Ami Heines

Software architect & full-stack developer — cloud, data, and systems for regulated industries

Ami Heines

I design, build, and run production systems — for companies that can’t afford to get infrastructure wrong.

Backend & full-stack architecture, cloud & AI-cost engineering, data visualization, and private-blockchain infrastructure. Three decades shipping software for regulated industries — end to end, and I still write the code.

  • Building software since 1993
  • CISOteria — GRC SaaS architect (7 yrs)
  • National Cyber Directorate GRC portal — backend lead
  • Flixel founder · 7 patents
  • IDF Major (ret.)
  • EOSIO StackExchange — #11 globally
  • B.Sc. Math & Physics, TAU

What I do

Cloud & AI-cost engineering

Cut cloud bills and cap AI / LLM spend without re-architecting the product — gateways, hard spend caps, caching, egress and compute reduction. (smallestbusiness.com)

Backend & full-stack architecture

Multi-tenant SaaS, API and data-layer design, legacy modernization, containerization — owned end to end, for regulated industries.

Data visualization & front-end

Interactive dashboards and maps that make complex data legible — D3.js, Angular, React.

Private blockchain & tamper-proof infra

Immutable audit trails, wire-fraud prevention, art provenance — self-hosted Antelope / BFT, no third-party dependency.

Selected work

CISOteria

CISOteria

Security-compliance (GRC) SaaS · backend architect, 2019–present

Multi-tenant CISO / compliance platform on AWS Marketplace. I own the API, data model, and architecture — Node.js + a modernized PHP core, MariaDB / Redis / Docker, vulnerability dashboards and analytics, SSO / SAML.

CISOteria — asset risk graph (D3)

CISOteria — asset risk graph (D3)

Compliance data-viz · D3.js hierarchy

A D3 hierarchy I built for CISOteria: an asset’s risk score traced down to the systems and infrastructure it depends on — colour-coded by risk, so the weakest link is obvious.

Israel National Cyber Directorate — GRC portal

Israel National Cyber Directorate — GRC portal

grc.cyber.gov.il · built at CISOteria · backend lead

The Israel National Cyber Directorate’s governance-risk-compliance portal, powered by CISOteria (“Cyber OS”). I led most of the backend and built parts of the front end.

IMS — interactive weather map

IMS — interactive weather map

Israel Meteorological Service · front-end / data-viz

Map-overlay work I contributed to the Israel Meteorological Service (ims.gov.il) — data overlays on their interactive synoptic forecast maps.

ChainVault

ChainVault

Private-blockchain deal room

Tamper-proof real-estate closing platform with on-chain wire-fraud prevention — a 4-node Antelope / BFT chain and a client-side-encrypted document vault.

Verarta

Verarta

Art provenance on a private chain

Immutable provenance records for artworks — no third-party dependency, full audit trail.

Smallest Business

Smallest Business

Cloud & AI-cost engineering

My consultancy and a daily learn-in-public series on cutting cloud bills and controlling AI spend.

I write more often at smallestbusiness.com

My main blog lives there — near-daily posts on cutting cloud bills and controlling AI / LLM spend. This site keeps the occasional longer piece; the frequent writing is over there.

Read smallestbusiness.com

Available for short- and long-term engagements. If your infrastructure is something you can’t afford to get wrong, let’s talk.