SUMMARY:

• Senior/Lead Software Engineer with many years of comprehensive working experience in software design and development from Confidential 100 companies on FinTech (Risk check and billing), Cloud Messaging Service, Cloud Collaboration Platform, Networking, Security, Web Service, Database and GUI.
• Very proficient in Java 11, C/C++/C# and Python/PHP. Worked on all kinds of platforms: Linux/Unix, Windows, MacOS, Mobile devices and Embedded Systems.
• Working experience with NoSQL data stores (MongoDB, Redis) and RDB: Postgres, Oracle, MySQL and PL/SQL.
• Very familiar with many Internet protocols like TCP/UDP/IP, HTTP/FTP, SSL/IPSec/PKI and all kinds of authentication protocols like OAuth2, FIDO, Kerberos, RADIUS and Active Directory.
• Experience with AWS (S3, Redshift, Aurora , EC2, VPC, ELB, route53) and GCP too. Kafka , Elastic Search. Python /Django/Celery, Pandas /Jupyter Notebook data analysis.
• AngularJS. Docker used and about Kubernetes.

TECHNICAL SKILLS:

Programming Languages and Frameworks: Java/JEE 11, Spring Framework and Spring Boot, C++/C/C#, Python, AngularJS, Kotlin, JSON, ASP .NET, XML, HTML, PHP, JavaScript, VBScript, AJAX

Cloud Service/Platform: AWS, GCP, Cloud Messaging Service, RESTful Web Service, NoSQL DBs, Hadoop, OpenStack, Jabber XCP

Network/Internet/Web: Web App/Service, Client/Server, Multi tiered/Distributed application, Protocol DevelopmentREST/Spring/Jersy, Java Servlet/JSP, CGI/FastCGI, COM, EJB, RMI, SOAP, JNDI, LDAP

Web Servers: NGINX, Apache/Tomcat, Windows IIS, iPlanet, XML - RPC Web Server/Client

Security: OAuth2, FIDO, SASL, SAML, PKI, IKE/ISAKMP, IPSec, RADIUS, Kerberos, Active

Directory, SSO, OpenSSL, Java Advanced Packages: JCE, JSSE, JAAS, JGSS, Smart Cards, Firewall(Raptor, Gaunlet, checkpoint, fwbuilder), SOCKS server(e-boarder, Wingate)

Database/Information systems: NoSQL MongoDB, Redis; SQL: Postgres, PL/SQL, MySQL, Oracle, Microsoft SQL ServerJDBC, ODBC, DB design, Hibernate

GUI: AngularJS, Java (JSP/Swing/AWT), VC++, XUI, cross-platform GUI API (FOX library)

UNIX/Linux Programming: Kernel and network programming, IPC, Multi threaded, MPIShell scripts Python, bash/tcsh, Tcl/Tk, Awk, Perl

Windows Programming: Multithreading, networking, security, device driver, kernel, GDI, COM, STL/ATL/MFC, .NET, Multimedia streaming (RTSP, MMS, shoutcast), media format parsing

Development tools: IntelliJ, PyCharm, Eclipse, NetBeans IDE, GitHub, Maven, Subversion, Jenkins, Bamboo, Kibana, Circonous, Coverity, Valgrind, GPerf, Microsoft Visual Studio 2005/2003/6.0 , JDeveloper, PhpEd, HttpWatch, UML, Lanwatch/Ethreal/Wireshark, SoftICE, NSPR, CVS, Perforce, Clarify, Agile/SCRUM, Jira, Bonsai, Bugzilla, Visio, Codefusion, DDD, kgdb, netfilter, sourcesafe, VMware, Iperf, Insure++, Fusion/VirtualBox

Protocols: TCP/UDP/IP, Mobile IP, IPSec, HTTP, SOCKS, SSL(TLS), SNMP, (M)PPP, ARP, DHCP, DNS, XMPP, SIP

EXPERIENCE:

Principal Platform Engineer

Confidential

Responsibilities:

• Working on different features of Identity server(IDS): FIDO authentication with MFA, Enrollment and Authentication policy management, Multi region prototype for Apache Ignite in AWS, IDS SDK, Okta Directory integration, Auto SSL management, logging capture to AWS S3. Used Java 11, Spring, Spring Boot, Restful API, web socket and stomp message, Retrofit/OkHttp3, and Apache Ignite. Deployment includes on-prem, Docker, and AWS EC2 with NGINX or ELB.
• Working on some features on cloud platform like API rate limiting, Auth event report, user auth status with details. Using AWS Fargate , route53, S3, SNS, Lamda and RDS Postgres. Kafka for event streaming and messaging. Elastic Search for event/data search
• Worked on some management tasks both backend and front end like all kinds of configurations including policies. The backend uses Python, Django, Celery and AWS RDS. The front end uses AngularJS and Typescript.

