Nguyen Le PhongNguyen Le Phong

Engineering profile

I build product systems that can be shipped, observed, and recovered.

My work now sits between product engineering and platform reliability: front-end surfaces, backend services, secure integrations, rollout systems, Kubernetes infrastructure, and the operating model that lets a team release with less guesswork.

8+
years shipping production software
11
people in the delivery team I lead
30+
tenants served by rollout systems
~40k
users behind the feature-flag platform

Current focus

The layer I operate in now

I still care about polished user interfaces, but my current value is broader: connecting product decisions with backend contracts, infrastructure paths, release control, and production diagnosis.

Backend services & secure integration

I work with .NET Core, Node.js, and Java Spring services, focusing on REST/GraphQL contracts, auth, encryption, backward compatibility, retry behavior, idempotency, and partner-system instability.

  • .NET Core
  • Node.js
  • Java Spring
  • REST/GraphQL
  • mTLS

Platform, infra & traffic path

I have been involved in the production path around Docker, Kubernetes, AKS/FKE/K3S/EKS, ArgoCD, CI/CD, domains/SSL, ingress and load-balancer routing, and recovery work when the system is already under pressure.

  • Kubernetes
  • ArgoCD
  • CI/CD
  • Ingress
  • Load balancer

Progressive delivery

I engineered a multi-tenant feature-flag platform with priority rules, tenant/segment/env rollout, JSON-config values, and stateless runtime evaluation so releases can move gradually instead of all at once.

  • Feature flags
  • 30+ tenants
  • Rollout rules
  • Runtime config

Observability & operating clarity

I build the feedback loops around releases: PostHog, metrics pipelines, API health checks, anomaly review, rollback readiness, RFCs, runbooks, and release criteria that make incidents easier to understand.

  • PostHog
  • Metrics
  • Runbooks
  • Rollback
  • Release review

Technical depth

The engineering details I pay attention to

The systems I prefer are not only feature-complete. They have clear contracts, known failure modes, and enough operational signs for the team to find the problem before users feel it.

Backend techniques

  • Backward-compatible API contracts for mobile, web, and enterprise clients.
  • RSA-4096 handshake, AES-256 payload encryption, mTLS, certificate pinning, and ACK-driven monitoring for financial integrations.
  • Retry queues and idempotent APIs for partners that are slow, unstable, or asynchronous.
  • Stateless runtime evaluation for rollout rules, JSON config, tenant and segment targeting.

Infrastructure techniques

  • Kubernetes cluster operations across AKS, FKE, K3S, and EKS environments.
  • Ingress, load balancer, domain and SSL paths treated as part of the product delivery flow, not as a black box.
  • ArgoCD and CI/CD pipelines for repeatable releases, environment control, and recovery.
  • Production diagnosis through logs, metrics, health checks, and documented recovery steps.

Release architecture

  • Micro-Frontend composition with Angular host and React modules to reduce deployment coupling.
  • Feature-flag rollout by tenant, segment, environment, and percentage.
  • Observability workflows for feature adoption, regression tracing, and anomaly review.
  • Rollback criteria and release checklists so delivery stays deliberate under pressure.

Team systems

  • Ownership boundaries, org chart, competency matrix, and workload routing after leadership transition.
  • RFCs, runbooks, technical specs, and troubleshooting guides that reduce hidden knowledge.
  • Hiring, onboarding, 1:1 coaching, and review loops for developers and QC engineers.
  • Branch strategy, commit convention, release tagging, and integration rules that keep delivery predictable.

How I work

Principles I bring into production systems

These are practical habits, not slogans. They come from seeing systems fail in ordinary ways and learning how to make the next release easier to reason about.

Trace before rewriting

When a system behaves strangely, I first look for the path: request flow, data contract, logs, metrics, release history, and infrastructure changes.

Contracts before code volume

A good backend service is easier to operate when its API, retries, idempotency, security boundary, and compatibility rules are clear.

Rollout before big-bang release

Feature flags, tenant targeting, staged deployment, and rollback criteria keep product movement steady without making every release a gamble.

Documentation should reduce interruption

Specs, runbooks, and checklists are useful when they let another engineer diagnose, recover, or continue the work without waiting for one person.

I am most useful in teams where product ambition, backend complexity, and production reliability meet. That is where careful engineering turns unclear systems into something the team can ship, observe, and improve.