What I've Built

Multi-tenant cloud SaaS for document question-answering. Upload documents, ask questions, get AI-powered answers with source citations.

• ▸Per-tenant data isolation with dedicated database roles and schema-level separation
• ▸Serverless TypeScript edge functions on self-hosted Supabase (13-container Docker stack on dedicated Ubuntu server)
• ▸Production RAG pipeline — document chunking, vector search, LLM streaming chat with sliding-window conversation history
• ▸Third-party OAuth integration with selective folder sync and real-time sync status dashboard
• ▸Automated tenant provisioning engine for zero-touch onboarding

Government Performance Index platform for cybersecurity assessment across government entities. Built as the backend engineer on an Agile/Scrum team.

• ▸70+ RESTful API endpoints covering survey management, dynamic targeting, automated assignment generation, review workflows, and analytics reporting
• ▸Five-tier RBAC with organization-scoped JWT authentication
• ▸Row-level data isolation across organizations using queryset-level permission enforcement, preventing cross-entity data leakage in a multi-tenant shared-database architecture
• ▸Database performance optimization with indexing strategies, select_related/prefetch_related patterns, and pillar-based scoring aggregation at organization and sector levels

Async document management system with vector search capabilities. University capstone project built with production-grade engineering practices.

• ▸Async Python backend with FastAPI, SQLModel, and asyncpg in a 5-service Docker Compose stack (PostgreSQL, Redis, Qdrant, FastAPI, React)
• ▸JWT auth with bcrypt, timing-safe login, RBAC, and PDF upload with magic-byte validation
• ▸Cascading deletion across PostgreSQL, FileStorage, and Qdrant
• ▸20 unit/integration test files (1,499 LOC), 80% test coverage enforced via GitHub Actions CI pipeline

Comparative analysis of pose estimation models for real-time exercise tracking with automated rep counting.

• ▸Benchmarked MediaPipe (33 keypoints) vs YOLOv8-Pose (17 keypoints) on latency, accuracy, and model size for real-time exercise tracking
• ▸Rep counting algorithm using Savitzky-Golay signal filtering and scipy peak detection on joint angle time series extracted from 33 body landmarks
• ▸Video processing pipeline with per-rep form degradation scoring and dual-model evaluation under identical conditions

Trained autonomous driving agents using PPO across highway and intersection environments with custom multi-objective reward functions in dense traffic (40+ vehicles).

• ▸Achieved 97% crash rate reduction (98% → 3%) and 18× survival time increase over 200k training steps using Proximal Policy Optimization (PPO) with CUDA-accelerated training on RTX 3050
• ▸Designed multi-objective reward function (V6) balancing speed, safety, lane discipline, and collision avoidance — then diagnosed a degenerate slow-driving policy through mathematical break-even analysis proving slow driving was optimal under the reward structure
• ▸Trained across two environments — Highway-v0 (dense 4-lane traffic) and Intersection-v1 (cross-traffic navigation with goal-directed behavior) — discovering overfitting where 100k checkpoint outperformed 200k
• ▸Proposed 4 concrete reward fixes (amplified collision penalty, non-linear speed reward, distance-based reward, stronger speed penalty) with mathematical justification for each

Self-hosted production infrastructure on a Minisforum UN1290 (i9-12900HK, 32GB RAM) running all project backends and services at $0/month cloud cost.

• ▸13-container self-hosted Supabase stack plus PostgreSQL, Redis, Ollama (local LLM inference), and project APIs — all Dockerized on a dedicated Ubuntu server
• ▸Zero-trust networking: SSH key-only auth, fail2ban, UFW firewall, all services bound to localhost, WireGuard VPN for remote admin, zero exposed ports to public internet
• ▸Multi-machine workflow — IdeaPad (GPU dev) ↔ Tailscale (encrypted tunnel) ↔ UN1290 (services) ↔ Cloudflare Tunnel (public HTTPS at $0)
• ▸Automated PostgreSQL backups with 7-day retention via cron, systemd service management, and tmux-based session management