Post Job Free
Sign in

Los Angeles Application Security

Location:
Ashburn, VA
Posted:
May 11, 2025

Contact this candidate

Resume:

Jwalant Dineshray Desai – SCJP*, SAFe Agilist

Ashburn, VA JAVA JEE SPRING

Cell: 510-***-**** MicroServices AWS Full Stack/Application Security

E-mail: *************@*****.***

OBJECTIVE

Senior developer with MS Computer Science(Cal State Los Angeles, CA ) & Business Admin Education, and is trying to grow based on Java, go, and python-based enterprise Architecture & Security, where my skills and learning abilities can be utilized to achieve company and personal goals. (US Citizen) have worked with USPS, DoD & other Federal Agencies. I am open to relocating.

Secret clearance DoD valid Up to July ’27

SUMMARY OF QUALIFICATIONS

About 15 years of diversified work experience and education background have been used for identifying problems and solving, Java application coding to achieve the goals of companies.

Recent experience Summary:

AWS development

docker-compose.yml configuration for S3, SQS, SNS, SESV2, lambda using localstack docker image or aws account. uploading developed API for the helpdesk applications with DynamoDB with file upload capabilities, with performance issue consideration, and S3

updated AWS s3 microservice, updated DEV environment on AWS (AWS CLI) wrote/updated js file with instance ID, scaling, creating EC2, VPC configuration, table routing, security group adding RDS’s node file wrote/update, added sample data, config of SNS, SQS services, resolved AWS Inspector based security issue handling, aws-Inspector vulnerabilities by docker updated to selinux and armor docker profile tools

SOA & Microservices RESTful API:

Oracle SOA-based business process & API(microservices and functional reactive based java) development using Restful & SOAP web services from scratch using Spring Boot, Spring Cloud & RabbitMQ/Kafka, Java 11/17 Corretto 21/23 migration and made ready enterprise for java 17, Oracle policy server replacement with spring boot SOAP web service from scratch development. Microservice Architecture, Springboot-based REST API / APP development & design, Migration to Pivotal Cloud Foundry, Soap and REST, services integrating with existing apps, BPEL-based XML file mapping using JAXB, developed and deploy Spring cloud config server(database approach) SOA tools like Oracle SOA, IBM IIB, and Data Power

Application Performance:

Wrote ehcache, redis, guava-based cache libraries for solving performance issues. used concurrent Hashmap & customized data structures, with customized object values with time-sensitive, memory overflow, stack overflow issues, Hibernates-related memory & performance issues, used cache for bypassing duplicate requests, Have resolved memory leak issues using IBM heap & connection pool, thread and trace dump analyzer, analyzed the performance of app using profile server of IBM RAD and JVM, set up size of result based on web socket’s, open telemetry for spring boot and azure cloud

Application security:

worked on full security life cycle of the application using HP fortify (SAST) for all kinds of vulnerabilities of enterprise application (about 40k issues) from then encrypted all ports for DIT & DAR, encryption of data connection weblogic AS, oracle services bus(11 &12), and oracle admin based infrastructure. Fixed all types of Fortify’s security issues, security+ certified, & related training, have resolved Data Access Control, SQL injection, XSS, CSRF, insecure random number & all other types of Fortify's security issues, Re- factored Data Access control & implemented, JMS security implementation, migration to SFTP for file transfer, wrote code for migrating from non-secure to secure channels, JMS security implementation, migration to SFTP for file transfer, WebLogic 12c FIPS-140, removal of external filter & its dependency, Chekmarx ( SAST & DAST ) IBM Qradar vulnerabilities, micro services related overexposing data, Have worked on secured java design patterns, security related lib. Blowfish, Shiro, and SonarQube issues handling Appsdynamic & app monitoring on Azure Cloud:

Diagnosis of performance issues & resolved, At Discover after app developed setting apps-dynamic. Splunk log monitoring & tracking security issues, & app failure, Semantic i3 replacement with apps dynamics migration, provided app dynamic config/parameter and latency checks of newly developed microservices.