Senior Software Engineer Sr Specialist

Confidential

Responsibilities:

• Work ed as lead developer with some management role on hybrid/on-prem version of an advanced flexible billing cloud service using AWS which supports customized external rules using Drools rules, flexible processing steps using configurable workflow engine, and high performance and scalability by using AWS Aurora, Redshift and S3 for data storage and transaction processing. Java 8, Spring framework, Spring boot, Hibernate, Junit and JBehave tests are used.
• Also worked on the UI which is implemented in AngularJS.
• Python/Pandas/Jupyter book used for results verification.
• Worked on leading trade risk management software which provides fast, real time risk checks with low variation of delay. Mainly Java development on Linux, Junit/Mockito for unit tests, and TeamCity for Continuous Integration service. Postgres and Oracle for backend data storage.
• Worked on Visualized software validator which allows different software plugins, creates visualized test cases from multiple sessions, inputs of expected values by regular expression and links to previous values in the test flow, and automated batch test runs.

Senior Software Engineer

Confidential

Responsibilities:

• Worked as major developer, team leader and partially service owner on REST Web Service using Java/Spring for new WebEx Messenger Admin Service. The service manages configuration, provisioning, report for customer organizations and users. It supports OAuth2 and uses new technologies/tools GitHub, Maven, TestNG/Mockito, Jenkins/puppet, Kibana, and MCT service for monitoring and alert. W orked cross-function with 10+ other teams. Got directors connected recognition for doing the right thing.
• Confidential -Developed a new Jabber Session Management HA solution using Object Queue Management OQM, Asynchronous Event Callbacks, MongoDB. Developed a general persister library with common API to persist JSON data to different backend data stores. Implemented JSON data management with context for efficient memory management and Skip List for Collections. Got peer’s connected recognition about high quality of work.
• Improved/Enhanced IM Archiving Dispatching Service(IMDS), stabilized the IMDS service a lot by fixing critical issues like a tricky delivery stuck issue; Fixed important security issues related to SMTP security and trusted CA/SMTP server s update. Improved performance dramatically by optimizing the SQL query statements, more indexes to tables. Worked on IMDS notification customization feature and Implemented function tests using parameterized tests. Worked very hard to solve many customer support issues ASAP. Got two peers connected recognition s for my outstanding contribution.
• Worked as Security Advocate for whole Messenger project on security auditing, security patches. InfoSec conta ct praised me as one of the best.
• Improved on solution for Domain migration
• Implemented quickly SSL/TLS connection management and processing. Integrated SASL Auth module to XCP platform with comprehensive automated functional tests.

Senior Software Engineer

Confidential, CA

Responsibilities:

• Designed and implemented a new category of protection by checking file ’s reputation based on information collected from millions of end users. The protection minimizes the probability of missing targeted attacks, zero-day malware and narrowly distributed malware, by allowing only files of “good reputation ” in.
• Designed and implemented an automatic detection and remediation service for managed machines.
• Implemented Access Control of Threat Center which manages customers ’ info like license, provides software and database download/upgrade, Remote Assistance, etc.
• Developed a Performance Test tool which simulates all kinds of related events to measure different components ’ performance.

