_ _ _ ____ ____ _ _ _ | | | | / \ | _ \/ ___|| | | | / \ | |_| | / _ \ | |_) \___ \| |_| | / _ \ | _ |/ ___ \| _ < ___) | _ |/ ___ \ |_| |_/_/ \_\_| \_\____/|_| |_/_/ \_\
Embedded • Robotics Safety • Distributed Backend • AI/RAG
Systems engineer who can sit next to hardware with a multimeter at 2AM and write the backend service + CI/CD + monitoring that ships that hardware into the real world. Safety, reliability, clean handoff from prototype → production.
Backend & Distributed Systems: Spring Boot microservices, Kafka/Flink streaming,
real-time delivery/dispatch, PCI-aware tokenization vaults, rate-limited public APIs.
Cyber-Physical Systems & Robotics: autonomous landmine detection UGV with pulse-induction sensing,
safety-radius navigation, confirm-dwell logic, MATLAB/Simulink controller design.
Embedded / Edge IoT: ESP32 NAT Wi-Fi repeater (AP+STA, hairpin NAT, OTA), Sony Spresense/STM32 data
nodes for polyhouse/solar dryer control with MQTT/FTP fallback, watchdog recovery, brownout safety.
AI / RAG Automation: FastAPI + vector search (Qdrant/OpenSearch), doc extraction (Donut/LayoutLMv3),
multilingual assistants, observability and guardrails.
Roles where I own real systems end to end. I ship. I debug. I don't ghost when it breaks.
Drop me in and I start delivering.
Real builds, not class toy code.
Ground robot scanning for buried mines with pulse-induction sensing, KNN classification, safety-radius enforcement — never drives onto a suspected mine. Confirm-dwell logic, safe coverage path planning, MATLAB/Simulink controller design.
Custom ESP-IDF 5.x firmware: dual-mode AP+STA repeater with hairpin NAT, DHCP server, DNS proxy, mDNS reflector, MAC ACLs, rate limits, watchdog recovery, OTA with rollback, MQTT telemetry for remote health monitoring.
Edge-native control on Sony Spresense / STM32 for agricultural drying and climate control. FreeRTOS-safe queues, hybrid connectivity (ESP32 Wi-Fi + GSM), MQTT/FTP uplink, watchdog-driven recovery for field reliability.
Spring Boot ingest API + React dashboard watching remote ESP32 / Spresense units. JWT auth, rate limiting, PostgreSQL heartbeat/last-seen models, alerting for offline nodes. Hardened Linux/Nginx deploy with TLS.
pfSense/OPNsense HA (CARP+pfsync) across Untrust/Trust/DMZ/VPN zones; WireGuard + FreeRADIUS + TOTP; Zeek + Suricata into ELK; Nginx+ModSecurity (OWASP CRS); failover drills near-zero packet loss. Automated via Ansible + Docker.
Lightweight ASCON & GIFT ciphers defended using RNN-based adaptive security policies on Raspberry Pi. Keeps comms hardened in hostile environments while staying real-time and power aware.
Real-Time Payment Authorization (Spring Boot, Kafka, Oracle): idempotent auth/capture/void,
Saga orchestration, OAuth2/mTLS, p95 < 50ms.
Card Tokenization & Vault: format-preserving tokenization with Vault Transit / SoftHSM, PCI-aware audit.
3DS 2.2 Emulator & SDK: ACS-like emulator, signed JWT, Redis state.
Streaming Fraud Pipeline: Kafka → Flink → scoring + Redis, exactly-once, Grafana SLOs.
Order & Delivery Assignment: Spring Boot + Kafka + Redis + DynamoDB, rider assignment
at >50k events/min, p95 < 70ms.
Instant Search & Recommendation: Go microservice, gRPC, Elasticsearch+Redis, +18% CTR in A/B sims.
Dynamic Pricing & Surge Forecasting: AWS Lambda + Redis surge cache, DynamoDB rule store.
Domain-driven microservices (Java 17, Spring Boot 3, WebFlux) with CQRS+Saga for order lifecycle, Kafka/RabbitMQ events, Redis caching, API Gateway/BFF, and full DevSecOps pipeline (Jenkins, SonarQube, Fortify, Black Duck, blue/green deploys).
OPC UA + MQTT ingest into PostgreSQL/TimescaleDB with retention + rollups. FastAPI exposes /tags, /events, /trend with downsampling and pagination. Prometheus exporters + Grafana dashboards for ingest QPS and health.
C#/.NET 8 service modeling limits, deadbands, hysteresis, shelving; CQRS + outbox to Kafka. REST/gRPC with idempotency keys, xUnit tests, container image signing, SBOM, secure supply chain.
Compact SQL-subset compiler with LL(1) parser, AST, symbol table, semantic checks, and IR that can eval on CSV or emit vendor SQL (Oracle/SQLite). Includes optimizer (projection/selection pushdown, constant folding) and EXPLAIN-style pretty printer.
End-to-end RAG pipeline: semantic+layout chunking, hybrid retrieval (BM25 in OpenSearch + dense in Qdrant), bge reranker, tool-using agent (table extraction, OCR fallback), FastAPI+vLLM serving. RAGAS/TruLens eval, OpenTelemetry tracing, Grafana dashboards.
Fine-tuned Donut & LayoutLMv3 for scanned contracts/invoices. Post-processing with regex + Pydantic validators and an LLM repair step for edge cases, exported as clean structured JSON/CSV.
Reusable eval harness with RAGAS, golden-set sampling, toxicity/PII guardrails, schema validation, drift monitoring, and OpenTelemetry traces into Grafana dashboards.
Retrieval-augmented assistant for English + Indic FAQs using IndicTrans2 normalization and multilingual embeddings. FastAPI with Qdrant + Redis cache and BM25 fallback for when embeddings miss.
Real teams. Real deployments. Real users.
» Built Spresense/ESP32 edge CPS node for smart polyhouse drying: FreeRTOS pipeline, MQTT/FTP uplink, watchdog recovery.
» Wrote Java Spring Boot ingest API with JWT auth, rate limiting, PostgreSQL, Docker/K8s deploy, CI/CD, SonarQube gates.
» Shipped observability (Prometheus, OpenTelemetry, Grafana) so field deployments are debuggable instead of guesswork.
» Worked cross-team (hardware, data, platform), sprint-based delivery.
» Delivered production site + lead capture backend for a real industrial client.
» Set up Linux hosting (Nginx, SSL/TLS), DNS, uptime tuning, and simple admin portal.
» Coursework: Distributed Systems, Networks, OS, DBMS, Algorithms, Embedded Systems, AI/ML.
» Workshops: IIT Madras (AI/ML, IoT on Raspberry Pi).
» AWS Academy Graduate: Cloud Foundations & Data Engineering.
» AEEE AIR: 369.
Open for Embedded / Robotics Safety (CPS), Backend/Platform, Infra/DevSecOps, and Applied AI/RAG. Have something serious and want it shipped? Reach out.