Vinodh Nagarajaiah

Centralized Authentication Architecture for Enterprise Proxies

Technical Lead | Aug 2025 – Present

• Designed and documented two authentication protocols for enterprise proxy services: session-based PKCE with Redis caching and stateless HMAC-SHA256 with hybrid salt protection, providing comprehensive authentication alternatives for different enterprise requirements
• Created detailed technical specifications including complete Java Spring Boot implementation code, HMAC-SHA256 algorithms, multi-layer salt computation logic, and constant-time comparison functions for timing attack protection
• Conducted thorough security analysis documenting attack vectors including replay attacks, timing attacks, salt extraction through reverse engineering, and message tampering, with corresponding mitigation strategies and security boundaries
• Designed AWS-integrated configuration management using Parameter Store for application whitelists, Secrets Manager for base salt storage, and IAM-controlled access patterns, enabling secure configuration without hard-coded secrets in proxy services
• Developed comprehensive API specification documents defining request/response formats, authentication headers (X-App-Bundle, X-HMAC-Signature, X-Time-Minute), error response codes, and YAML configuration schemas for production deployment

Shadowstack Convergence & Unified Architecture Design
Architect & Technical Lead | Feb 2025 – Present

• Establishing a migration framework and designing architectural plans to evaluate all 40+ Shadowstack services for retention, integration into existing F-Secure services, or complete overhaul, collaborating with higher leads, product leads, and engineering managers to complete evaluations for services while safeguarding the 2026 convergence deadline.
• Designing a scalable architecture, increasing system throughput by 10% while maintaining 99.9% SLA compliance and robust security standards.
• Consolidating cloud infrastructure, lowering costs by 20% through modernization of legacy Shadowstack technologies.
• Streamlining overlapping service functionalities, preserving 100% of critical customer requirements with zero disruptions.
• Leading a team of 5 engineers and collaborating with platform, infrastructure, client, and product teams, accelerating convergence timelines by 25% through phased execution and risk mitigation.

AI-CodeMedic: LLM-Powered Debugging & Self-Healing Engine
Contributor – Design, Development & Evaluation | Jul 2025 – Present

• Proposed and co-developed AI-CodeMedic during F-Secure’s AI HackWeek 2025, securing 2nd place for building a prototype that auto-scans logs, diagnoses bugs using LLMs, and generates review-ready PRs—achieving an estimated 60% reduction in debugging effort.
• Engineered key components of the solution using Java 21, Spring Boot 3.x, and OpenAI LLM APIs, integrating with Bitbucket and OpenSearch.
• Currently part of the cross-functional team evaluating and enhancing the solution for real-world adoption—collaborating with platform, product, and DevSecOps teams to ensure compliance with SLA, security, and workflow standards.
• Contributing to development of a feedback loop to improve PR suggestion accuracy, reduce false positives, and establish trust among engineering teams.
• Expected to reach production-ready maturity by mid-Q4 2025.

Social Media Monitoring (SMM) Project for Major Telecom Provider
Team Lead & Backend Developer | Jul 2024 – Feb 2025

• Delivered a real-time SMM service processing 1,000+ event requests per second, achieving 99.9% system availability and zero SLA breaches.
• Optimized backend services, enabling a 50% increase in event volume handling without performance degradation, saving 10% in scaling costs.
• Led a 15-engineer team, completing integration and deployment 2 weeks ahead of schedule, ensuring compliance with security and data privacy standards.

Social Media Monitoring (SMM) Service Using ZeroFox APIs
Team Lead, Architect, & Backend Developer | Feb 2024 – Apr 2024

• Architected a scalable SMM service with ZeroFox APIs, Kafka, and webhooks, reducing detection-to-notification time by 40% for real-time alerts.
• Delivered a fully customized solution within a 45-day deadline, achieving 100% of performance and security requirements for client satisfaction.
• Directed a team of 5 backend engineers while acting as architect, developer, and single point of contact, coordinating with cross-functional teams to meet the 45-day deadline and fulfill all performance and security standards.
• Enabled 50+ client-specific customizations, boosting deployment flexibility and reducing onboarding time by 20%.

CPS: Content Publisher Service
Team Lead, Architect, & Backend Developer | Feb 2024 – Apr 2024

• Built a Java-based subscription service with Storyblok integration, delivering real-time breach reports with 99.95% uptime for 100,000+ users.
• Optimized database schema, reducing data retrieval times by 25% and supporting 30% growth in user base without additional resources.
• Led a team of 5 backend engineers while serving as architect and developer, driving design and infrastructure decisions to complete the project 5 days ahead of a 45-day deadline, meeting 100% of performance and security standards.
• Implemented failure recovery strategies, reducing operational disruptions by 50% and ensuring robust system reliability.