Backend Engineer & SOC L1 Analyst · Remote-first (Spain) Building secure, multi-tenant SaaS with FastAPI, Next.js and Supabase. Fiscal compliance (VeriFactu / RD 1007/2023), payments (Stripe), and DevSecOps.
| Project | Stack | Domain |
|---|---|---|
| Traza / VeriFactu (private) | FastAPI · PostgreSQL · Redis · XAdES signing | Spanish fiscal compliance API |
| Barista (private) | Next.js 16 RSC · Supabase RLS · Stripe · i18n | Multi-tenant SaaS for hospitality (QR ordering) |
| Synchrona CRM (private) | Next.js 16 · Supabase · Drizzle ORM | Operational CRM with Verifactu integration |
Open-source extracts and sanitized case studies below.
| Repo | What it shows | Stack |
|---|---|---|
| voice-ai-agent ⭐ | Inbound Voice AI: telephony (Twilio/SIP) → STT → LLM → TTS → CRM, orchestrated with n8n. Swappable providers, fail-closed, 18 tests | Python · FastAPI · Twilio · n8n |
| verifactu-core ⭐ | Zero-dep, fully-typed OSS library: tamper-evident invoice hash chains for VeriFactu / RD 1007/2023. 98% coverage, strict mypy, CI 3.11-3.13 | Python · stdlib only · pytest |
| VeriStack | Microservices for cryptographic validation + fiscal automation (n8n + FastAPI + Docker) | Python · FastAPI · n8n · Docker |
| TerraStack | Zero-Trust IaC templates for cloud deployments | Terraform · Ansible · HCL |
| Store-Inventory-API | Production-grade REST API with auth, migrations, RBAC | FastAPI · SQLAlchemy 2.0 · Alembic · JWT · PostgreSQL |
| FlowNode | High-throughput distributed task engine | Python · Celery · Redis · asyncio |
| Telegram-AI-Bot | Event-driven AI bot with webhooks + GPT-4o | FastAPI · OpenAI · Webhooks |
| PyVeri | Zero-dependency, type-safe crypto-validation SDK | Python · stdlib only · type-safe |
| Repo | What it shows |
|---|---|
| VeriFactu-Integrity-Lab | Tamper-evident hash-chain for fiscal data integrity (RD 1007/2023 spirit) |
| SOC-L1-Analyst-Lab | Honeypots, syslog detection, regex signatures for SOC L1 triage |
| mediscribe-ai-backend | DevSecOps hardening: Pydantic validation, security headers, OWASP auth flow |
| Item | Type | What it shows |
|---|---|---|
| Barista — Architecture Case Study | System design | Multi-tenant SaaS: PostgreSQL RLS isolation, Stripe idempotent webhooks, VeriFactu fiscal compliance, RSC-first performance |
| Building Tamper-Evident Invoicing (VeriFactu / RD 1007/2023) | Technical article | Hash-chain integrity, fail-closed compliance, DB-enforced invariants |
Backend Python · FastAPI · SQLAlchemy 2.0 · Alembic · Celery · Redis · PostgreSQL Frontend TypeScript · Next.js 16 (App Router · RSC) · React 19 · Tailwind Infra & Sec Docker · Terraform · Ansible · Nginx · GitHub Actions · OWASP Data & Auth Supabase (Postgres + RLS) · Drizzle ORM · JWT · OAuth2 Payments & Compliance Stripe · Bizum · VeriFactu (RD 1007/2023) · XAdES
Looking for: backend / full-stack / DevSecOps roles · remote-first · Spain or EU-friendly time zones. Comfortable owning production systems end-to-end, from migration scripts to nginx reload.