I am a Backend Engineer focused on building resilient, high-security distributed systems.
With 3.5 years of experience leading operational workflows, I understand that software doesn't exist in a vacuumโit must be reliable, observable, and secure. I transitioned into engineering through an intensive Backend Residency, where I architected enterprise-grade systems from the ground up, simulating high-traffic production environments.
I don't just write code; I engineer deployable solutions. My focus is on Spring Boot architecture, Cloud Security (OAuth2/JWT), and DevOps parity.
| Domain | Technologies |
|---|---|
| Backend Core |    |
| Data & Cache |    |
| Infrastructure |    |
| Tooling |    |
A hardened, zero-trust identity platform built to mitigate OWASP Top 10 vulnerabilities.
This is not a simple login app. It is a production-ready security framework deployed on AWS, featuring:
- Defense-in-Depth: Layered security using Nginx Rate Limiting (Layer 7) and Redis Bucket4j (Application Layer).
- Adaptive Risk Engine: Analyzes Geo-Velocity (Impossible Travel) and Device Fingerprints to block suspicious access in real-time.
- Stateless Architecture: Fully decoupled using JWT Rotation, OAuth2, and Redis for session management.
- Observability: Integrated MDC logging, audit trails, and performance monitoring.
- Deployment: Fully deployed on AWS EC2
Live Demo Swagger UI / API Documentation: ๐ https://prasad-auth-sys.duckdns.org/swagger-ui/index.html
- Security First: I assume the network is hostile. Every endpoint is rate-limited, validated, and monitored.
- Infrastructure as Code: "It works on my machine" is a bug. I use Docker to ensure parity between dev and prod.
- Radical Simplicity: Complexity is the enemy of reliability. I prefer boring, proven technologies (Postgres, Redis, Java) over hype.