# Gustavo Ocanto > Software Architect & Principal Engineer ## At a glance - **Name:** Gustavo Ocanto - **Nickname:** gus - **Handle:** @gocanto - **Email:** gus@oullin.io - **Profession:** Software Architect & Principal Engineer - **Site:** https://gocanto.sh/ ## Signature skills ### Leadership ⭐ (signature) - Proficiency: 92% - Years: 12 Engineering leadership across banking, fintech and SaaS — squads, SLOs, hiring bar, on-call, growth plans. Hands-on enough to land technical decisions, structured enough to scale teams. I lead engineering teams the way I write services: with clear contracts, predictable cadence, and observability built in. Scaled groups from 10 to 20+ at Aspire and ran a 12-person APAC team at BeMyGuest, building open communication across DevOps, Infra, Data, FE/BE and Support. I set SLOs, runbooks and post-mortems with clear owners; partner with CEOs and C-level on expansion plans; and stay hands-on enough that architecture decisions hold up under code review. **Related:** OKRs, RFCs, Runbooks, Post-mortems, SLOs, Hiring bar, 1:1 mentorship, Quarterly planning **Example projects:** - [Scaled Aspire engineering from 10+ to 20+ with onboarding playbooks and growth paths](https://www.linkedin.com/in/gocanto) - [Led 12-person APAC team at BeMyGuest through full SDLC with platform-agnostic design system](https://www.linkedin.com/in/gocanto) - [Partnered with CEO and C-level at Aspire on expansion plans and engineering scaling](https://www.linkedin.com/in/gocanto) ### Go (Programming Language) ⭐ (signature) - Proficiency: 95% - Years: 8 Hands-on Go for production backends — reverse proxies, high-throughput pipelines, agent platforms, idempotent payment cores. The default for new work. Go is my default for new backend work. I lean on it for reverse proxies that wrap legacy banking cores, high-throughput streaming pipelines, agent orchestration platforms, and idempotent payment modules. The toolchain (testing, profiling, race detector, build determinism) lets me ship regulated systems with confidence, and the runtime keeps tail latencies predictable under load. **Related:** net/http, context, errgroup, Kafka, Redis Streams, PostgreSQL, gRPC, OpenTelemetry **Example projects:** - [Banking core reverse proxy with auth, caching, circuit breakers, audit log on every call](https://www.linkedin.com/in/gocanto) - [Idempotent payment intake service](https://www.linkedin.com/in/gocanto) - [Agentic orchestrator with tool registry and signed event chains](https://github.com/oullin/workflow) ### System Design ⭐ (signature) - Proficiency: 95% - Years: 12 Architecting regulated backends end-to-end: contracts, boundaries, data flow, failure modes. Designed for audit and operated under load. Software architecture treated as a working contract, not a diagram. I design regulated backends end-to-end — bounded contexts, typed contracts at every boundary, explicit data flow, named failure modes, and SLOs that travel with the service. The result holds up under audit and under load: monolith-to-microservices at Aspire, multi-protocol ingress layers at Silverlake, platform-agnostic UI/SDK at Perx. Every decision shows its work in an RFC, then in code. **Related:** RFCs, DDD, Contracts, Event sourcing, OpenAPI, gRPC, Kafka, PostgreSQL, Helm **Example projects:** - [Monolith-to-microservices migration at Aspire for independent scaling and clear ownership](https://www.linkedin.com/in/gocanto) - [Multi-protocol ingress layer (HTTP, Kafka, Redis Streams, RabbitMQ) for banking core protection](https://www.linkedin.com/in/gocanto) - [Platform-agnostic UI shell + SDK with feature flags and design tokens for brandable deployments](https://www.linkedin.com/in/gocanto) ### E-commerce Architecture ⭐ (signature) - Proficiency: 92% - Years: 10 Multi-tenant checkout, modular payment adapters, idempotent flows, OpenAPI-driven partner integrations. SaaS commerce designed to scale without breaking reconciliation. End-to-end commerce platforms designed for SaaS multi-tenancy. I’ve owned subscription billing with proration and upgrade/downgrade rules, modular payment adapters across 10+ gateways, eTicket lifecycle with audit trails, OpenAPI partner integrations with contract tests, and a multi-currency eWallet with clean ledgering and finance reports. Checkout is idempotent, capacity-aware and resilient to provider blips — without trading off UX. **Related:** Vue.js, TypeScript, Laravel, Stripe, Adyen, PayPal, WeChat, PayDollar, OpenAPI **Example projects:** - [Multi-tenant checkout with 10+ payment gateways and standardised failover paths at BeMyGuest](https://www.linkedin.com/in/gocanto) - [Capacity Calendar & Reservation Portal with real-time slot discovery and capacity controls](https://www.linkedin.com/in/gocanto) - [Multi-currency eWallet for partner payments with ledgering and reconciliation reports](https://www.linkedin.com/in/gocanto) ### AI (Artificial Intelligence) ⭐ (signature) - Proficiency: 92% - Years: 3 Hands-on agentic engineering: orchestrators, tool registries, prompt caching, structured output, knowledge bases. Shipping AI products in regulated