Charles Deane
Systems & Backend Engineer

Professional Summary

Systems-oriented backend engineer focused on distributed infrastructure, networking, and production reliability.

Currently the sole engineer responsible for designing, building, and operating the internal technology platform at a regulated financial advisory firm. The platform supports daily operations for 12 advisors and directly enabled $30M in new assets under management within the first three months of production use.

My work spans backend services, infrastructure, networking, observability, and operational tooling. I focus on building practical systems that operate reliably in production environments and scale with evolving business requirements.

Outside of work I build systems projects exploring infrastructure patterns including database proxies, distributed storage, and containerized runtime environments.

Technical Profile

Languages

Go, Python, SQL, Java, JavaScript / TypeScript, C++, Rust (learning)

Distributed Systems & Infrastructure

Kubernetes (k3s)
Cilium (eBPF networking)
OCI containerization
GitHub Actions CI/CD
HAProxy, NGINX
NixOS

Systems & Architecture

Service boundary design
Backpressure and graceful shutdown
Observability-first system design
Protocol parsing and framing
Syscall-efficient I/O patterns

Networking & Security

TCP/IP fundamentals
VPN configuration and routing
Zero-trust internal service architecture
OIDC / OAuth2 authentication

Data Systems

PostgreSQL (schema design, indexing strategy, query optimization)
SQL migrations and reporting workflows
ChromaDB
Data ingestion and automation pipelines

Experience

Founding Engineer

FirstRise Investments | Stamford, CT
Sep 2024 – Present

Primary technical decision-maker responsible for architecture, implementation, and operation of the firm’s internal platform and infrastructure.

Platform Development

• Designed and implemented the firm’s internal CRM and operational tooling platform from the ground up.
• System adopted by 12 advisors and integrated into daily workflow.
• Directly supported $30M in new AUM within the first three months of use.
• Work directly with advisors and leadership to align technical priorities with revenue and compliance goals.
• Deliver iterative improvements while maintaining production stability.

Backend & Data Engineering

• Develop backend services in Go supporting client management, reporting, compliance tracking, and automation.
• Lead PostgreSQL schema design, indexing strategies, and migration planning for sensitive PII data of over 50,000 prospects.
• Reduced core API latency from ~1–2 seconds to under 100ms through database optimization, indexing improvements, and Go concurrency tuning.
• Build Python-based automation and ingestion pipelines supporting reconciliation and reporting workflows.
• Integrate third-party financial APIs into internal systems.

Infrastructure & Operations

• Build and maintain the production Kubernetes environment running containerized backend services.
• Migrated networking from Flannel to Cilium to improve observability and traffic control using eBPF.
• Established CI/CD workflows enabling repeatable deployments and rapid iteration.
• Implement structured logging and internal observability tooling for production debugging.
• Diagnose and resolve performance and reliability issues across application, database, and infrastructure layers.

Security & Regulatory Context

• Design systems assuming FINRA-regulated data handling requirements.
• Implement role-based access controls and service authentication boundaries.
• Maintain secure multi-site connectivity and segmented internal networks.
• Apply prior financial advisory experience to technical risk assessment and operational safeguards.

Previous Experience

Financial Advisor

Equitable Advisors | Milford, CT
Jun 2023 – May 2024

• Operated within a FINRA-regulated broker-dealer environment.
• Developed practical understanding of compliance workflows, audit expectations, and operational risk.
• Experience directly informs architectural decisions around data access and system failure modes.

Selected Independent Projects

pgWarden | PostgreSQL Wire-Protocol Proxy (Go)

Compliance-oriented PostgreSQL boundary proxy written in Go, designed to enforce data-access policies in regulated environments without requiring application-level rewrites.

• Parses and forwards PostgreSQL protocol frames while enforcing policy controls at the connection layer.
• Terminates TLS and mTLS connections at the database boundary.
• Designed to operate with minimal overhead while preserving protocol correctness.
• Telemetry pipeline analyzes query behavior using rolling baselines and drift detection.
• Containerized deployment model enabling distributed environments.

Krellin | Sandboxed LLM Coding Agent Runtime (Go)

Local-first runtime for executing AI agent workflows inside isolated container environments.

• Built daemon and execution model for serialized agent actions with deterministic logging of filesystem mutations.
• Designed per-repository container isolation preventing host filesystem and Docker socket exposure by default.
• Implemented reproducible execution model enabling deterministic reset and debugging of agent workflows.
• Enforces explicit tool boundaries and safe-by-default guardrails for agent execution.

LankaDB | Distributed Key-Value Store (Rust, In Progress)

Experimental distributed key-value system exploring replication, durability, and large-object storage.

• Persistent TCP protocol with structured framing.
• Write-ahead logging for durability.
• Asynchronous replication model.
• Designed with syscall-efficient I/O patterns and kernel-level awareness.
• Focused on infrastructure workloads involving distributed caching and retrieval systems.

Systems Interests

• Distributed databases and replication
• Service mesh and networking infrastructure
• Control plane / data plane architectures
• Observability and production debugging
• Container orchestration and runtime systems
• Performance-sensitive backend services

Operating Principles

Over time I’ve developed a few operating principles that guide how I design and run systems:

Prefer operational simplicity
Systems should be understandable and debuggable by humans. Complexity is sometimes necessary, but it should never be accidental.

Observability is not optional
Logging, metrics, and tracing should be part of system design from the beginning. Debugging production systems without visibility is guesswork.

Fail safely and predictably
Systems should prefer explicit failure modes over silent degradation. When something breaks, it should be obvious and recoverable.

Idempotency wherever possible
Distributed systems inevitably retry operations. Designing state transitions to be idempotent prevents cascading failure and simplifies recovery.

Minimize implicit behavior
Hidden magic tends to create fragile systems. I prefer explicit boundaries and predictable execution paths.

Production is the real environment
Local development and testing are important, but systems ultimately prove themselves under real operational conditions.

Education

Bachelor of Science | Computer Science

Western Governors University | Expected 2026

Licenses

FINRA Series 7
FINRA Series 66

Last updated: March 2026