Restful app design for app dynamic, SQL query performance monitoring & fixing issues, Azure monitoring tool with app with Application Insight-agent jar.

React

Adding tabs / modifying UI like adding new columns, adding new components AGGrid search-related issue fixing, Hidden columns, upgrading libs in package.json etc

Angular

Unit test code coverage, upgrading UI, etc

Strong Java JEE Technology-based education in MS including Java-based DBMS coding, and compiler writing. Strong academic & real-time Web Application developing experience using Spring, Hibernate, Struts, Ajax, DWR, web services (REST), Common Validators, JSP, JSF, JSTL, Lucene and Spring-based other frameworks

RELATED PROFESSIONAL EXPERIENCE

Navitas client Federal Agency, Herndon,VA 07/1/24 to 04/18/2025

Sr Full Stack Developer (Backend) at a Startup Organization

Responsibility: complete development from scratch for multiple epic’s requirement for ready in production decided in joint design meeting

●Serenity local environment set up performance issue resolving using the profiler, tested integration with Spring Boot

●Serenity code writing, a couple of sprints, automation tests performed in the Test environment, tested for feasibility for Login.gov with test automation

●POST/PUT/DELETE/GET endpoint development from scratch with URL design compliance with standards, GET endpoint development for complex query processing capability based on arguments provided

●docker-compose.yml configuration for S3, SQS, SNS, SESV2 using local stack docker image

●configured AWS SNS for grabbing certain event types from various notification JSON and captured for AWS Lambda email, email template upgrade for new emails on defined events

●For concurrency extensively used java Lambda and fork and join of java 23 structured concurrency

●developed APIs for the helpdesk applications with DynamoDB with file upload capabilities & performance issue consideration, later on migrated to mongoDB

●developed API for PDF report generation, downloading, and email sending as an attachment, terraform *.tf file update for lambda properties

●used AWS lambda and SESv2 for email sending with multiple PDF file attachments, updated properties with Terraform .tf files of infrastructure project, configured AWS SES email monitoring then used thymeleaf spring to replicate sesv2 was dashboard on admin role of web app

●for advanced security of restful services used java platform module system wrote .module or module-info.java for restricting reflection

●for internal api calls added protobuf for scalability and performance

●Updated all repositories for git hub's URL migration.

●Junits tests writing upgraded code for design changes

●defects fixing for UI React of lib AG GRID for searching capabilities,

●Migrated to java 17 to AWS Corretto 21 then 23

●Added tabs in UI and other upgrades, and upgraded the Backend libs

●proposed JSON validation, gRPC, micronaut & graphQL based on the complexity of Endpoint requirements

Technologies: AWS, ECS, SQS, ANT design using Figma tool, Aurora Postgres, design for UI, Restful microservices, Spring Boot, Hibernate, Java 17,21,23, React 15, Postgres 15, IntelliJ Ultimate, Serenity (test automation), Okta, login.gov Id service provider, JWT, Docker, DynamoDB mongoDB

SiriInfo client FRB St Louis, MO 9/25/23 to 5/31/24

Security Engineer/ Sr Lead Developer for multiple teams

BMS TCMM teams

•Upgraded Third-party libs for resolving vulnerabilities with Maven inheritance, code upgrade, and spring-based libs updates for 55 components

•Maven plugin writing and upgrading existing

•Guided team for data security in transit for legacy infrastructure

•Angular unit test writing

•Handled aws cloud docker/Kubernetes vulnerabilities, image’s vulnerability by SELinux and armor, seccomp profile tools adding in dockerFile suggested by aws Inspector

•Updated projects for aws migration- changed to spring boot from war of WebLogic, Removal of WebLogic libs dependencies, Postgres-related SQL and driver-related changes

•recommended java platform Module system for further advanced security of application

•Security champion for the teams and University training includes DevSecOps, secure coding, threat modeling

