abbas tolgay yılmaz

aka. streamerd

@ UTC + 3 website · github · linkedin artworks · poems · compositions

Hands-on CTO and engineering leader. 10+ years shipping cloud-native platforms, coordinating distributed teams, and turning messy stakeholder goals into dependable, scalable products.

Bachelor of Computer Engineering

2014

Izmir Institute of Technology

From greenfield design through stack uplift, DevOps, and pragmatic AI in the delivery loop — bias for software that is fast, safe, and easy to evolve. Care about team health and about technical bets that convert into commercial leverage.

co-founder & cto

Governate Oy

Helsinki, 1.2025 – Present

Post-quantum file security on GCP — Kyber-1024 hybrid encryption, policy-based access, cross-platform clients, and production observability.

  • Hybrid crypto (AES-256-GCM + Kyber-1024 via Cloudflare CIRCL / Go); on-demand key wrapping — no long-lived keys in DB; cross-platform CLI (macOS, Windows, Linux).
  • ZK-based device activation (Zig + Circom); led Windows client (C# / WPF / minifilter, print & screen controls) and Go Fiber backend — mTLS, WebAuthn, MFA, audit to ClickHouse.
  • Real-time layer (WebSocket + NATS, Redis); ClickHouse + Grafana + Prometheus on GCP; GitHub Actions CI/CD.
website →
staff software engineer

ConsAuth Systems

Remote · 2025 – Present

Consent-first identity platform: custom IdP + OAuth2/OIDC (Ory Hydra), Go services, PostgreSQL/Redis — SSO across apps with user-owned preferences and Solid/WebID-aligned flows; optional private pod provisioning.

  • Owned protocol and service design around Hydra: authorization & token issuance, client/developer lifecycle, consent and scope modelling — same mental model as scaling trusted auth for many consumers.
  • Shipped containerized stack (Docker, Nginx), REST APIs and admin/developer surfaces; comfortable owning identity boundaries in a supply-chain–sensitive world where provenance of trust matters.
  • Async-first, globally distributed collaboration — when we align in person, bonfires are my jam for the kind of deep planning that doesn’t fit a stand-up.
consauth.com →
founder

Start a World Peace Teknoloji A.Ş.

2023 – Present

Focused on freelancing, open-source contributions, and building and experimenting ideas and products.

  • Built and launched multiple platforms including milsiz.art and sociolog.in (identity work under ConsAuth Systems, above).
  • Led end-to-end product development: ideation, design, development, and deployment across SaaS, civic tech, and decentralized identity domains.
  • Implemented W3C standards including LDN (Linked Data Notifications) and Solid Protocol/Pod, and integrated Stripe and Paddle for SaaS monetization.
  • Contributed to open-source libraries and frameworks; developed several browser extensions.
website →

Selected works

ConsAuth Systems

IdP + Ory Hydra OIDC — consent-first SSO, Solid/WebID, optional pods.

platform · identity · go

Milsiz Art

Artist marketplace connecting independent artists with collectors and physical venues.

marketplace · saas

Socio Login

Enterprise OAuth monitoring — visibility into team app access across Google Workspace.

security · saas

Milsiz

Civic tech platform enabling Turkish citizens to campaign for presidency with 100K signatures.

civic tech · saas
fullstack dev

Vattenfall Energy Trading GmbH

Hamburg, 2019 – 2022

  • Contributed building a containerized data platform aggregating real-time feeds from 50+ wind turbines at Princess Alexia Wind Park.
  • Designed modeling pipelines processing 5M+ telemetry events/day using Kafka and Cassandra.
  • Improved energy trading accuracy by 18% through turbine curtailing and production scheduling optimizations.
  • Reduced forecast deviation by 25%, increasing revenue from wind asset trading.
  • Engineered secure infrastructure for EV charging networks, supporting 1,000+ active charging sessions/day.
  • Secured SCADA communications for power plants including CHP and nuclear facilities, strengthening cybersecurity compliance with OpenMUC library.
fullstack dev

Element Insurance AG

Lübeck, 2018 – 2019

  • Enhanced and scaled insurance microservices serving 100K+ policyholders across multiple internal teams.
  • Delivered 5+ new platform capabilities by integrating APIs and shared services across departments.
  • Led cloud migration efforts, moving 70% of workloads to AWS, improving system reliability.
  • Implemented Infrastructure-as-Code (Terraform) reducing environment setup time by 80%.
  • Built and optimized React dashboards used daily by 50+ internal users.
consultant fullstack dev

Türkiye İş Bankası A.Ş.

Istanbul, 2017 – 2018

  • Reverse-engineered and integrated legacy SOAP/WSDL endpoints using SmartBear SoapUI's Java SDK, enabling automated testing of the bank's internal service infrastructure.
  • Built and maintained internal web tools with Spring Boot backend and jQuery/vanilla JS, HTML, CSS frontends.
  • Optimized API testing workflows, improving reliability and reducing manual verification overhead across core banking services.
  • Collaborated with cross-functional banking teams to document and standardize internal service contracts, improving onboarding for new engineers.

I have grown as a technology-agnostic engineer and technical leader. Below are the technologies and domains I have the most experience with.

Engineering Leadership

Technical strategy & roadmap ownership, cross-functional team leadership, architecture design & review, hiring & mentoring engineers, stakeholder communication, open-source contribution, startup 0→1 product delivery

Languages

Go, TypeScript, JavaScript, Python, Java, Zig, Solidity, SQL, Shell

Frameworks & Libraries

Go Fiber, React, Next.js, NestJS, Spring Boot, Node.js, Express

Cloud, Infrastructure & DevOps

Google Cloud (GCP), AWS, Terraform, OpenTofu, Docker, Kubernetes, Nginx, GitHub Actions, CI/CD, Prometheus, ClickHouse, Linux

Storage & Data

PostgreSQL, MongoDB, Cassandra, Redis, Elasticsearch, ChromaDB
REST, GraphQL, gRPC, WebSockets, SSE, SOAP/WSDL

Security & Cryptography

OAuth2, OIDC, Ory Hydra, IdP / SSO patterns, JWT, Passkeys / WebAuthn
ZK-Proofs / SNARK / Circom, Mutual TLS, X.509

Distributed Systems

NATS, Redis Pub/Sub, Hazelcast, Traefik, microservices, event-driven architecture

AI & ML Integration

LLM integration (OpenAI, Claude), RAG pipelines, vector databases, agent tooling

Payments & SaaS

Stripe, Paddle, subscription billing, SaaS product development

Standards & Protocols

W3C LDN, Solid Protocol / WebID, ActivityPub

Web3 & Smart Contracts

Hardhat, Solidity, ERC-721, ERC-1155, ERC-6551 (token-bound accounts), ERC-2535 Diamond pattern, marketplace + auction contracts, account abstraction

Choose CV theme