Senior Software Engineer · London, UK
Specialising in Critical National Infrastructure (CNI) protection and OT/IIoT cybersecurity. I bridge deep software engineering with platform architecture — building secure, scalable systems from the code up, across energy, water, and transport sectors.
Real-time eBPF network monitoring with kernel-level traffic visibility, Layer 7 protocol inspection (DNS, HTTP, TLS), device discovery, and behavioural anomaly detection. Zero CGO — pure Go with cilium/ebpf, producing 95% smaller binaries. Ships a Control Room web dashboard and Prometheus metrics.
Go-based dynamic notification scheduler with multi-channel delivery — Slack, Email, SMS, and Webhook. Database-driven job scheduling with configurable intervals and full execution logging, built for reliability in distributed production environments.
Secure SSH/SCP bastion with Relationship-Based Access Control (ReBAC), reverse tunnel support, full session recording, and temporary access workflows. Infrastructure access control without network exposure.
Terminal User Interface (TUI) for managing Portainer without leaving the terminal. Browse containers, stacks, images, volumes, and environments with a full keyboard-driven interface.
Minimal OCI container runtime on Linux — crun, overlay filesystem, one daemon, one CLI. A from-scratch implementation for understanding and extending container internals, useful for auditable CNI edge deployments.
Custom EFI boot system builder for Raspberry Pi Compute Module 5 with Alpine Linux rootfs, automated kernel compilation, and support for multiple carrier boards including CM5/CM4 IO boards.
Comprehensive CLI tool for managing development environments — integrating KIND clusters, ArgoCD applications, Jenkins jobs, and Kubernetes resources for simplified deployment and monitoring workflows.
Open-source Python driver for TigerGraph, developed during my time at TigerGraph. Provides seamless graph database integration and data manipulation for production graph-based access control workflows.
Command-line interface for TigerGraph Cloud and server management. Secure authentication, instance control, GSQL terminal, backup operations, and multi-version support for streamlined graph database operations.
Custom Node-RED nodes for TigerGraph integration, enabling visual programming and workflow automation with graph database operations in IoT and data processing applications.
Custom eBPF gateway container for egress filtering by SNI/DNS — blocking unauthorised traffic at kernel level without disrupting real-time OT workloads on constrained edge nodes.
Self-hosted zero-trust VPN with OIDC integration and hub-and-spoke WireGuard topologies — fully vendor-independent, supporting multi-tenant deployments across critical sector environments.
Multi-stage distroless Dockerfiles eliminating CVE surface. Migrated container promotion pipelines from legacy credential models to direct auth, adding dry-run mode, async parallelism, and build notifications.
Full migration from a flat Postgres-backed authorization model to Neo4j for graph-based ReBAC. Built a custom migrator with entity classification and Cypher query optimisation for production scale.
Generated IEC 62443 compliance matrix, OpenAPI reference, and runbooks directly from codebase — bridging CNI regulatory requirements with engineering artefacts.
Terraform multi-AZ AWS infrastructure with Docker Swarm, WireGuard hub-and-spoke, GlusterFS distributed storage, and IAM policy optimisation — fully repeatable across multiple isolated client tenants.
Critical technical leader on the Phoenix Platform — Deltaflare's flagship cybersecurity solution for CNI and OT environments (Energy, Water, Transport). Focus on high-level architecture, secure microservices, and bridging deep development work with advanced platform engineering.
Designed and maintained the foundational infrastructure and tooling powering critical software development and production pipelines for Technicolor's creative studios. A hybrid role balancing innovative R&D software development with rock-solid platform engineering.
Contributed to the core software and surrounding ecosystem of TigerGraph's enterprise Graph Database platform, focused on back-end development and ensuring seamless, scalable delivery and integration of the database software.
Core development of INNOSCAPE's market intelligence platform — building reliable backend systems and establishing the foundation for scalable operations.
Core developer responsible for the full lifecycle development of enterprise applications and internal systems, establishing a strong foundation in back-end development and enterprise-grade database management.
Foundational engineering role in the Information Systems Department, responsible for development, maintenance, and support of internal enterprise applications.
I'm a Senior Software Engineer based in London, specialising in the high-stakes environment of Industrial IoT (IIoT) and OT Cybersecurity. My role is to bridge visionary product design with resilient, scalable implementation — at Deltaflare, that means architecting the infrastructure for the Phoenix Platform, ensuring CNI operators have ironclad protection and operational compliance.
My core value lies in a dual expertise: I am a developer who understands platform scalability, and a platform engineer who builds robust solutions from the code up. I thrive on defining technical solutions for non-trivial problems — from securing industrial control systems (ICS) to designing high-availability distributed microservices.
My career began with automation engineering in Tunisia, giving me first-principles understanding of OT environments. That foundation shapes how I approach eBPF kernel security, network segmentation in energy infrastructure, and the physical implications of every software decision.
I actively contribute to the open-source community, write technical articles on Medium and Dev.to, and have long been part of the Ubuntu community. I'm multilingual across English, Arabic, and French.
How a platform engineer without an ML background approached building a machine learning component — covering the decisions, tradeoffs, and what actually worked in a Linux/Go/security context.
A deep dive into building a minimal OCI stack on constrained hardware — the motivation behind nyxd, overlay filesystems, crun, and the tradeoffs of rolling your own runtime for CVE reduction.
Practical lessons from building Cerberus — TC hooks, ring buffers, Layer 7 inspection, zero CGO with cilium/ebpf, and what it takes to ship a production-grade eBPF tool in pure Go.
Step-by-step guide to spinning up an isolated network security lab with QEMU — virtual machines, bridged networking, and wiring it up to a real-time network monitoring stack.
Step-by-step walkthrough of architecting a multi-tenant SSO system from scratch — Keycloak realm isolation, Go backend integration, JWT validation, and React frontend wiring.
Introduction to Orion-Belt: the design decisions behind a Go-based SSH bastion with ReBAC, reverse tunnels, and session recording — and why existing solutions weren't enough.
The network is speaking — every device connecting, every DNS query, every TLS handshake. A deep technical piece on Cerberus architecture, kernel-space event capture, and user-space processing in Go.
Walkthrough of building a low-code ingestion pipeline from data.world into a graph database — useful for anyone looking at graph-native data architecture without heavy custom tooling.
Interested in collaborating, discussing a technical challenge, or connecting around open-source work? Feel free to reach out through any of the channels below.
Typically respond within 24–48 hours.