Sign in

Developer Security

San Ramon, California, United States
$100/hr on C2C
April 21, 2019

Contact this candidate


Max Girin

Senior Technical Architect



Mulesoft (08/2018 – Present)

Position: Solutions Architect

United Stated Department of Agriculture (December 2018 – Present)

Washington, DC

Mulesoft Solutions Architect

Designed and developed data synchronization solutions for large batch file processing into Salesforce via Mulesoft using Mule 3.9 on-premise instances. Supported the government client in designing, development, unit testing and functional testing of the Mule data sync applications for go-live readiness.

CSBS (August 2018 – January 2019)

Washington, DC

Mulesoft Solutions Architect

Provided a detailed technical assessment of the current Mule 3.9 implementation, identified issues and concerns with the architecture and API design based on the Mulesoft best practices. Provided security recommendations, identified vulnerabilities and provided security solution reference architecture. Analyzed Mulesoft physical infrastructure capacity on the AWS GovCloud and, based on the expected performance SLAs, provided recommend AWS instance sizing recommendations. Documented all of the findings in the detailed Architecture Review deliverable. Received a score of 10 out of 10 for my performance from the CSBS senior management.

Visual Integrator Consulting (06/2011 – 08/2018)

Position: Senior Mulesoft Architect

Brightline (May 2017 – August 2018)

Miami, Florida

Senior Architect

Designed and developed an application security solution to secure public APIs for the startup company, Brightline, to manage train schedules and perform train bookings. Architected a security solution using Azure APP Gateway to enable WAF firewall rules, established a white-listed connectivity between Azure APP Gateway and Azure API Gateway. Enabled Azure Log Analytics and Insights to enable security logging. Established a white-listed connectivity via Mutual TLS between Azure API Gateway and Dell Boomi middleware platform. Configured OAuth 2.0 security for the Azure API Gateway-enabled APIs. Created a synchronization Powershell script to refresh API definitions between Dell Boomi and Azure API Gateway when Swagger YAML definitions get updated.

GreatAmerica (May 2017 – July 2018)

DeMoine, Iowa

Senior Mulesoft Architect

Architected, designed, and implemented a series of Mule 3.9 frameworks, including JSON logging, Okta-integrated security, shared components, MUnit testing, regression and performance testing, and deployment strategies. Later, performed an upgrade of all existing Mule artifacts (shared components, runtime applications, custom policies, and APIs) from Mule 3.9 to Mule 4.1. Developed Mock service responses and mock SQL Server DB integration in MUnit 4.1 tests. Defined MUnit assertions to test various payload response values, objects, and collections. Used new DataWeave 4.1 transformations, with header variables and reusable functions and body transformation logic. Created DataWeave 4.1 reusable modules to be integrated across multiple flows to enable reuse of transformations. Rolled out persistent queues and enabled asynchronous queuing within existing APIs targeted for offline/batch processing, using Anypoint MQ as the queuing platform. Owned and facilitated a series of knowledge transfer sessions with GreatAmerica’s technical architecture and development teams to enable the client to continue owning the platform after the engagement.

CAP (April 2017 – August 2017)

Chicago, Illinois

Mulesoft Senior Test Lead

Developed a regression and performance testing suite based on Postman and SmartBear SoapUI. Lead the testing of all of the Mule APIs for the client, running full regression and performance test cycles. Helped the development team to add MUnit 3.8 tests into their existing application projects, with Maven-based unit test coverage required to be at least 90% of the code. Unit tests were triggered during the CI/CD application build and deployment cycles via Jenkins.

Lincare (January 2017 - May 2017)

St. Petersburg, Florida

Principal Security Architect and Mulesoft Lead Developer

Responsible for designing and developing key customer-facing APIs on Mulesoft Anypoint platform, securing the APIs via OAuth 2.0 and Mulesoft STS, scaling and performance tuning of the APIs on Mulesoft HA cluster, and unit and system testing via Mulesoft MUnit framework. Provided strategic support during Production go life and ongoing post-Production support. Integrated existing legacy APIs with the Microsoft Dynamics CRM platform and Azure Blob Storage platforms. Designed and implemented API security, versioning, development lifecycle, following Mulesoft best practices of Design-First approach via RAML specifications.

John Hopkins Healthcare (February 2017 – March 2017)


Principal Mulesoft Consultant

Responsible for developing complex EDI x12 5010 message parsing and processing solutions via Mulesoft Anypoint Studio. Lead the conversion of existing legacy EDI solution onto Mulesoft Anypoint platform. Developed SOAP service wrappers for key EDI message request/response patterns of sending healthcare subscriber eligibility benefits requests (x12 5010 270/271 request/response patterns). Incorporated validation and parsing of EDI messages via Mulesoft B2B Connector and EDI Read/Write within Mulesoft.

Ryder (January 2016 – August 2018)

Atlanta, Georgia

Application Security Architect

Involved in several proprietary MuleSoft development efforts that are working on exposing legacy in-house stateful and stateless java classes and services via the Anypoint Connector DevKit (Java 1.7 JDK). Responsible, in parallel, for standing up and configure the Azure API Management solution to host and secure the Ryder APIs with OAuth 2.0 client credential grant, leveraging Azure Active Directory as an Authorization Server for OAuth 2.0, enabling audit trail and logging via Azure Event Hubs, and integrating with Application Insights.

