Ecommerce
Fashion
Platform

A multi-brand retailer based in Canada, it specializes in selling designer fashion and high-end streetwear. Since 2003, the platform has grown to deliver products to 114 countries worldwide, supporting websites in multiple languages, including Chinese, French, English, Japanese, and Korean. It generates an average of 100 million monthly page views.

• Focused on implementing new features and developing new pages in the e-commerce system, prioritizing customer needs and feedback to enhance the overall user experience.
• Deployed AWS Control Tower to enforce and manage governance, security, operations, and compliance across AWS accounts. A well-architected multi-account environment was established via Landing Zone, setting a baseline for multi-tenant architecture and security.
• Structured AWS accounts within Organizational Units (OUs) for application environments, set permissions, restrictions and policies at the OU level, and ensured all accounts followed a standardized baseline configuration.
• Utilized AWS Security Hub service to collect data across all accounts into the “Security” account, giving the Security team full visibility and ensuring compliance. Consolidated AWS CloudTrail logs, AWS Config, and VPC Flow Logs into the “Log Archive” account for enhanced security management.
• Provided all user access to AWS accounts through Active Directory group memberships, managed by an ITOPS ticketing system, and centralized all AWS account access and permissions via AWS Single Sign-On, moving away from IAM users to IAM roles with short-living access keys.
• Platform teams centrally managed Terraform code for Legacy and Shared accounts, while domain teams managed infrastructure in a distributed manner for domain-dedicated AWS accounts.
• Replaced VPC-peered environments with modern network architecture using multiple AWS accounts, AWS Transit Gateways, Route53 private resolvers, Security Groups, VPC endpoints and prefix lists, and site-to-site VPN to the office’s network. Multiple application deployments in the same environment could speak to each other via a shared account, and the Cisco CSR router controls outbound connections.
• Developed a re-platform scenario to migrate self-managed services to native cloud services. Among them, Kubernetes cluster, MongoDB databases and ElastiCache were migrated to Amazon EKS, Amazon DocumentDB, and Amazon ElastiCache, respectively.
• Implemented, tested, and documented disaster recovery scenarios, leveraging the built-in DR features of AWS cloud services like Amazon DocumentDB global cluster and IaC approach using Terraform.

Frontend: Vue.js, JavaScript, CSS, HTML

Backend: Node.js, TypeScript, Express.js

Databases: MySQL, MongoDB, Amazon DynamoDB, Amazon DocumentDB, AWS RDS

Cloud: AWS, Amazon EC2, Amazon S3, AWS Lambda, AWS Step Functions, AWS Control Tower, AWS Organizations, AWS Single Sign-On, AWS Security Hub, AWS CloudTrail, AWS EKS

Unit Testing: Mocha, Chai, Jest

CI/CD: Jenkins, Kubernetes, Docker

Networking: AWS VPC, VPC Endpoints, SG, AWS Transit Gateway, Amazon CloudFront, Amazon Route53, Amazon API Gateway

Monitoring: Amazon CloudWatch, AWS X-Ray, AWS Elastic Beanstalk