Re-architected a single-tenant codebase into a multi-tenant SaaS with hybrid silo/pool tenancy, SOC 2-ready controls, and self-serve plus enterprise funnels off the same stack.
Anonymized delivery dashboard
Enterprise pilots
11 won
SOC 2
Passed
Trial-to-paid
+27%
Before
Constraint
Build
Controlled cutover
After
Measured gain
Every engagement is framed around the business situation, the constraint that made it hard, and the decision that turned delivery into a controlled path to value.
Situation
The product was technically single-tenant with tenant_id columns retrofitted. The first enterprise prospect asked for data isolation, regional residency, and SCIM provisioning — and the architecture could not credibly offer any of them.
Constraint
The product was technically single-tenant with tenant_id columns retrofitted. The first enterprise prospect asked for data isolation, regional residency, and SCIM provisioning — and the architecture could not credibly offer any of them.
Decision
Created a hybrid tenancy model so self-serve customers stayed efficient while enterprise buyers received credible isolation.
Build
Standard tenants stayed in a shared pool with row-level security. Enterprise tenants opted into per-tenant database silos provisioned via Terraform, with a single application binary in front of both.
SOC 2 controls — access reviews, audit logs, change management — were engineered into the platform and CI rather than maintained as a parallel evidence project. Evidence was generated, not curated.
Outcome
11 enterprise pilots converted to paid contracts in the first two quarters post-launch.
SOC 2 Type I passed three months after foundation work completed.
What changed after launch
Security evidence, access reviews, and tenant provisioning became product capabilities instead of spreadsheet exercises.
“We stopped apologising for our architecture in enterprise calls and started showing buyers how controls worked.”
The work was not abstract modernization. It changed day-to-day behavior, ownership, and the evidence leaders used to make decisions.
Before
After
The delivery plan made the system boundary explicit, then used rehearsals, gates, and telemetry to optimize safely before launch.
Delivery architecture
SaaS control loop
Discover
Standard tenants stayed in a shared pool with row-level security. Enterprise tenants opted into per-tenant database silos provisioned via Terraform, with a single application binary in front of both.
Launch
SOC 2 controls — access reviews, audit logs, change management — were engineered into the platform and CI rather than maintained as a parallel evidence project. Evidence was generated, not curated.
Standard tenants stayed in a shared pool with row-level security. Enterprise tenants opted into per-tenant database silos provisioned via Terraform, with a single application binary in front of both.
SOC 2 controls — access reviews, audit logs, change management — were engineered into the platform and CI rather than maintained as a parallel evidence project. Evidence was generated, not curated.
After launch
Security evidence, access reviews, and tenant provisioning became product capabilities instead of spreadsheet exercises.
Next.js
NestJS
PostgreSQL
Stripe
Clerk
AWS
Terraform
A similar problem?
A senior engineer will follow up within one business day with an opinionated take on the shape of the work.
