A9.com is a wholly owned subsidiary of Amazon.com specializing in search technologies and online advertising.

Developed a number of scalable, highly available and secure distributed systems powering Amazon.com and other related Web sites (A9.com, clickriver.com, askville.com).

* Developed several generations of high-volume low-latency ad serving systems for text and display advertising which required solving a number of challenging engineering and algorithmic problems (Java, Spring, Berkeley DB, Tomcat, Oracle, Hadoop, AWS(S3, MechTurk), Linux)

* Devised and implemented a number of sponsored link placement optimization techniques (Java, Berkeley DB, MySQL, web services)

* Designed and implemented backend for a question-answering web site with a number of social networking features (Scala, Play, AWS(DynamoDB, CloudSearch, S3), Apache, OAuth2)

* My referral and recruiting efforts led to over 10 engineering hires

* 7 patent applications

Provided hands-on technical leadership in architecture, design, and implementation of the new features of the SunONE Certificate Server and SunONE Identity Server (secure logging, session failover, Kerberos authentication via SPNEGO etc.) Provided assistance to customers with deployment, customization and troubleshooting. Contributed to development of XML Key Management Specification (XKMS) in W3C.

US Patent US8090829

Determining a backup server for a session based on a deterministic mechanism and the session's key value

Was hired as an engineering employee number 4. Engaged in all technology aspects of bringing financial service startup company off the ground: technology evaluation, requirements collection, architecture, data modeling, application design and implementation, automated testing, build and deployment mechanics, security framework design and implementation, application security analysis and code review, performance tuning, failover and load balancing, production problem isolation and fixes. Developed applications use wide range of Web and back-office technologies with complex business and operational (security, availability, scalability) requirements

Netscape Certificate Server (one of the two surviving Netscape server products, its line now is continued by http://www.redhat.com/certificate_system/): 4-tier Web service to manage public-key certificates used to enable secure Internet communications and electronic commerce. Was second engineer on the team to develop one of the first products in its kind. Architected and provided technical leadership for the second generation of the product which is a major rewrite leveraging Java technology. Both versions of the product run on Windows NT and 5 major UNIX platforms. Product architecture consisted of multithreaded server back-end communicating with HTML/JavaScript browser-based or Java front- end, Informix RDBMS or LDAP-based persistent store and LDAP-based corporate directory.

Product development required fundamental knowledge and extensive use of the following technologies: C++, Java (including JNI and security models), C, JavaScript, HTML, databases, cryptographic algorithms, protocols and standards (ITU-T X-series: X.509, ASN.1; RSA, DSA, SSL, S/MIME, SET, PKCS series), computer and network security, network protocols (HTTP, LDAP, RMI, IIOP), multithreaded programming, language parsing and interpretation, software internationalization.

Coauthored Internet RFC 2560 on Online Certificate Status Protocol (OCSP)

SA-SECURITY: distributed security framework for the client-server applications. Features included: Kerberos-like user authentication protocol; hierarchical framework for user access rights management based on dynamically defined properties, arbitrary user grouping and ACL inheritance; user session management and monitoring facilities.

SA-SCULPTOR - toolset for the automatic conversion of Tandem's SCREEN COBOL applications to C/C++ and different target GUI environments (including MS Windows, X/Motif, Windows NT etc.)