Department: Nginx+, PD

Position: Principal Software Engineer

Responsibilities: new features development, legacy code maintenance.

• SME in MQTT, Keyval, Active Health Checks, JWT Auth.

• Significantly reduced traffic overhead by implementing JWT key caching. (С)

• Implemented keepalive mode for Active Health Checks, contributing to system robustness (C).

• Pioneered the integration of Nginx+ into the growing IoT market through the implementation of new MQTT stream preread and filter modules (C).

• Leading a development team in the creation of a new module.

• Actively participated in technical and design discussions.

Department: Access Policy Management module (APM), PD

Position: Principal Software Engineer

Responsibilities: new features development, legacy code maintenance.

• SME in LDAP, MSRPC, NTLM, Active Directory, Kerberos, RADIUS, RSA SecurID, SSO.

• Drove new features development and maintained legacy code, specializing in LDAP, MSRPC, NTLM, Active Directory, Kerberos, RADIUS, RSA SecurID, and SSO.

• Redesigned and re-implemented the LDAP module, resulting in a performance boost of over 20% (C++).

• Key contributor to the MFA team, implementing agents for adding and verifying client devices (C++).

• Designed and implemented OAuth client authentication module (C++).

• Expanded the proprietary ASN.1 library with DER encoding (C).

• Developed libmsrpc, eliminating SAMBA dependency on BigIP and resolving security issues in SMB protocols (C++).

• Ported NAP module of Nginx+ to multiple OS, creating corresponding pipelines in gitlab (C/C++, YAML).

• Established development infrastructure for APM team to work in gitlab (YAML).

• Handled numerous customer cases and internally reported bugs (C/C++, XML, PHP).

Department: Access Policy Management module (APM), PD

Position: Software Engineer III

Responsibilities: new features development, legacy code maintenance.

Most memorable projects are:

• designed and implemented AD/LDAP group caches

• designed and implemented support for nested groups by AD/LDAP modules

• support for paged results returned by AD/LDAP server

• support for UPN suffix for AD – users across a forest can log in seamlessly

• AD Auth performance improvement by including PADATA in very first AS-REQ

• implemented clientKey encryption mechanism for APM module of BigIP

• designed and implemented session variable modifiers for APM module

deployed and maintained few LAN segments based on Windows Server 2K+ and Linux (RedHat/Debian families)

maintained ISP internet access service based on several linux (RedHat) servers (gateway, billing system, local web services, customer web services)

developed web-application (Perl) to manage and control BroadBand Wireless Access equipment (BreezeAccess) via SNMP. The system includes daemon process (linux C) to update stats from endpoint devices.