Software Engineer at The Vport (2025-04 – Present)
Building and maintaining VCloud User API and Admin API with GraphQL, implementing security, access control, and media management systems
- Architected and implemented JWT/cookie authentication with per-route user-type allowlists and request UUID tracing, enabling fine-grained access control across all API endpoints.
- Enforced multi-tenant org scoping at the database layer, constraining all queries and mutations to the authenticated caller's organization to eliminate cross-tenant data leakage.
- Built creator-gated GraphQL mutations for event and media management with policy enforcement and data integrity checks, ensuring only authorized creators can modify platform content.
- Built end-to-end media upload and delivery pipeline using presigned GCS URLs, automated thumbnail generation, and CDN-backed delivery with recommendation engine handoff.
- Implemented geospatial venue discovery with radius-based search, combined with DB-level filters, sorting, and cursor-based pagination for efficient location-aware queries.
- Designed admin-only GraphQL schema with secure flows for MFA/TOTP login, email verification, and password reset, protecting privileged operations behind multi-factor authentication.
- Built catalog management APIs covering organizations, genres, venues, stages, events, and sub-events; implemented license document presigned uploads and SKU management.
- Designed lightweight RBAC with deny-by-default semantics enforced at middleware level, reducing unauthorized access surface across all user types.
- Implemented Prometheus GraphQL metrics exporter with a dedicated /metrics endpoint and standardized structured logging with request/user context for production observability.
- Developed custom admin queries and third-party monitoring integrations to push operational data to web dashboards, improving performance visibility and reporting accuracy.
Software Engineer II at IDEMIA (2022-02 – 2025-03)
Maintained and extended high-security card issuance systems handling 1M+ secure card transactions daily for top-tier U.S. financial institutions
- Maintained and extended high-security card issuance systems handling 1M+ secure card transactions daily for top-tier U.S. financial institutions including Wells Fargo, Capital One, and Citi.
- Implemented backend features for custom card layouts (vertical PAN, barcodes) with full backward compatibility across existing client production workflows.
- Built secure PIN generation and mailing flows fully compliant with PCI-DSS and financial security standards, reducing compliance risk for client card programs.
- Resolved 20+ critical production incidents under strict SLAs by rapidly diagnosing logic and data defects; authored ad-hoc SQL to analyze datasets of 1M+ records for root-cause analysis.
- Delivered backend and frontend changes for client card customizations (colors, holograms, VHD graphics) and designed envelope/carrier templates (bi-fold, z-fold) with branded layouts.
- Participated in Agile delivery (daily stand-ups, client reviews); coordinated with QA and production teams; volunteered as production auditor applying 5S methodology.
Lead Backend Software Engineer at Spotlist Inc (Startup) (2021-09 – 2022-02)
Directed backend engineering for a mobile-first expert–client marketplace with mentorship and leadership responsibilities
- Directed backend engineering for a mobile-first expert–client marketplace; acted as interim Scrum Master, introducing Jira-based performance metrics that improved sprint delivery visibility.
- Mentored 5+ junior engineers through code reviews, pair programming, and system design sessions; partnered with CEO and senior leadership to align backend architecture with product roadmap.
- Implemented OAuth 2.0/JWT authentication with role restrictions and rate limiting; hardened APIs against brute-force and injection attacks.
- Designed and optimized PostgreSQL/MongoDB schemas with indexing and query tuning, reducing API response latency and improving platform stability under load.
Backend Software Engineer Intern at Spotlist Inc (Startup) (2020-09 – 2021-09)
Built backend systems for mobile-first expert–client marketplace including payment processing, search, and authentication
- Built Stripe payment APIs (payment intents, subscriptions, customer management) and onboarding verification flows integrating Checkr background checks and SMS/email verification.
- Developed expert search and filter APIs by location, availability, skills, and type; integrated Google Maps APIs for real-time expert-client distance and availability.
- Implemented JWT-based authentication and role-based access control; managed AWS-based Docker services for uptime and storage; migrated all endpoints from HTTP to HTTPS.
