The domains, disciplines, and strategic areas I lead across.
Setting technology direction at the institutional level—aligning platform investments with business strategy, designing operating models, and advising C-level leadership on transformation priorities. Accountable for translating national-scale ambitions into executable technology roadmaps.
Designing and governing the platforms that connect an institution's systems, data, and partners. Building API-first ecosystems and event-driven architectures that enable real-time operations, eliminate silos, and scale with the business.
Leading digital product delivery and partner ecosystem strategy in regulated financial services. Enabling open banking, embedded finance, and real-time payment capabilities that connect the institution to the broader fintech landscape.
Architecting for compliance from the start—building financial-grade security into platforms, ensuring regulatory readiness, and maintaining audit-ready governance across all integration surfaces. Operating within the regulatory frameworks that govern KSA's financial sector.
Building and leading high-performing engineering organizations. Establishing delivery practices, team structures, and decision-making frameworks that enable continuous delivery at institutional scale while maintaining architectural coherence.
The platforms, brokers, languages, and patterns I work with directly. Each block links to a deep-dive Lab article on the patterns and configuration that hold up in production financial services.
Edge architecture for regulated banking APIs: TLS termination, OAuth flows, mTLS for partner traffic, JWT validation, and policy assemblies. Production deployments on IBM API Connect with DataPower as the runtime.
Layered defence for financial APIs: OAuth 2.1 with PKCE, OpenID Connect, mutual TLS, JWT with algorithm pinning, and the FAPI 2.0 profile required by Open Banking and SAMA-regulated flows.
Brokers, schemas, and idempotent consumers for real-time payment, risk, and core-banking flows. Kafka for event streams, IBM MQ for transactional command flows; both run side by side in production.
Real-time fraud detection, payment screening, and feature pipelines on Kafka Streams (in-process) and Apache Flink (cluster). Windowing, stateful joins, exactly-once, and the operational patterns for streams that run for months.
The runtimes that bridge core banking, partner SaaS, and modern microservices. IBM ACE message flows in production at the bank; Apache Camel and Kafka Connect for cloud-native integration. EIP catalogue applied as primitives.
Keeping distributed financial data consistent without dual-write hazards. Debezium for change data capture, the transactional outbox pattern, idempotent consumers, and reconciliation jobs that catch the edge cases CDC misses.
Sub-millisecond reads on shared state for low-latency banking flows. Redis Cluster for sharded data, Sentinel for HA, cache-aside as the default pattern, and the stampede-protection patterns that have saved more than one production weekend.
Bridging core banking on z/OS to modern platforms without taking the bank offline. Strangler fig migrations, MQ-CICS bridges, COMMAREA marshalling, EBCDIC handling, and the cutover patterns that survive regulator scrutiny.
Production runtime for integration platforms in regulated environments. OpenShift on-prem and IBM Cloud, GitOps with ArgoCD, Tekton pipelines, secrets via Vault, image signing, and SBOM-attached releases the auditor can trace.
Java is the bank’s primary integration language; Spring Boot is the microservice default; Node.js shows up for lightweight adapters and serverless. Python for tooling, scripting, and the occasional analytics pipeline.
Direct exposure to the KSA payment rails and the regulatory frameworks that govern integration in Saudi banking. Hands-on with SAMA Open Banking compliance and the technical conformance work behind it.
The signals and tooling that keep integration platforms reliable in production: structured metrics, distributed tracing, log forwarding to SIEM, and the runbooks that turn 3am pages into 5-minute resolutions.