Technologies: AWS, Angular 12 -17 spring boot, Mulesoft, webfocus, java 8-17, Webogic 11g 12c, IntelliJIdea

WMATA Alexandria, VA 3/27/23 to 9/23/23 Sr Developer

•developed from stretch large volume batch process with Spring Batch, spring boot, & spring data jpa with jax-rpc based web services consumption -can run from multiple

servers transaction enabled with pagination, deployed to QA and stage env, jdbc url modified for reliability and multiple instants of Oracle 19c RAC, migration to 17

•configured Azure cloud’s tele monitoring view of batch process different from default

•configured the build infrastructure, with application insight-agents, version control and application

•managed secrets encryption, setting of docker config and commands to active task scheduler

•Monitored the batch app on Azure cloud for performance and exceptions log of app

•developed from stretch Externally (outside organization)available api for credit addition to travel card with Oauth2, spring security & spring boot

•designed and developed azure function for Internal admin related small app time indicated in exception log and batch process’s time

•analyzed and updated of mod_plsql (oracle http server in DB )based application for replacement

•Designed wrote independently PCI compliance payment-related restful microservice for mobile payment & product catalog, oauth2 and jwt

•supported production system rotationally

Technologies: Azure cloud, Spring Boot 3 ecosystem, java 17, Oracle 19c RAC

Clover IT client Vertafore Remote 11/21/22 to 3/14/23

Sr Developer predefined short-term contract

Responsible for the design and planning for upgrade of legacy system’s migration to microservices architecture

•Upgrade feasibilities checking for JDO, workflow, EJB based app running in production to microservices architecture

•divided soap web services, oracle service bus, and enterprise components into microservices and RabbitMQ style messaging patterns, web pages into single page application with microservice, presented to react and java team members,

•converted JDO to hibernate model classes with annotations, created template apps as a step towards migration using spring boot, JWT, spring security, and Oauth

•created GitHub project for template projects for demo,

Technologies: IntelliJ, weblogic 12c, 11g, Springmvc, EJB

M9Solution Client Accenture / Federal Govt Beltsville, MD 02/26/22 to 9/30/22 whole team Migrated from last project to new project by Govt

Sr Developer responsible for analyzing new enterprise system and documenting, UI and microservices upgrades, performance, and security issues

•modified UI for Structs 1.1, GWT & reactJS based apps

•upgraded backend functionality involving RabbitMQ/Kafka, restful microservices, using java-lambda

•resolved security issues of services like over-exposing and unauthorized info

•independently tried to resolve the gateway’s latency issue with Solr using Merkle Patricia trie, MongoDB bison, and Golang-based services

Technologies: GWT, structs, jbpm, osworkflow, web services, hibernate, IBM DataPower, IIB, MQ, Microservice architecture, React js, Springboot, spring secu- rity Oauth, Custom APIGateway

Oratax Client: Accenture Federal/Federal Govt Beltsville, MD 01/06/20 to 02/25/22 Sr Developer- Team tech lead

Responsible for team output, architecture-level issues, modernization, security & performance of microservices

•developed & configured Spring cloud config server using DB, moved yaml Microservices configs data in DB, used jasypt & spring security for password encryption

•mapped BPEL-based XML files using JAXB, logging related updates as per spring AOP

•enterprise-wide RabbitMQ/Kafka connection’s TLS encryption implementation, whitelisted TLS encryption algorithms‘ properties in yaml for SIT and production environment

•updated microservices for HTTP Strict-Transport-Security(HSTS) for better security

•Analyzed NMAP report upgraded Angular UI connection using Spring Security

•Analyzed, identified & Resolved enterprise-wide production issues of rabbitMQ /Kafka non-availability of messages by upgrading to spring 2.5.8, implementing functional coding & asynchronous RabbitMQ connection, adding Kafka/RabbitMQ’s dead-letter Queue and spring cloud stream to functional stream for incoming and outgoing messages,