contexts, not slideware. AI shipped as product, not as a demo. I architect agentic systems with typed tool registries (MCP), prompt caching, streaming structured output, JSON-mode validation and knowledge bases that respect data boundaries. Provider abstraction so models swap without product changes. Guidance for SMBs through pragmatic AI adoption — translating capabilities into clear, operational tools — with the same hardening I apply to regulated banking systems. **Related:** MCP, Anthropic SDK, OpenAI SDK, Go, TypeScript, Vector stores, Prompt caching, JSON schema **Example projects:** - [Custom AI products with Go data-aggregation pipelines for high-throughput, low-latency delivery](https://github.com/oullin/api) - [MCP server exposing internal tools to agents with provider-agnostic abstraction](https://github.com/gocanto) - [Pragmatic AI adoption playbook for SMBs translating capabilities into operational tools](https://www.linkedin.com/in/gocanto) ### AS/400 Modernisation ⭐ (signature) - Proficiency: 90% - Years: 6 Wrapping legacy banking cores (AS/400, VCOS, COBOL/RPG) with Go reverse proxies — auth, caching, rate limiting, circuit breakers, audit log on every call. Modernise the surface, leave the core. Modernising legacy banking cores without touching them. I wrap AS/400, VCOS, and COBOL/RPG systems with Go reverse proxies that own authentication, caching, rate limiting, circuit breakers, and an audit log on every call. The core stays where it is; the surface gets a modern contract, observability, and graceful degradation. Migration risk drops because we never rip-and-replace. **Related:** Go, COBOL/RPG, VCOS, DB2/400, IBM i, Redis, Kafka, OpenTelemetry **Example projects:** - [Reverse proxy layer fronting an AS/400 core processor in production banking](https://www.linkedin.com/in/gocanto) - [Audit-log streaming pipeline from VCOS into a queryable event store](https://www.linkedin.com/in/gocanto) - [Circuit breakers and retry budgets shielding downstream COBOL services](https://www.linkedin.com/in/gocanto) ### Agentic Orchestration ⭐ (signature) - Proficiency: 92% - Years: 3 Internal agent platforms with orchestrators, tool registries, audit logs, and reproducible runs. Fail-closed validators, signed event chains, no silent failures. Internal agent platforms designed for regulated environments. Orchestrators schedule tool calls against a typed registry, every step writes to a tamper-evident audit log, and runs are reproducible from the original event stream. Validators fail closed by default, event chains are cryptographically signed, and silent failures are treated as bugs — not as resilience. **Related:** MCP, Go, JSON Schema, OpenTelemetry, Postgres, Kafka, Anthropic SDK **Example projects:** - [MCP-based tool registry exposing internal services to agents](https://github.com/gocanto) - [Reproducible-run orchestrator with signed event chains](https://github.com/oullin/workflow) - [Fail-closed validator layer for regulated agent workflows](https://www.linkedin.com/in/gocanto) ### Payment Integration ⭐ (signature) - Proficiency: 95% - Years: 10 Production-grade Go modules with idempotency keys, webhook signature verification against provider test vectors, retry-with-backoff that respects Retry-After, and structured error taxonomies. Payment integrations that hold up in production. Every mutating call carries an idempotency key. Webhooks are verified against the provider's own test vectors, not hand-rolled approximations. Retries respect Retry-After and back off with jitter. Errors are typed taxonomies that downstream code can pattern-match on, not opaque strings. The result is checkout flows that don't fall over when a provider blips. **Related:** Stripe, Adyen, NETS, PayPal, WeChat, PayDollar, Go, PostgreSQL **Example projects:** - [Idempotent multi-provider payment intake with structured error taxonomy](https://www.linkedin.com/in/gocanto) - [Webhook receiver verified against vendor test vectors with replay tooling](https://www.linkedin.com/in/gocanto) - [Retry-with-backoff scheduler that respects Retry-After across providers](https://www.linkedin.com/in/gocanto) ### Kafka Event Pipelines ⭐ (signature) - Proficiency: 92% - Years: 6 Kafka producer/consumer pairs with exactly-once consumer semantics, DLQ with replay tooling, transactional outbox patterns, and Helm + Grafana shipped together. Kafka pipelines built for at-least-once worlds. Producer/consumer pairs are designed for exactly-once consumer semantics on top of the transactional outbox pattern. Dead-letter queues come with first-class replay tooling so incidents are recoverable, not just observable. Deploys ship as Helm charts with Grafana dashboards and SLO alerts — the pipeline is operable from day one. **Related:** Apache Kafka, Go, Helm, Grafana, Prometheus, PostgreSQL, Avro, Schema Registry **Example projects:** - [Transactional outbox + Kafka consumer with exactly-once semantics](https://www.linkedin.com/in/gocanto) - [DLQ with replay UI for incident recovery](https://www.linkedin.com/in/gocanto) - [Helm chart + Grafana dashboards shipped with the producer/consumer