Qualys · Cloud Security · Mar 2025 – Present
Multi-cloud workload protection platform
Architected the CWP, CSPM, and DSPM scanning engine at Qualys — a distributed, event-driven platform that performs zero-touch agentless snapshot scanning across AWS, Azure, GCP, and OCI. Built entirely on Kafka-driven microservices with Redis-backed distributed coordination, Oracle persistence, and cross-subscription cloud integrations.
- Designed partition-aware Kafka consumer topology processing 50K+ cloud lifecycle events daily across 100+ concurrent enterprise environments
- Engineered Azure cross-subscription snapshot architecture — snapshots created in service subscription, source disks in target subscription — reducing provisioning time by 60%
- Built IMDS-based managed identity auth for disk attach/detach and storage upload at scan time, eliminating SAS token surface area
- Automated RBAC role assignments, Key Vault encryption policies, NSG rules, and VNet peering via governed Terraform IaC — 85% reduction in security violations
- Implemented dead-letter handling, Redis-based idempotency guards, and multi-phase setup/cleanup orchestration (NSG → VNet → KeyVault → Storage → FunctionApp)
- Designed multi-volume disk attach flow with IMDS LUN mapping and parallel mount handling for OS and data disk scanning
Kafka
Redis
Azure
AWS
GCP
OCI
Java
Node.js
Terraform
Oracle DB
Globant · Billing & Payments · Jul 2021 – Feb 2025
Billing platform modernization
Led backend decomposition of a monolithic billing system into service-oriented components at a Fortune 500 client. Rearchitected APIs, redesigned schemas for horizontal scaling, and delivered PCI-DSS-aligned hosted payment integrations end-to-end.
- Decomposed billing monolith into independently deployable services — 40% improvement in service throughput and deployment velocity
- Shipped PCI-compliant hosted payment flows integrating Stripe and multiple enterprise payment gateways with webhook reconciliation
- Reduced PostgreSQL query latency by 18% via composite indexes, covering indexes, query plan analysis, and connection pool tuning
- Built policy-based access control layer with RBAC, scoped JWT claims, and audit logging across all billing endpoints
- Reduced manual billing operations effort by 50% through automated invoice generation, dunning workflows, and reconciliation pipelines
- Introduced shift-left testing with 85%+ unit test coverage on business logic and contract testing across service boundaries
Node.js
TypeScript
PostgreSQL
Redis
Stripe
Jest
CasaOne · Operations Platform · Nov 2020 – Jul 2021
Operations & logistics platform
Built backend systems for warehouse management, inventory tracking, and last-mile logistics at a Series B furniture rental startup. Focused on API performance, operational automation, and event-driven integration with 3PL and fulfillment partners.
- Diagnosed and resolved N+1 query patterns, missing indexes, and synchronous I/O bottlenecks — reduced API latency from 9–13s to under 2s
- Built GCP Pub/Sub event pipeline for real-time inventory state sync across warehouse, delivery, and customer-facing systems
- Delivered warehouse assignment, bin management, and transfer order modules with test-first development
- Reduced manual operations effort by 30% through automated routing, SLA tracking, and exception escalation workflows
- Integrated with 3PL partners via webhook adapters and idempotent job processors with retry semantics
GCP Pub/Sub
Node.js
MongoDB
Redis
Mocha
TrueSparrow · Web3 Infrastructure · Jun 2018 – Nov 2020
Token economy platform on Ethereum
Built backend infrastructure for OST — a Stripe-like platform for Ethereum-based branded token economies used by consumer apps. Delivered realtime systems, media processing pipelines, notification infrastructure, and contributed to multiple open-source packages shipped by the company.
- Designed and shipped Web3 REST APIs for token minting, transfers, and wallet management using Web3.js over Ethereum sidechains
- Built RabbitMQ-driven async job processing for token transactions with retry, DLQ, and consistency guarantees across MySQL and DynamoDB
- Improved system throughput by implementing request sharding, connection pool sizing, and async parallelism across worker pools
- Delivered realtime notification service (WebSockets + Redis Pub/Sub), in-app chat backend, and media transcoding pipeline
- Core contributor to OST Cache (universal caching library), OST Block Scanner (Ethereum chain indexer), and OST View (explorer UI backend)
Web3.js
RabbitMQ
Node.js
MySQL
DynamoDB
Redis
LanguagesJavaScript, TypeScript, Java, Python, Bash
Backend FrameworksNode.js, Express.js, NestJS, Spring Boot, Flask, Django, FastAPI, GraphQL
Databases & StoresMySQL, PostgreSQL, MongoDB, Cassandra, DynamoDB, CosmosDB, Elasticsearch, Redis, Oracle
AWSLambda, API Gateway, S3, EC2, CloudFormation, RDS, DynamoDB, SNS, SQS, Step Functions, EventBridge, GovCloud
AzureFunctions, VMs, SQL Database, Storage Accounts, Event Hub, Function Apps, Logic Apps, Event Grid, Azure Government
Messaging & OrchestrationKafka, RabbitMQ, Camunda, Conductor, Redis coordination, Asyncio, Celery
DevOps & InfrastructureDocker, Podman, Kubernetes, Jenkins, Terraform, CDK-TF, CloudFormation, Azure Bicep, ConcourseCI
ObservabilityELK Stack, Kibana, Prometheus, Grafana, SonarQube, OpenTelemetry, structured logging
AI & DataPandas, NumPy, Matplotlib, Transformers, Meta LLaMA, scikit-learn, Isolation Forest, Google Colab
TestingPytest, Jest, Mocha, Chai, Sinon, Supertest, TDD, Shift-Left Testing
ArchitectureMicroservices, Serverless, Event-Driven, Cloud-Native, SOA, IaC, Agile, SAFe, XP, CI/CD
Frontend & WebReact, WebSockets, REST APIs, API-first design, Webpack