•Reconfigured Jenkins build for all microservices for plugin updates

•Updated chain of microservices as per XML (BPEL) & encryption pattern change adaption using java-lambda

•Analyzed identified enterprise-wide and Resolved duplicate request accounting issues by design of cache code & algorithm upgrade using Ehcache-3, caffeine 2 & concurrent Hashmap provided production deployment support

•Planned and prepared steps & execution plan for junit4 to junit5 & spring-boot with third-party jars updates

•Designed and coded restful producer and consumer Microservices from stretch based on flow diagram and XML files with dead letter queue with all possible java-lambda

•Designed and coded contract first type soap web service provider and consumer apps with validators, hibernate mappings, and security configs Designed steps for upgrade analysis, diagnosis & debugging for SSL and handshake certificate issues for java 8u301 upgrade

•Analyzed Oracle Policy Automation server replacement with spring-based Drools libraries, resolved multiple WSDL files’ namespace from Oracle to opensource one, resolved challenges of integrating multiple WSDL files and XSD models and endpoints, mapped WSDL parameters with drools kiesession, coded security configured, properties grouping & listing, updated endpoint, checked feasibility of mapstruct,

•upgraded & migrated enterprise-wide apps to Spring boot 2.5.8 by updating yml properties and source code upgrade as required

•Designed steps strategy for enterprise-wide planning and execution of Java 11 -17 migration & spring-boot 2.5.8 implementation-related changes

•Performed feasibility analysis for swagger UI to openAPI migration spike for migration to spring boot 2.6.2

•Supported testing team and troubleshooting services by accessing logs from dockers container and Portainer open-source API management tool

•Upgraded project’s UI to Angular 8 by upgrading package.json and related js file updates and npm version upgrade

Technologies: Oracle SOA, Oracle Policy server, Siebel, microservices, spring boot, spring security and Oauth, jax-ws web services and restful web services, oracle, Microsoft SQL database, Open-source Portainer App for API Management

Capgemini Client: Discover Chicago IL March 2019 to Jan 3 2020

Moved to Discover project by Capgemini

Sr Developer

Responsible for sprint-wise Development upgrade modification performance and security aspects of e-commerce apps

•Designed, developed & coded card management restful micro services mobile apps, Decided required alerts warning for production for app and performed settings on dev Appsdynamic’s. Prepared cybersecurity docs preparation for network routing, port, protocol, Jenkins setting, kibana/elastic setting verification. app’s Architect Diagram prepared

•Designed coded Spring boot PCF app development with soap/rest web services using spring cloud, Jenkins setting service install and stage writing, GitHub setting, NSX/en- enterprise firewall setting, app-dynamic auto-scaling, vault set up Cybersecurity doc preparation, prepared app’s Architect Diagram with routing, port and protocols,

•Developed and Created dev environment on AWS cloud using s3, EC2, VPC, RDS, SNS SQS services using node like js file for creating autoscaling using aws CLI, reported issues for data migration Appdynamic’s capability and cloud security

•Independently developed AWS LAMBDA java-based functionality

•Upgraded & modified drool-based rules for customer segment code coverage, wrote data validation micro service-based architecture, Nexus IQ Server issues handling.

Technologies: WebSphere 8, restful web services, Java 8, STS, PCF, Gradle 2.6/4.7, GitHub, Springboot, security Oauth, Mulesoft

Capgemini Client: State Farm Bloomington, IL Oct 2018 to March 2019 Sr Developer responsible for upgrade, security & performance-related tasks sprint-wise iOS mobile application support division, supporting web apis with rest soap micro-services using spring

●Resolved NIQS Nexus and Chexmarks generalities Performed all tasks for migration of app’s migration from one production env to different env handled jdk to open jdk, tc upgrade to 4, registered for app for cloud management platform

●Figured out Jenkin build issues, junitS coverage pom file upgrade etc

●Analyzed, designed, coded configured and converting legacy app to spring boot microservices architecture, deployed to PCF.

