§01About

I'm Usman Ali, a backend engineer. I work on distributed systems, data pipelines, and the APIs underneath them, mostly in Node.js and NestJS on AWS, with PostgreSQL and MongoDB behind them.

Most of it is invisible from the outside: a migration that resumes instead of restarting, a multi-tenant API that keeps tenants honestly isolated, an ingestion pipeline that stays correct at 30,000 orders a month. I care about correctness, observability, and backend code the next engineer can actually follow.

Even this site runs on a CMS I built myself: Neon Postgres, a JWT-gated admin, and a remark/rehype rendering pipeline.

§02What I work with
APIs & multi-tenant SaaS
Node.js · NestJS · Express · REST API design · multi-tenant isolation · public API (API key + secret) · rate limiting · JSON schema validation
Auth & security
Auth0 · JWT (JSON Web Tokens) · JWKS-RSA · OAuth 2.0 · Passport.js · CASL (RBAC + ABAC) · AES-256-CBC · Helmet · audit logging
Distributed & event-driven
Microservices · serverless · SQS · SNS · EventBridge · Step Functions · WebSockets · webhooks · Agenda.js
Cloud & infrastructure
AWS Lambda · ECS Fargate · API Gateway · S3 · CloudWatch · Route 53 · Docker · multi-region deployment · CodeBuild/CodeDeploy · GitHub Actions
Data & pipelines
PostgreSQL (read replicas) · MongoDB (materialized views) · Redis · DynamoDB · ETL pipelines
Observability
OpenTelemetry · distributed tracing · Jaeger · Prometheus · Datadog · Winston
Integrations & payments
Stripe · Unified.to · QuickBooks · Xero · Amazon SP-API · Amazon Advertising API · Shopify · Power BI · LaunchDarkly (feature flags)
§03Where I've worked
  1. 2025–present

    Backend Engineer III · Paismo

    • Built Nexus, a public enterprise workforce API (payroll, HRIS, time & attendance, leave, documents) with API-key-plus-secret auth, strict tenant scoping, 1,000 req/min rate limiting, JSON schema validation, and audit logging on every auth attempt.
    • Built the multi-tenant authorization layer with Auth0 + JWKS-RSA (JWT validation) and CASL (RBAC + ABAC), isolating employer context across 77 domain entity modules at the middleware level.
    • Ran payroll as Dockerized Lambda microservices over SQS, deployed across two AWS regions (CodeBuild/CodeDeploy) for availability and disaster recovery, with real-time status over WebSockets and Puppeteer-generated PDF payslips.
    • Instrumented the platform with OpenTelemetry to Prometheus + Jaeger; Stripe billing with signed webhooks behind LaunchDarkly; a Synapse microservice for idempotent QuickBooks/Xero sync via Unified.to. Mentors 2 engineers on a 5-person backend team.
  2. 2023–2025

    Software Engineer · Qbatch

    • Pass Gallery: a distributed migration on ECS Fargate, SQS, and Lambda that cut per-client time from 3–5 days to under 24 hours (85%) at 500,000 images per client per month, with per-tenant worker isolation and automatic failure recovery.
    • Furniture Clinic: a MongoDB schema with materialized views and daily ETL for 30,000+ orders/month; Power BI dashboards cut reporting overhead 40–60%.
    • European Outdoors: real-time inventory and order sync across Shopify and Amazon Seller/Vendor Central, cutting order-processing time 30–50%.
    • Pro Seller Tools: a MERN app integrating Amazon SP-API and Advertising API into ad-performance and financial dashboards; saved sellers 10+ hours/week.
  3. 2022–2023

    Junior Software Engineer · Devsinc

    • Backend features and real-time functionality on live MERN production systems; foundations in REST API design, authentication, and data modeling.
§04Away from the keyboard
  • Deep in the system

    Deep in the system

  • Beyond the code

    Beyond the code

  • AWS Community Day Lahore

    AWS Community Day Lahore

  • Lahore weekends

    Lahore weekends