McKesson (June 2014 – December 2015)

San Francisco, California

Senior Integration Developer

Developed and tested custom Microsoft .NET integration platform integrated with Sharepoint and deployed as a Platform-as-a-Service. Rolled out a custom J2EE web application to manage patient data and blood tests. Designed and implemented a security solution to secure Java microservices using OAuth 2.0 security standards.

Colorado University (January 2014 – June 2014)

Boulder, Colorado

Principal Oracle Service Bus Developer

Lead development and integration of backend Oracle batch processing of student and account information into Salesforce platform via Oracle Service Bus. Designed and developed Salesforce bulk upserts of key data entities from the Oracle database via real time and batch data integrations.

Robert Half International (2011 – 2012)

Pleasanton, California

Senior Portal Developer

Designed and developed portal platform based on Vignette Application Portal and Vignette Content Management System. Helped the client with system, regression, and performance test automation. Lead the portal development efforts to implement prospect resume tracking via a web-based portal interface.

Inforte (07/2004 – 06/2011)

Position: Senior Mulesoft Architect

Raymond James Financial (2009 – 2011)

St. Petersburg, Florida

Vignette Architect

Developed and tested Vignette Application Portal and Content Management System platforms. Rolled out a custom content-rich desktop platform for Raymond James clients. Worked on a series of micro-portals for Raymond James financial advisors.

Chicago Tribune (2008 – 2009)

Chicago, IL

Senior BusinessObjects Developer

Designed and developed reports for Chicago Tribune using BusinessObjects and Informatica PowerCenter platforms.

Zethus (2007 – 2008)

Chicago, IL

Senior Java Developer

Designed and developed a prototype of a commercial real-estate exchange platform on Java EJB and WebLogic Server platforms.

CUNA Mutual (2005 – 2007)

Madison, Wisconsin

Senior Vignette Developer

Developed Vignette CMS and Portal solutions with custom VisualBasic objects. Developed the rich user interface with HTML and JavaScript.

LA Times (2005)

Los Angeles, CA

Vignette Architect

Developed architecture roadmap and high-level technical solution design for LA Times newspaper subscriber portal.

IndustryClick (2004)

Kansas City, Missouri

Senior Developer

Designed and developed a Vignette CMS-based content management platform using Tcl/Tk programming languages and Javascript. Designed the relational database to support the content for IndustryClick on SQL Server 7 using ERWin ERD tool.



Master of Science – Finance, with Computer Science Minor (2000)

DePaul University, Chicago, IL


OAuth 2.0, JWT, SAML 2.0, Digital Certificates, integrations with Ping Identity, SiteMinder, and Okta


SOA, Workflow, CMS, Application Security, Enterprise Application Integration, B2B EDI x12, ESB, Composite Applications, Application Servers, High Availability, Disaster Recovery, Enterprise Portals, Relational Databases; Agile/SCRUM, Object-Oriented Analysis/Development, Cloud (PaaS, SaaS, IaaS), Performance Tuning and Triaging


MuleSoft 3.9 and 4.1, AWS, Azure, Ping Identity, Okta, Java, REST, JSON, Web Services, Liferay Portal, Databases (Oracle, SQLServer, MySQL, DB2), Anypoint MQ, RabbitMQ, MQ Series, JMS, WebSphere, WebLogic, C#, AngularJS, NodeJS, XML, HTML, VMware, EDI (x12 and EDIFACT)


Remedy, Salesforce, ServiceNow, SAP, SAS, Mainframe (IDMS/DB, CICS), MQ Series, Oracle, MSSQL, EDI x12 (4010 and 5010 for Healthcare), AS/400, XML, .NET, JDBC, TCP/IP Sockets, EJB, SQL Server Integration Services (SSIS), Profisee, SQL Server MDS


Middleware design and implementation; Application Architecture and Integration; Front End SPA development on AngularJS and JQuery; design and development of Enterprise APIs (REST/JSON and SOAP 1.x); OAuth 2.0 and SAML 2.0 Identity Management Systems (Ping Identity, Okta, SiteMinder)



Mulesoft API Gateway, Mulesoft Runtime, Mulesoft in CloudHub, Mulesoft OAuth 2.0 Integration


Java, C#, JavaScript, HTML, XML, SQL

Integration Platforms:

MuleSoft, Azure API Gateway, AWS API Gateway, Boomi, CA Layer 7 API Gateway, experience in most available adapters and connectors on several platforms (including EDI, SAP, Salesforce, CICS, JMS, MQ Series, JDBC

Integration Experience:

Remedy, SAP, Salesforce, Mainframe (IDMS/DB, CICS), MQ Series, Oracle, MSSQL, Sybase, xCBL, EDI, AS/400, Siebel, Clarify, Broadvision, XML, .NET, JDBC, TCP/IP Sockets, EJB, webMethods, Lombardi, Savvion, Rational Rose (RUP), UML, IVR Systems

Contact this candidate