●Resolved production issues by using centralized logs and splunk queries Technologies: Spring Tool Suite(STS), REST API, SOAP API MuleSoft, Spring Boot, Spring Framework, HPE service management, Cloud management portal, Splunk, Spring boot, security Oauth

CACI Inc Client: Scott AFB / SDDC O’Fallon, IL Nov 2014 to Sep 2018

Sr SW/System Developer - Tech Team Lead

Responsibilities: As a team lead, responsible for security-related upgrades and architecture

●Designed architect, coded, and configured for resolving all types to fortify (SAST tools) issues(40K) and made the application ready for enterprise-wide encryption and FIPS-140-2 compliance

●Upgraded, and configured encryption properties for Oracle 11g and 12c weblogic AS and service bus for FIPS-140-2 compliance to encrypt Oracle serviceBus channels and ports

●DIT/DAR encrypted JDBC connection, stopped the nonsecured ports of web logic server, Oracle services-bus, Solaris test design for database performance monitoring and wrote BASH script for performance monitoring (diskIO and cpu) after tablespace encryption, Weblogic FIPS-140-2 implementation implementation and verification, weblogic security patches installation, secured jdbc for all WebLogic based component in system(Siebel, OBIEE and analytic servers)

●Consolidating log-in(SSO like) mechanism for all components of enterprises, Analysis functions of components for login, cache design for all components after successful authentication, wrote servlets and filter, updated web.xml, Checked feasibility with oracle Identity and Access Management

●Updated Jenkin build fixed PowerShell script and Python script

●Wireframed, and designed UI for new apps’ design

●Wrote SQL, optimized them for data access validation, upgraded PL SQL for 11g to 12c migration

●DevOps tasks like-upgrade pom xml files for Build process upgrade and maven from Ant migration

●Design coded ansible based source code for remote deployment of weblogic 11g

●Wrote automated tests script using cucumber and selenium

Rivi Consulting Client: Maxwell AFB / BAH Montgomery, AL April 2014 to Oct 2014 Lead Java Developer responsible for upgrade, modification, defect fixing and security issues fixing of app

●Upgraded, and fixed bugs soap based desktop and web application and sql queries

●Security issues resolved indicated by HP Fortify

●Identifed, debugged web services connection issues

Technologies: Java 1.6Web services 1.2(soap), Java Security Libraries, OC4J, Weblogic12c, jsp, servlets

NGIS Client: USPS IBSSC Div St Louis, MO Sept 2013 to March 2014

Java Developer responsible for design development and architecture of for business re- quirements

Moved from Softpath to NGIS by NGIS after the clearance process.

Project1: Transport Optimization Planning and Scheduling System (TOPS)

●Analyzed designed, coded, configured & Migrated web app running on a windows server in production to a Linux server.

Upgraded web app functionalities with UI and backend functionality including hibernate mapping

Analyzed designed, extracted code configured & Migrated batch processes as a j ar from web-based activation to Linux server-based scheduler

●Converted multi-threaded scheduler process from Windows to Linux-based OS and configured with Linux-based scheduler app.

●Analyzed production issues with IBM heap analyzer and various tool memory leak issues then configured hibernate queries, model, and mapping

Technologies: IBM-based eco system Web Sphere 7.5, RAD 8, Hibernate, Struts, Spring, web services, TOAD, SVN, z/OS, IBM data power, IIB, and MQ

Project2: MPOP

Technologies IBM Web Sphere 7.5, RAD 8, Hibernate, Struts, Korn shell script.

SoftPath System/NGIS USPS IBSSC Div St Louis, MO June 2013 to Sep 2013 Java Developer

Projects: TOPS and MPOPS same as above

Technology: Java1.6-37, JEE, JDBC, Web logic Server 10.3, Eclipse, GIT, Excel libraries Apache POI and JExcel, JavaScripts(jQuery) and Ajax.

