# Alex Yiu > Leading Cloud Software Development Location: Santa Clara, California, United States Profile: https://flows.cv/alexyiu QUALIFICATION: More than fifteen years of experience in driving architecture, design and development of cutting edge technology projects TECHNICAL SKILLS: Multi-Tenant Security, Distributed Computing, JSON, NoSQL (e.g. MongoDB), SOA (WS-BPEL, SCA, SDO), XML (Schema, XPath, XQuery), Web-Service, JavaEE (JSP, JavaServer Faces, Servlets), Java, SQL, Relational databases Specialties: Working as one of the editors for various Business Process related standard specifications, including: OASIS standard WS-BPEL 2.0 (Business Process Execution Language) http://docs.oasis-open.org/wsbpel/2.0/wsbpel-v2.0.pdf SCA-BPEL Specification http://www.osoa.org/download/attachments/35/SCA_ClientAndImplementationModelforBPEL_V100.pdf?version=1 ## Work Experience ### Staff Engineer @ Sumo Logic Jan 2020 – Present | Redwood City, California, United States Leading Identity and Access Management on various Sumo Logic SaaS Components ### Engineering Leader @ Atollogy, Inc. Jan 2018 – Jan 2020 | Santa Clara, California -- Switching Implementation Language from Java to Python (3.X). -- Expanding Domain Knowledge to Computer Vision and Machine Learning ● Intelligent NVR (Network Video Recorder) Implementation, running on a Ubuntu based Intel-based Small Foot-Print PC. This NVR solution is builtin Python + FFMPEG + OpenCV. Within this Intelligent NVR, we implemented moving object detection and tracking features. Such that Images can be captured from the video in more intelligent ways to be sent to Neural Network Models. This component includes advanced features such as a multi-layer background model. ● Led the effort for Better Python Code Quality: (a) by advocating using Python 3.X Type Hint facility plus Pydantic library, (b) incorporating Pylint and Pyre-Check Type Checking Tool as a part of automatic build processes. ● Kicked off an effort of moving off a monolithic server to a collection of AWS Lambda Functions. For example, (a) Data Transformation (e.g. Annotation Result CVAT XML to Internal JSON format), (b) Data Integration (e.g. propagating events to a customer’s Splunk Endpoint) ● Based on OpenCV “matchTemplate()” function to develop an “anchor point” concept to detect shifting or shaking of a camera. This “anchor point” concept got further extended to support multiple variants of the same “anchor point” area to handle drastic changes of light sources and light intensity. ● Managing and Coordinating Image Annotation with a 3rd Party Off-Shore Annotation Team -- Cloud Factory. Coordination activities include: (a) Design Annotation Instruction and Data Labels+Attributes design; (b) running algorithms to select raw images for Cloud Factory to annotate; (c) building data automation infrastructure needed for post annotation steps ● Working with an Offshore Development Team to build a Data QC Workbench for Internal Data QC folks to review Inference Results of Deep Learning Neural Network and Annotation Results of a 3rd Party Outsourced Team. ### Software Development Engineering @ Elementum SCM Jan 2013 – Jan 2018 Developing Data and Identity Mgt Platform for Supply Chain Management SaaS ● User Authentication:   ● Migrated User Login mechanism from OpenID-1.0 to JWT+OAuth based mechanism   ● SAML Integration     ● Leveraging OKTA, built on top of home-grown OAuth server     ● Fine grain control of which Internal Employees can access which Customer under which Environment (dev, pre-prod, prod) through managed LDAP group membership     ● Facilitate Customer Success team to on-board customers for SAML Integration   ● Provide User Deactivation / Session Termination REST API to Customers   ● Evaluate SCIM implementation strategy and how to leverage AWS Cognito and OKTA ● Data Access Control + Multi-Tenancy Model:   ● Design Security Model that enables Elementum Customers to control what data are shared with Supply Chain partners.   ● Implemented this model over databases, such as, MongoDB and ElasticSearch database.   ● Techniques are Database Query Interceptors, that verifies, rewrites or rejects query requests to a Database, based on Authorization profile of a user ● Master Data Management   ● Led a team of 3 to deliver the full-stack implementation (UI+Backend) of Master Data Management Tool used in on-boarding Customer Master Data   ● One key feature of MDM is Data Duplication Prevention. E.g., when users uploads Factory sites data, duplication of existing sites information should be avoided. It is achieved through “Site Similarity Search” implemented on ElasticSearch, where the geolocation of a site plus fuzzy match of the site’s name is used in search criteria. Other Projects: Graph DB, GraphQL API, Python: Leveraging Python3 Type Hint and enhancing Python Security through Thread Local for security context ### Coder / Designer / Software Architect for Oracle OAuth product @ Oracle Jan 2010 – Jan 2013 Coder / Designer / Software Architect for Oracle OAuth product ** Building security infrastructure based on OAuth Protocol to "rule them all" ** Unified product for Access Control for Cloud, Mobile and Social ** On Mobile side: ---- Mobile Single Sign-On ---- Integrating with Risk-Based Access Management infrastructure ---- Integrating with MDM (Mobile Device Management) infrastructure ** On Cloud side: ---- Two-legged version of OAuth protocol ---- Identity Federation using JWT and SAML Tokens ** On Social side: OpenID Connect ### Senior SDE @ Amazon.com Jan 2008 – Jan 2010 Development: Proprietary SOA / RPC Infrastructure Research: JSON Schema and RESTful interface ### Principal Member of Technical Staff @ Oracle Corporation Jan 1997 – Jan 2008 ** WS-BPEL 2.0 Specification: invited as an editor for WS-BPEL specification in Apr 2004. WS-BPEL 2.0 has become an OASIS standard in April 2007. ** SCA (Service Component Architecture) - Specification Participation: Work as an editor for SCA-BPEL Specification ** BPEL Product Development: - enhancing BPEL XML manipulation and Schema capabilities - integrating SDO (Service Data Object) with BPEL ** Binary XML - Listed as a co-inventor of Oracle's patent application for "Encoding of Hierarchically Organized Data for Efficient Storage and Processing" (filed in July 2005) (http://www.freepatentsonline.com/20060212467.html) ** Oracle JSP Engine - Responsible for two features upgrade cycle: from JSP 1.0 to 1.1 and from 1.1 to 1.2. Also, oversaw parts of JSP 2.0 implementation - Being the Oracle representative to JSP expert groups: Special acknowledgments are made in JSP 2.0: "... Alex Yiu for his thorough analysis on the invocation protocol and I18N" ### Software Engineer @ Springfield Financial Advisory Jan 1994 – Jan 1995 Developed a syndicated loan market information system that provides decision support. This system is sold as a product / service to other financial firms and investment banks. It was developed with Visual Basic and MS Access. Different stages of development cycle were participated, including, database schema design, requirement fine-tuning, implementation and beta-testing. ## Education ### M.Sc in Computer Science University of Southern California ### B.Sc in Computer Science The Chinese University of Hong Kong ## Contact & Social - LinkedIn: https://linkedin.com/in/alexyiu --- Source: https://flows.cv/alexyiu JSON Resume: https://flows.cv/alexyiu/resume.json Last updated: 2026-04-12