & alerting
  • Delivered 100+ documented REST APIs (Swagger) with versioned TypeORM migrations
AVLS – Real-Time Vehicle Tracking (Fleet Management System)
  • Architected a Django + PostGIS fleet-tracking platform tracking 500+ vehicles in real time
  • Designed geofencing and spatial indexing, and built a custom OAuth2/OIDC provider with role-based access
  • Optimized live route rendering with encoded polylines, and enforced auditability via versioned history (django-simple-history)
SilkNostrChat (Decentralized Real-Time Chat App)
  • Architected a decentralized, end-to-end-encrypted chat platform on the Nostr protocol, scaling to 1,000+ concurrent users
  • Designed cryptographic signature verification and a resilient peer-to-peer WebSocket architecture
  • Shipped to iOS via Capacitor; offloaded cryptography to Web Workers for client performance
Leadership & Engineering Practice:
  • Set engineering standards and led code reviews, mentoring the team toward scalable, maintainable design
  • Owned CI/CD and infrastructure-as-code (GitHub Actions, Ansible, Terraform), streamlining delivery across environments
  • Led cross-functional delivery, translating client and business requirements into architecture and roadmaps
  • Extended and customized the Open edX LMS platform for client learning programs
  • Architected IoT device-management solutions with remote monitoring, data collection and analytics

System Administrator

Nano Kernel Ltd, Bengaluru | February 2019 - January 2020

  • Managed complex IT infrastructure, integrating virtualization, cloud solutions, and automation tools across hybrid cloud environments
  • Oversaw network architecture, implemented security protocols, and monitored system performance to improve operational efficiency
  • Led disaster recovery planning and ensured compliance with industry standards while aligning IT infrastructure with business objectives

System Administrator

Login Infotech Pvt Ltd, Bengaluru | May 2018 - October 2018

  • Scheduled, configured and maintained network security upgrades and daily backups
  • Developed and implemented network and system security related policies
  • Reviewed logs of all Windows and Linux servers to ensure that there were no breaches of security

System Administrator (Part Time)

SM Computers, Yellapur | September 2014 - January 2018

  • Early hands-on foundation: systems, networking and backup/recovery - OS deployment, router/switch configuration and end-user support.

> ARCHITECTURE_CASE_STUDIES

// Architecture deep-dives - problem, decisions, outcome

Enterprise ERP/DMS Platform

// Flagship - monolith to microservices

The Problem

A single Django monolith spanning 11+ business domains had become a release bottleneck - every change risked the whole system, teams blocked each other, and scaling meant scaling everything at once.

Key Decisions
  • Decomposed into Management, Assets and HRMS services along domain boundaries
  • Database-per-service to remove shared-schema coupling (PostGIS where geospatial)
  • Management as the OAuth2 provider + JWT SSO issuer; services verify centrally
  • Redis pub/sub events to replicate users & permissions, not synchronous calls
  • OAuth2 client-credentials for secure service-to-service traffic
The Outcome
  • Independent deploys per service; teams ship without cross-blocking
  • Failures degrade gracefully instead of taking down the platform
  • 1000+ REST APIs under shared standards; 60% faster via Redis caching
DjangoDRFPostgreSQLPostGISRedisOAuth2JWTDocker

nIoT - Secure Edge Device Platform

// Multi-tenant IoT backend with per-device mTLS

The Problem

Operate fleets of edge devices behind NAT and firewalls - give each device a strong identity, ingest telemetry over constrained links, and control devices remotely without ever opening an inbound port on them.

Key Decisions
  • Per-device identity via mutual TLS - a platform CA signs each device's CSR; the cert CN is bound to the device record and re-verified on every request
  • Multi-protocol ingestion (MQTT, CoAP, WebSocket, AMQP) over TLS to fit constrained and real-time workloads
  • Reverse, device-initiated connectivity - devices hold a persistent outbound channel so the platform pushes commands and OTA through NAT with zero inbound ports
  • Strict tenant isolation on every device, telemetry and alarm path
The Outcome
  • Strong cryptographic per-device identity and zero-inbound remote control
  • Protocol flexibility from low-power sensors to live dashboards
Node.jsTypeScriptExpressTypeORMPostgreSQLMQTTCoAPmTLS

DPDPStack Platform (getdpdp.net)

getdpdp.net

// Hosted, multi-tenant compliance backend

The Problem

The open-source dpdpstack erasure engine had to become a managed service - so teams get DPDP consent, erasure, audit and certificates as an API instead of hand-rolling them.

Key Decisions
  • Django/DRF backend that wraps the dpdpstack-python-sdk engine as a hosted, multi-tenant API
  • Tenant-scoped API keys - secret (server) and publishable (browser) - with per-key capabilities and origin allowlists
  • Signed, independently verifiable Certificates of Erasure backed by a managed RS256 signing-key vault
  • Evidence-only ingestion (opaque refs + hashes, never PII) keeps it zero-egress by design
The Outcome
  • Turned an OSS library into a counter-signed, auditable compliance platform
  • Consent, DSR and breach workflows exposed as documented (Swagger) APIs
DjangoDRFPyJWTPostgreSQLdpdpstackSwagger

Kino SSH Manager

GitHub

// Zero-knowledge SSH vault & terminal

The Problem

Engineers juggle SSH keys and passwords across dozens of hosts - and need one secure home for them that never trusts a server with plaintext secrets.

Key Decisions
  • Local-first encrypted vault - Argon2 key derivation + AES-256-GCM; one master password unlocks everything
  • Tauri 2 (Rust core) for a small, memory-safe footprint with secrets zeroized from memory on lock
  • Optional cloud sync uploads only the encrypted blob (sha-based conflict detection) - the server never sees plaintext or the master password
  • Full SSH/SFTP, port forwarding and ed25519 keygen, all driven from the vault
The Outcome
  • Zero-knowledge by architecture - secrets never leave the device unencrypted
  • Cross-platform desktop with idle auto-lock and master-password re-key
RustTauri 2ReactAES-256-GCMArgon2

WDYL - What Did You Learn

GitHub

// Privacy-first learning tracker

The Problem

Developers learn something new daily but forget it by review time - and most trackers quietly phone that data home.

Key Decisions
  • Offline-first: all entries and badges stored locally in SQLite - no account, no network permission
  • Built GSF-free (no Google Services Framework) to keep the app independent and private
  • Data portability via PDF / CSV / JSON export - own your history and feed it to an LLM for résumé prose
The Outcome
  • Privacy guaranteed by architecture, not policy - nothing leaves the device
  • Open-sourced after personal use; runs fully offline across platforms
FlutterDartSQLite

> READY_TO_CONNECT

Architecting secure, scalable platforms - from system design down to the deployment pipeline.

Open to solution-architecture, technical-strategy and advisory engagements.

GitHub LinkedIn Email

Feel free to reach out at [email protected] for collaboration or inquiries!