Brandon Consulting Client: Oracle / Citi Bank Sioux Falls, SD 11/ 2012 to 05 /13

Java Developer responsible for task completion based on business requirements

•ISW:

•Designed, Modified, enhancement of app, code, unit/system test, bug fix for Citi ISW Information Security Workflow-based app

•Coded, configured Data Access design patterns for ConnectionPooleddata, Per- formance Enhancement, used Oracle DB Sequence implementation and related code changes

•Citi(GIDA)

•Defect fixing of the apps

•Implemented jOOQ based on java based queries in apps

Technologies:

GRAM

•Data Synchronizer/Migration(ETL) app using opendbcopy framework, eclipse, Oracle database, JDBC, with Log4j, log4jdbc spring batch

•Rewrote ISW app code again based on JSF’s Richfaces UI library with better design patterns, and new business requirements responsible for modules worked, used JPA model

•Integrated two ETL processes scheduled on a WebSphere-based scheduler with separate log files

Technology: Java1.6-37, JEE, JDBC, Web logic Server 10.3, Eclipse, GIT, Excel libraries Apache POI and JExcel, JavaScripts(jQuery), and Ajax. Spring, Hibernate, Eclipse SDK SWT, GIT, SVN, Struts2, Excel libraries Apache POI and JExcel, JavaScripts(jQuery), and Ajax.

Hewlett Packard (HP) Enterprise (Transport Div) Plano TX Jan 2012 to Jun 2012

Java Developer responsible for Design, code, unit/system test, bug fix

Aircore Product Enhancements:

•Defect fixing of EJB, XML, Java Code modification, then JUnit testing

Defects fixing for Agilaire front end side:

•Wrote JavaScript-based MVC, JQuery, using Eclipse & Chrome debugger. Wrote utility classes methods for web services, and related changes on front end side

Airline Dish Report Application:

•Wrote ETL app and resolved date and time conversion for geographically distributed application and tested performance

•designed and coded for EMD product Dish Record generating as per IATA Dish Standards for IRS Accounting purpose

•Wrote Dish report generator app’s, wrote configuration for email functionality issues

•Wrote and upgraded maven scripts maven jar Plugin and assembly plugins for deployment issues

•Resolved dependency issues while adapting configuration frameworks

Technology: Java 1.6-25, Java Restful Web Services, EJB 3.0, JEE 2.1/5/6, JBoss EAD 5.01, Gits, Maven, JavaScriptMVC, jQuery, Eclipse3.7 Oracle RAC, Google Guice, Hibernate, Check Style for Errors Control, JBoss App server, Apache commons Configurations, validations, Visual VM, JBoss, Drool etc, Git Distributed Version Control System, Maven Life Cycle Management tools, Git Bash.

Tools: Eclipse, Oracle SQL Developers, Junit Testing, Oracle Data Modeler, Altova Spyware, Visual VM, vi tool for OS: Red Hat Enterprise Linux, VMware for Linux workstation 6

Euro Engineering Laguna Hills, CA 2006- 2009

Business Admin ISO-9000 process implementation and wireframing apps with vendors

Nextgen Info Tech Norcross GA 6/2002- 4/2005

Programmer Analyst analysis, coding testing of apps

Web-based attendance system

Web-based inventory system for trucking company

Technologies: JSP, Servlets, JSTL (J2EE 1.2) JavaScript, using MVC architecture database Oracle or MySQL or based on client’s requirements

EDUCATION AND CERTIFICATION

CompTIA security+ 401,501(valid up to July 22) certified

Novell Certified Internet Professional Sun Certified Java Programmer SCJP 2.0

MS Computer Science 3.5 / 4.0 GPA California State University, Los Angeles, CA PGDBM (IT and Marketing) (equi MBA) - SLIMS (an accredited institute) Ahmedabad, India

BS Engineering Gujarat University, Ahmedabad, India



Contact this candidate