Hi, my name is Nico.
I'm a software engineer.

Want to know more?

About me

Profile Image

Over a decade of software development experience.

Currently diving into reactive programming using Quarkus for my next personal project

I may not be an expert at your particular technology stack - but that's OK. What's important is my ability to break down big problems into smaller ones and the dedication to take ownership of a problem to find the best solution. If this is something you also believe in as a core value within your company, feel free to reach out.

View Experience View Resume

Experience

Audible

(September 2024 - Current)

Developed a scalable, serverless PII security scanner using Python and AWS Lambda.

Developed a security score application to assess and visualize organizational security posture by aggregating data sources across Amazon resulting in a 40% reduction in security compliance gaps. See projects below

Some of my main tasks with Audible are:

  • Providing feedbacks during the design session for new projects

  • Planning, estimating, and contributing to the architecture, coding, and development

  • Ensuring code quality and governance

  • Refactoring and continuous improvements of the codebases

Exiger

(September 2021 - July 2024)

Designed, built, and maintained a suite of microservices for Exiger, ranging from RESTful applications to event-driven services. Utilized Java 17+ with Spring Framework 6 for backend development and deployed to AWS Kubernetes cluster. See projects below

Some of my main tasks with Exiger are:

  • Participate and provide feedbacks during the design session for new projects

  • Led the migration of legacy codebases to modern Spring Boot 3.x applications, enhancing performance and maintainability

  • Developed and managed Helm Charts for seamless deployment with ArgoCD

  • Ensured high code quality by creating comprehensive JUnit test suites

  • Part of an on-call rotation during working hours and holidays

  • Mentored junior team members, fostering their growth and development within the team

Jahia

(September 2020 - August 2021)

Developed and maintained Jahia's open source marketing cloud platform. A modulith application that utilize OSGI technology to build a feature-rich experience tailored for each customer. The backend core code is written in Java with a graphql endpoint. In the frontend, a series of React components alongside some robust libraries and build scripts such as Apollo, react-router, yarn, webpack, etc. See projects below

Some of my main tasks with Jahia are:

  • Taking ownership of projects from the design phase, to implementation, all the way to deployment and maintenance

  • Maintained the CI/CD pipeline that builds image from the Java artifacts

  • Building RESTful API services

  • Wrote JUnit tests both unit and integration tests

  • Updating legacy code

Acquia

(April 2017 - September 2020)

Developing and maintaining Acquia’s marketing cloud platform. This application is a high traffic volume with a low latency Saas platform that delivers personalized content. Core code is written in Java with automation scripts in Python and hosted in AWS using EC2 and Cloudformation and being monitored using Cloudwatch. See projects below

  • Troubleshooting JVM by analyzing flame graphs using linux-perf and perf-map-agents

  • Writing Junit tests

  • Handle bi-weekly deployment release

  • Part of the 24/7 on-call support rotation to adhere to the "five 9's" of availability

Rapid7

(May 2014 - April 2017)

Built and managed a chrome plugin to improve Rapid7's application scanning coverage and to assist in validating vulnerabilities. The plugin enables users to replay and edit recorded traffic generated for vulnerabilities and patch validations. It is written using Javascript on top of Chrome's API


Built and managed a Jenkins plugin that performs a vulnerability scans on any Jenkins job. This plugin empowers developers to continuously push features without manually scanning their VAS applications thus enabling them to find web security defects earlier in the software development lifecycle. See projects below.

For more of my experience, checkout my

Resume

Projects

PII Scanner

Lambda-based solution to automatically detect and manage Personally Identifiable Information (PII) across JIRA and Confluence, ensuring compliance with security and privacy regulations.

Application Security Score

A comprehensive tool that assess the security posture of all internal and customer-facing applications across the organization, providing standardized evaluations, risk insights, and actionable recommendations to enhance overall security status.

Natural Event Monitoring Application

Build an event monitoring application that tracks global natural calamities and sends real-time alerts to clients.

Jahia's Open Source Headless CMS

Developed and maintained Jahia's digital experience platform. This is feature-rich application with highly customizable modules tailored for individual customers. Core backend code is written in Java with graphql endpoints and the frontend is written in React. It is deployed to the cloud using a docker containers or on-prem for better latency and privacy of data.

Source code

Acquia's Marketing Cloud Personalization

Developed and maintained Acquia’s marketing cloud platform. This application is a high traffic volume with low latency saas platform that delivers personalized content. Core code is written in Java and automation scripts in Python. It is deployed to AWS in a cluster of EC2 instance using Cloudformation

See Video

Jenkins plugin

This plugin enables you to configure settings to automatically trigger vulnerability scans when builds of your web application completes. This enables your team to find web security defects earlier in the software development lifecycle.

See Documentation Source Code

Contact

You can reach me at

416-917-2841

nbugash@gmail.com