Rendering CV…
Domain-First Solution Architect
Domain-First solution architect for fintech & banking. 15+ years in regulated financial services — investment banking, wealth management, payments (PSD2 / Open Banking), core banking and digital identity. Owns architecture end-to-end — from greenfield platform design to event-driven microservices on Azure / AKS.
I keep the business model legible while frameworks, regulation and AI agents change underneath it. DDD made executable: the domain is a tree of versioned Java interfaces (ports and adapters), concrete technology kept at the leaves — so legacy modernization becomes a contained, countable swap, not a rewrite.
AI-safe by construction: a versioned, compilable domain becomes the agent's contract, keeping AI-assisted development inside bounded contexts instead of drifting the model.
Founder & Principal Architect at Codefreeze and author of the Domain-First Rules.
Role: Solution Architect, Developer
Technology: Terraform, Terragrunt, Proxmox VE, Vault, Consul, Nomad, Traefik, MinIO, Gitlab Pipelines, Nexus, LGTM, Kafka, Cloud-init, ZFS, Docker, Bash
Description: AI-driven homelab IaC with zero-trust networking, layered encapsulation and dependency injection via Terragrunt outputs.
Single-node Proxmox homelab fully managed with Terragrunt, structured in three IaC layers: environments (compositions), services and reusable modules.
Layered VM image preparation: base OS image, Docker-enabled template, service-specific cloud-init injection — immutable and composable provisioning.
Vault PKI hierarchy (Root CA, intermediate CAs per service, server and client roles) with mTLS enforced across all services.
Terraform fully decoupled from credentials — Vault AppRole and JWT auth, secrets resolved at runtime via Vault Agent.
Phase-based bare-metal bootstrap automation with health checks, rollback and idempotent deployment scripts.
Role: Software Architect, Developer
Technology: Java 25, Spring Boot, Spring WebFlux, Project Reactor, Neo4j, Web3j, Maven
Description: DDD blockchain analyzer built on interface-driven architecture with self-persisting aggregates and reactive event-driven processing.
Pure domain module defines behavioral interfaces; each infrastructure module implements them independently with its own technology concerns.
Multi-module architecture with strict downward-only dependencies — each module encapsulates a single layer: domain, graph persistence, blockchain integration, REST API, composition root.
Rich aggregate model with self-persistence, strategy-based transaction classification, factory-pattern object creation and domain event orchestration.
Chain-agnostic parent library with universal blockchain interfaces — eth-node is one chain-specific implementation.
Reactive pipeline with backpressure handling from live blockchain subscription through batch graph persistence to streaming REST API.
Role: Cloud Platform Architect
Engagement: Designed to tailor and implement — on-prem, any cloud, or repatriation back
Technology: Terraform, Terragrunt, Proxmox / bare-metal, AKS / EKS / GKE, Vault, Cloud KMS, Consul (service mesh), Nomad, Traefik / Gateway API, OpenTelemetry, LGTM (Grafana), GitLab CI, OIDC / Workload Identity, Helm, Docker
Description: A portable platform proven on-prem, designed to move either way — same architecture, only the provider modules retargeted. On-prem to cloud, cloud to on-prem, or hybrid.
Same three-layer Terragrunt IaC (environments / services / reusable modules) — going either direction retargets only the provider modules; compositions stay invariant.
Complete SDLC platform — CI/CD, artifact registry, secrets/PKI, service mesh, observability — portable across on-prem and the three hyperscalers.
Vault PKI hierarchy with mTLS — cloud KMS + workload identity (Entra ID / IAM / Workload Identity) or on-prem Vault.
Phase-based bootstrap with health checks, rollback and idempotent deploys — portable across on-prem and the three hyperscalers.
Domain-First software architecture studio for fintech — Architecture Reviews, DDD adoption, legacy modernization, AI-supervised delivery; one client at a time.
Author of the Domain-First Rules; reference platform with a versioned central domain, domain-segregated MCP and layered IaC (Proxmox, Vault, Nomad, Consul).
Delivered into the client's repository, with no lock-in.
Technology: Java 17–25, Spring Boot 3.4, Spring Cloud Stream, Cosmos DB, Azure Event Hubs, AKS, Terraform, Helm, GitLab CI, Spock, Cucumber, Docker
Description: Greenfield cloud-native platform for financial asset eligibility assessment and workflow orchestration, coordinating events across multiple business domains with distributed state management.
Owned end-to-end software architecture of a greenfield platform designed from scratch — domain model, service boundaries and Azure topology.
Event-driven microservices processing financial asset eligibility across multiple business domains.
Azure integration: Event Hubs with manual checkpointing, Cosmos DB with optimistic concurrency, Blob Storage for streaming and distributed locking.
Domain-First Hexagonal architecture with generic store abstractions and workflow orchestration using Aggregates.
Secure API communication: OAuth2 with per provider customizations.
Terraform IaC for Azure resources, Helm-based deployments to AKS, GitLab CI/CD with SonarQube and Fortify scanning.
Multi-layer testing: Spock unit tests, Cucumber BDD acceptance, WireMock, Spring Cloud Contract.
Technology: Spring, Hibernate, Oracle, Angular
Description: Platform for asset ratings management.
Led legacy modernization: monolith-to-microservices decomposition (architecture design and domain analysis).
Drove cloud migration: re-architected CI/CD (Bamboo limitations analysis, Jenkins adoption) to enable the to-cloud move.
Promoted DDD architecture across the team.
Custom API cache design and implementation to avoid unnecessary calls for already cached data.
API design and integration, exposed to UI and other BE components.
Performance analysis participation prior each release. According to results, optimize application behavior to satisfy predefined expectations.