pair](https://www.linkedin.com/in/gocanto) ## All skills ### Management - Proficiency: 90% The process of dealing with or controlling things or people to achieve business objectives. ### Strategic Planning - Proficiency: 90% Defining an organisation's direction and making decisions on allocating resources to pursue this strategy. ### Communication - Proficiency: 95% The imparting or exchanging of information, ideas, or news within a team or organisation. ### PHP - Proficiency: 95% A popular general-purpose scripting language that is especially suited to web development. ### Cloud Cost Optimisation - Proficiency: 95% The process of reducing cloud spending without negatively impacting performance or reliability. ### Complex 3rd Party System Integrations - Proficiency: 95% Stripe, Adyen, NETS, PayPal, WeChat, PayDollar, schema registries, banking cores. Contract tests, failover paths, idempotent sync jobs — checkout that doesn't fall over. ### Scale Engineering Efforts - Proficiency: 85% The practice of expanding and managing engineering teams and infrastructure to support growth. ### SQL Performance Optimisation - Proficiency: 85% Improving the speed and efficiency of queries executed on a relational database. ### Mentorship - Proficiency: 85% Guidance provided by a more experienced person to support professional growth. ### TypeScript - Proficiency: 80% A strongly typed programming language that builds on JavaScript for better tooling at any scale. ### Vue.js - Proficiency: 85% A progressive JavaScript framework used for building user interfaces and single-page applications. ### Node.js - Proficiency: 80% A back-end JavaScript runtime environment that executes JavaScript code outside a web browser. ### PostgreSQL - Proficiency: 80% A powerful, open-source object-relational database system known for its reliability and features. ### MySQL - Proficiency: 85% An open-source relational database management system (RDBMS) widely used in web applications. ### Apache Kafka - Proficiency: 80% An open-source distributed event streaming platform for high-performance data pipelines. ### Docker - Proficiency: 80% A platform that uses containers to create, deploy, and run applications. ### Next.JS - Proficiency: 65% A React framework for building full-stack web applications with server-side rendering. ### Nuxt.JS - Proficiency: 55% An intuitive Vue framework for creating server-rendered applications and static sites. ### Laravel - Proficiency: 95% A PHP web application framework with expressive, elegant syntax for web development. ### Python - Proficiency: 55% A high-level, general-purpose programming language known for its simple syntax. ### FastAPI - Proficiency: 75% A modern, high-performance web framework for building APIs with Python. ### CI/CD - Proficiency: 95% Continuous Integration and Delivery, the practice of automating the software development and release process. ### ETL - Proficiency: 75% Extract, Transform, Load; a data integration process for combining data from multiple sources. ### Go Redis Streams - Proficiency: 85% A Redis data structure, accessed via Go, for managing and consuming streams of data. ### Recruiting - Proficiency: 90% The process of actively seeking out, finding, and hiring candidates for a specific job. ### Training - Proficiency: 90% The action of teaching a person or group a particular skill or type of behaviour. ### RabbitMQ - Proficiency: 70% An open-source message broker that implements the Advanced Message Queuing Protocol (AMQP). ### Ruby on Rails - Proficiency: 45% A server-side web application framework written in Ruby that follows the MVC pattern. ### Symfony PHP - Proficiency: 80% A set of reusable PHP components and a PHP framework for web projects. ### SvelteJS - Proficiency: 75% A component framework that compiles your code to tiny, framework-less vanilla JS. ### C/C++ - Proficiency: 55% A general-purpose language (C) and its object-oriented successor (C++) known for high performance. ### Software Engineers - Proficiency: 100% Professionals who apply engineering principles to design, develop, test, and maintain software. ### MCP (Model Context Protocol) - Proficiency: 85% Building MCP servers and clients that expose tools and resources to agents over a typed protocol. Provider abstraction so models swap without product changes. ### 360 Communication - Proficiency: 90% A communication strategy involving feedback from all directions: supervisors, peers, and C-Level. ### Audit-Trail Architecture - Proficiency: 95% Append-only event logs with cryptographic signatures and replay tooling. Compliance designed in at architecture stage, not retrofitted — every step reproducible, every record permanent. ### Idempotency & Retry Design - Proficiency: 93% Idempotency keys on every mutating call, retry policies with jitter and Retry-After respect, structured error taxonomies that pattern-match cleanly. Built for at-least-once worlds. ### LLM Tooling - Proficiency: 88% MCP servers, tool calling, prompt caching, streaming responses, JSON-mode validation. Provider abstraction so models swap without product changes.