Senior Software Engineer

Confidential, CA

Responsibilities:

• Developed many features on Secure Access Manager which is built into Big-IP platform . Implemented many components: Schema, MCP, APD, VPE, CLI and Admin UI for features of Machine checker, Protected Workspace, and Traffic Shaping. C, Java Script, PHP, MySQL, Java, JSP and XUI are used.
• Worked on supporting many features on Windows Vista: Installer service, Machine Checker, Protected Workspace, Dynamic Application Tunnels, and most endpoint security agents. Different technologies like COM Moniker, manifest and modification to integrity level IL of kernel objects have been used for elevation and communication between processes.
• Developed within tight schedule Machine Checker. It was deployed successfully to some large customers migrating from IPSec VPN. The client ActiveX control supports flexible matching rules using regular expression and Windows Crypto API. Server side provides all kinds of verification including chain, revocation check.
• Worked on Opswat End Point Security Checker which provides endpoint anti-virus and firewall deployment checking and configurable virus scan. Developed ActiveX control wrapper for the Opswat SDK COM interface to provide elevation helper on Windows Vista.
• Worked on Protected Workspace PWS which prevents info leak by using a new desktop with virtualized file and registry systems and configurable restricted access using Windows Hooking.
• Worked on Dynamic Application Tunnel which provides users with web-based remote access to a wide variety of network applications and resources. Port forwarding and Windows Hooking used.
• Developed the Windows Installer Service for clients with limited user rights. Worked on UAC support on Windows Vista for Traffic Shaping.

Senior Software Engineer

Confidential, VA

Responsibilities:

• Worked on a revolutionary data collection system, which captures a comprehensive view of Internet surfing and buying behavior of more than 2 million participants in an extremely cost-effective manner.
• Designed and developed context sensitive Survey related components: Survey Toast Window, catch-all and configurable application-triggered surveys. It is implemented in VC++/MFC with STL and COM using Visual Studio 2003. Used technologies include Windows GDI, IE browser helper object (BHO), and Windows Hooking.
• Developed an ASP .NET web application using C#, which provides reporting and querying abilities to a rmation Access related database in Microsoft SQL Server.
• Developed and enhanced streaming data capture and processing which includes RTSP, MMS, shoutcast and Progressive Download. HTTP Proxy and LSP are used to capture the data.
• Developed independently and successfully the Desktop Deployment Tracker project for Microsoft which involves obtaining all kinds of information on the computer such as computer settings, connected devices, installed software, etc. It covers many categories in Win32 API. ed by company for high quality software completed within tight schedule.
• Worked on the Fuzzifier project which masks out any rmation in captured HTML pages. Boost’s regex library is used.
• Designed and implemented an efficient Multimedia content parser which supports MPEG, ASF, RM, AVI, MP3, AAC, QuickTime, Flash and so on.
• Implemented the Instant Messaging (IM) usage information capture (includes AIM, MSN, YAHOO, ICQ, Google Talk).

Senior Software Engineer

Confidential, VA

Responsibilities:

• Designed and Developed Viatores Manager in Java/J2EE using UML and Design Patterns. It provides Servers and Users Configuration, key management, and policy distribution. Java Swing/AWT, JSP/Servlet, EJB, JNDI, LDAP, RMI, JDBC used.
• Developed Viatores MAS which provides Proxy U ser Authentication: Active Directory/Kerberos, RADIUS, Secure ID, etc. It is implemented using Java Security JAAS, JCE, JSSE, Networking packages and XML-RPC with SSL support. It also supports changing password during SSO using Windows native API and ADSI for cross-domain authentication. MySQL used.
• Implemented an automatic configuration distribution server using pre-shared secret for authentication and 3DES/AES for encryption. Used Struts Framework for configuration of action mappings and presentation logic in JSPs.
• Used Castor Framework for data binding between Java Objects, XML doc and SQL tables. ANT, JUnit used.
• Firewall traversal by HTTP tunneling, which allows roaming to private networks. Worked as leader for the whole SDLC for this project. Implemented independently Viatores Multiplexer, which performs tunneling and de-tunneling of traffic between Viatores Clients and Server. It utilizes web-based application CGI/FastCGI and Java Servlet for firewall traversal. Helped junior on the Http proxy client with design. Implemented the installation of Viatores Mux as System Service on Linux using bash and Tcl/Tk.
• Ported Viatores Server from Windows to Linux: Application: GUI, Policy Management, Registration, PKI/IKE, Cluster. Driver includes interceptor, packet scheduling and processing, and HTTP/UDP tunneling.
• Enhanced web-based configuration manager using JSP/Servlets, Swing and MySQL Improved SSO by replacing Windows GINA with Smart Card support