Working close with business and supporting teams on daily basis to deliver new features.
Release and production support.
Technology: Spring, AWS (Lambda, DynamoDB, CloudFormation, S3), REST, ReactJS, Spock
Description: Platform for digital identity validation and authentication.
Frontend accessibility fixes and layout adjustment.
Backend improvements.
Increasing test coverage.
Technology: J2EE, Spring (Core, WebServices, Security), JS, TeamCity, AWS, SOAP, REST, AngularJS, Spock, Camel, JMS, MongoDB
Description: Platform for revenue optimization.
Frontend development in case UI-devs were absent.
Backend development on daily basis.
Mongo data series fixing.
Bash tools to help data processing like JSON transformation or CSV extraction.
Application maintenance.
Technology: J2EE, Spring (Core, WebServices), JavaScript, GWT, neo4j, Tomcat, Jenkins, Kubernetes, Docker, SOAP, REST
Description: Platform for financial verification of private and corporate customers.
Leading of 12 members DevTeam
Requirements collection and clarification
Backlog organization
Sprint scope planning
Sprint management – current tasks, future tasks, keep work ongoing
Tasks definition – usually with business
Release planning and management – dates, scope, deployments, requirements, dependencies
Team management on members level – capacity, forecasting, holidays, hardware, taking care about good team spirit, etc.
Team management on project level – resolving dependencies with other teams, planning and delivering work for other teams, production incidents handling
Blockers/problems solving – member/team/business levels
Meetings planning and coordination
Taking care about relations and improving cooperation with Customer Care and Business side
High level view on system architecture
Developers consulting
Technology: Python, PHP, Databricks, AWS
Description: VOD platform for mobile devices.
Data analysis
Searching for data discrepancies and root causes of data issues on lower level - debugging, logs analysis, etc.
Technology: J2EE, REST, Spring (Core, WebServices, Data, Security), Tomcat, Jenkins, K8s, Docker, Azure Cloud
Description: European Payment Service Directive (PSD2) forces banks to use public APIs. Our platform provides security, monitoring, load balancing and scalability for Banks or Payment providers like PayU or PayPal.
Technology decision maker person
Technical support during sales meeting
Product presentation to the business
Technology: J2EE, Spring (Core, Batch, WebServices, Data), Hibernate, JavaScript, npm, Webpack, SASS, Tomcat, Jenkins, AWS
Description: Compares two versions of map engine and calculates various statistics. Results tell either new version is good enough for prod release or not.
Frontend and backend development
Build and deployment process development
AWS Cloud maintenance
Technology: TomTom Maps API, Spring (Core, WebServices, Data), JavaScript, npm, Webpack, SASS, Tomcat, Jenkins, AWS
Description: Allows users to chose desired, best search result from search query. Tool used for gathering so called Ground Truth.
Frontend development
Build and deployment process development
AWS Cloud maintenance
Technology: J2EE, Spring (Core, WebServices), Tomcat, Jenkins, AWS
Description: H2OShim — a so-called shim. Some kind of proxy built on the top of an old system (API) which redirects requests to new version of API. Allows to terminate old one and maintain only new one. Transparently for a client.
Backend development
Build and deployment process development
AWS Cloud maintenance
Technology: TomTom Maps API, J2EE, JavaScript, npm, Webpack, SASS, Spring Spring (Core, WebServices), Tomcat, Jenkins, AWS
Description: Enriches search results with additional data like EV Stations, TripAdvisor ratings, etc.
Frontend and backend development
Build and deployment process development
External APIs integration
AWS Cloud maintenance
Technology: J2EE, Spring, Hibernate, Apache CXF, JAX-RS, Oracle DB, Tomcat
Description: Backend component for caching, processing, validating and exposing client data to another components. I was responsible for delivering new functionalities and production support.
Technology: Node.js, CasperJS, AngularJS, Gulp, Bower
Description: Tool for front-end testing automation. Results were compared between old and new version of developed system. I was responsible for design and implementation from scratch.
Technology: GWT, JSF, RichFaces, jQuery, J2EE, Spring, Hibernate, JBPM, JAX-WS, JAX-RS, Oracle DB, Jboss, Tomcat
Description: At the beginning I was a UI developer. With time I was chosen to write also backend and "end-to-end" functionalities.
Views and Controllers development and support
UI performance optimization
Developing new features on all layers of application
GWT and JSF (RichFaces) integration implementation and support
End-to-end profiling and applying improvements
Technology: JSF, RichFaces, jQuery, J2EE, Spring, Hibernate, JAX-WS, Oracle DB, WebLogic, Jboss
Description: Application for aggregation data from several web services. I was assigned as a UI developer. I was responsible for delivering front-end parts of new functionalities.
Views and Controllers development and support
UI performance optimization
Technology: JSF, RichFaces, jQuery, J2EE, Spring, Hibernate, Oracle DB, WebLogic, Jboss
Description: Workflow application for business process management. In this project I was also assigned as a UI developer, but this time I had an occasion to write some part of back-end parts of application.
Views and Controllers development and support
Debugging, logs analysis, code analysis and refactoring
Specialization: Applied Computer Science
Faculty: Physics and Applied Computer Science
Thesis topics: Level I degree: Developing a database application with Hibernate
Key subjects: *-*-
Level II degree: Additional modules to Grading Student Support System (plagiarism detection, compilation/running, rating, sharing materials for students)
Profile: IT and mathematical
English: C1, C1, C1, C1, C1
I'm Adrian Kremblewski, a Domain-First solution architect for fintech & banking — this is my CV the way it reads as a document. Founder & Principal Architect at Codefreeze.