- Experienced in developing, architecting and analyzing in various Microsoft technology stacks with focus on application security. Extensive experience in building APIs using Web API and recently with .NET Core.
- Demonstrated understanding of Object Oriented Analysis and Design.
- Implemented RESTful web services to be used with multiple clients (Mobile, Adobe, Web…).
- Experienced in transforming existing applications to service oriented architecture using APIs.
- Implemented securing web services using SAML, HMAC, OAuth and Azure AD Connect protocols.
- Implemented web service caching, logging, authentication and authorization.
- Experienced with Microsoft Azure and AWS cloud services (Compute, Storage, and Database).
- Experienced in SOA (Service - oriented Architecture) and SAAS (Software as a Service).
- Embraced Open source technologies in various areas (NoSQL database, Micro ORM etc.).
- Experienced with .NET controls for Web and Desktop based applications.
- Develops database design, schema, stored procedures, and functions.
- Experienced in CI/CD using TeamCity and Jenkins.
- Utilized various source control management tools like SVN, Git, Microsoft TFS.
- Perform code reviews, pair programming, and mentoring team members.
- Implemented Secure Coding Principals & Practices (OWASP & SANS)
- Static application security testing (SAST) and Dynamic application security testing (DAST).
- Identity and Access management.
- Implemented Security UX.
- Implemented least privilege for applications, database and network users.
- Utilized various tools such as Burp Suite Pro, Acunetix, Netsparker, Fiddler, and Sqlmap etc…
- In process of implementing new NIST security guidelines within the company.
- High level understanding of the tools and technology options available in the market place, pros and cons of each to be able to find the best fit of the technology for the given requirements.
- Review client business requirements. Participate in designing functionality workflows.
- Document code, follow design, and develop standards.
- Ability to effectively interact with cross-functional groups and work well within a team oriented environment.
- Implementation of best practices in securing web servers and database servers.
- Adopted to work with Agile/SCRUM methodology.
- Provided tech-talk within company for other teams to understand newer technologies.
- Continuous education through webinars, security conferences and security meetups.
- Develop applications using .NET MVC, Web API and ASP.NET Core 2.1 and Razor pages.
- Utilized Micro-ORM like Dapper for data access from the SQL Server.
- Read the data from various file formats and convert to Word/PDF using template.
- Implemented SAML based SSO between various identity providers with SP/IDP initiated SSO.
- Involved in strategic decision to migrate some of the applications to cloud based architecture.
- Application Security (Detecting common website application vulnerabilities) with HIPAA standards.
- Utilizing various tools for static code analysis and penetration testing of an application.
- Implemented least privilege management for web applications, database servers and network users.
- Implemented TLS/SSL certificates with stronger cipher for HTTPS only web applications.
- Implemented Content-Security-Policy (CSP) headers and Report URI for the web applications.
- Derived login and password reset workflow.
- API authentication and Web and database server hardening.
- Implemented data protection methodology with robust hashing/encryption techniques.
- Introduced reCaptcha for public facing sites and some strategic pages.
- Introduced coding standards and procedures.
Confidential, NYSenior Developer
- SaaS platform utilizes Azure cloud infrastructure for hosting (compute), file system (blob storage), and database (SQL Azure).
- RESTful APIs are developed utilizing cloud infrastructure.
- Implemented authentication mechanism and security.
- Implemented caching, logging, versioning and documentations for the APIs.
- Implemented APIs to make it RESTful which in turn could be consumed by various clients (Mobility, Adobe, Web, and Partners).
- Implemented various facets of the API generation like authentication, authorization, caching, logging, versioning, and documentations.
- Implemented granular level permissions for each user.
- Provisioned users to perform multiple transactions for an operation.
- Implemented profiling api to identify any web service bottleneck.
- Developed various business objects with different functionalities turn into web services.
- Database operations were performed utilizing open source Micro-ORM Petapoco and Massive.
- Prototyped application where images were stored in Mongo DB database
Confidential, NYSenior Developer
- Involved in full life-cycle of the project from requirements gathering, prototype design, analyzing, and designing UI/Middle tier/database.
- Designed UI with Win Forms for desktop and Telerik ASP.NET WebForm controls, AJAX, Java Script, HTML and CSS. Also, developed VB 6.0 based desktop system.
- Utilized MS Enterprise Library framework for Security, Identity, Data and Exception handling.
- Designed and developed reports for the system. Provided export to PDF/Excel features.
- Prototyped dynamic reports using MVC2 architecture.
- Developed real-time reports using classic ASP by accessing DB2 database using linked server.
- Designed database schema, wrote T-SQL stored procedure and functions in the SQL Server.
- Setup SQL Server 2005 ETL SSIS package for transferring Microsoft Visual FoxPro data files to the remote AS400 server (DB2 database) for legacy book rights system.
- Developed DTS packages to send synchronized data (MS-Access → SQL Server) to DB2 database.
- Set up database backup plan and transactional replication.
- Set up database and web server (IIS) security and performance tuning.
- Set up transactional replication for all the production level SQL databases using Publication, Distributor and Subscriber.
- Wrote Use Case specifications and helped the testing team to write the test cases.
Confidential, NYSenior Developer
- Responsible for gathering business requirements. Development and supporting production system.
- Generated reports using Crystal Reports and fetching data from SQL Server through stored procedures.
Confidential, NJSenior Developer
- Make use of Visual Basic COM objects into Active Server Pages (ASP), which in turn interacts with Excel object and SQL database.
- Utilized Content Management Tool to generate templates.
- Developed streaming clips using RealMedia like RealVideo, RealAudio, RealPix, RealText, and integrated using Streaming Media Integration Language (SMIL) on RealSystem Server.
Confidential, White Plains, NYSenior Developer
- Involved in system design and architecture.
- Involved in the process of developing Servlets and Java beans. Setup standards to make application efficient and scalable.
- Developed Tag library in order to differentiate business logic with the presentation.
- SwiftView Plugin and ICS command set language allows generated booked Railpass (PCL file format) to send it the local printer.