Application Security

Full-stack developer

Java developer

JavaScript developer

As a Java Developer, I worked in the update of custom adapters. These adapters decoupled the integration of the application with 3rd party provided products like databases, reporting systems and BPM servers.

Implemented new modules in a suite of regression tests to guarantee the adapters back-compatibility

Implemented unit tests using JUnit to increase code quality and coverage

Updated adapters for SQL databases like Oracle and MySQL, ECM servers like Oracle ECM, Business Intelligence servers like Pentaho and Oracle BI and BPM products like Oracle SOA

As a UI Engineer, I collaborate with a multifunctional team of designers, product owners and other engineers to constantly adapt and update the user interface for multiple LinkedIn products. Using Ember.js based tools we build reusable UI components.

 - [Microsoft Word Resume Assistant](https://support.office.com/en-gb/article/write-your-best-resume-with-help-from-linkedin-and-resume-assistant-444ff6f0-ef74-4a9c-9091-ffd7a9d1917a) is a Microsoft Office Word feature to help job seekers craft quality resumes
 - As lead developer, I have to maintain this Ember application, following all the quality guidelines from Microsoft

Lead front-end developer for Resume Assistant

 - Build new web features using Ember components to help job seekers find better job opportunities and employers to find quality candidates.

 - As a champion, my job is to improve LinkedIn Jobs web pages to make sure it is accessible all people, doesn't matter what kind of disabilities they might have.
 - Provide guidance on A11y best practices to other team members.
Work with designers to make sure A11y is considered for new features.

Web applications can have performance problems for multiple reasons: Increased asset size, network and server issues, memory leaks. My role is to find when a regression happens and fix it (if possible)

Maintain a REST API built with Java, [Rest.li](https://linkedin.github.io/rest.li/) and [Parseq](https://github.com/linkedin/parseq)

As a senior developer, I contributed to create [PaaS](https://en.wikipedia.org/wiki/Platform_as_a_service) based applications using micro-services over an AWS infrastructure. I mentored and helped my teammates to complete their user stories successfully and in time. Also, I collaborate with the Architects team to improve the design of our cloud-based infrastructure, implement proofs of concept, document research results, and solve problems which appear during day-to-day development.

Worked under an Agile methodology (Scrum), acting as backup Scrum Master

Built an internal ReactJS application with Redux and Rxjs (including its REST API build in NodeJS with Restify) to execute and monitor build jobs in Jenkins

 - Exposed REST APIs created with Spring Boot through WSO02 API Gateway
 - Implemented and maintained a cluster of WSO2 products (over AWS EC2 instances running CentOS) including API Manager, Identity Server and Data Analytics
 - Implemented an implicit OAuth2 grant, using the WSO2 Identity Server and AngularJS

 - Troubleshooted infrastructure and networking issues on AWS services using EC2, Security Groups, ELB instances and Route 53
 - Troubleshooted AWS services like RDS and Elasticache
 - Created Bash scripts to run as Cronjobs to synchronize configuration files with Rsync, and to guarantee the availability of servers running inside EC2 instances
 - Created and maintained services in PaaS products like Openshift and CloudFoundry

Administrated Linux servers and multiple Amazon Web Services (AWS) services

 - Used Spring Boot, Spring Cloud, Spring Data, Maven, RabbitMQ for asynchronous inter-service communication, and Docker as a deployment unit
 - Implemented Single-Sign-On clients for SAML 2.0 (with Spring Boot MVC) and OpenID Connect (with JavaScript)

Built Java micro-services with Spring and Docker

Troubleshooted CI/CD pipelines implemented with Jenkins, which build the micro-services in each commit to Git (BitBucket), packaging them in Docker and deploy them to both Openshift and CloudFoundry on the same pipeline.

Maintained Spring Data repositories which connect to MySQL and MongoDB

Trained and mentored other developers in best practices of software development, debugging and infrastructure implementation

I like to learn new technologies and I'm constantly involved in trainings and hackathons. These are a few of the technologies I've tried outside my day job.

__Hackathon__: Developed an [embedded application](https://github.com/orgs/golang-iot/dashboard) with Golang to retrieve pictures from a Raspberry Pi and send them to AWS Rekognition for facial recognition.

Created a blog about Serverless applications, hosted at [Medium](https://medium.com/a-man-with-no-server).

__Hackathon__: Developed an Angular application to visualize relationships between people stored in a Neo4J database, and displaying the data through a D3 data graph

As the software architect for ACSSP/REACH, I worked with the architects of the other H&PS SW products to implement new features and integrate with the other applications. I participated in the innovation initiative to bring new technologies to the product.

Worked under an Agile methodology (Scrum)

Implemented best practices for building REST APIs to expose core functionality in the product. Also, implemented OAuth2 for the authorization of those REST services

 - Created Java Portlets using Maven, Spring Portlet MVC and AngularJS for Liferay and Websphere Portal Server
 - Worked with client implementation teams to fix Angular-based Java Portlets with Material design, to help them achieve their delivery dates

Developed Java Portlet-based applications

- Created a library of responsive Angular components, using Bootstrap, CSS/Sass, Grunt
 - Trained developers on AngularJS development and UI best practices

Built modern front-end applications using AngularJS

Analyzed and designed integration of new code modules with legacy code, implementing common design patterns like adapter, facade, decorator, builder and factory method


- Created models for regression and classification using Python and scikit-learn
  - Built a classification model for a medical dataset to predict whether or not a patient is at risk of a stroke.
  - Built a logistic regression model to predict business revenue based on past sales.
- Built a couple of reinforcement agents to solve mini-games:
  - Pole-balancing problem
  - Variations of a grid world.
- Built a convolutional neural netowrk with both Tensorflow and Pytorch to solve the following problems:
  - Image classification.
  - Style transfer.
- Build data visualization tools with D3 and used Tableau integrating with CVS files and PostgreSQL


As a Security Analyst, I performed security assessments manually and using automated tools. Also, provided training and guidance for developers on vulnerability remediation, threat modeling and secure coding.

Performed Black, Grey and White box security testing for applications from multiple vendors

Performed automated static code analysis to detect vulnerabilities using HP Fortify and Burp scanner

Conducted multiple training sessions for software developers in the company to help them understand common vulnerabilities and how to fix them

Performed automated security tests using HP Fortify. Analyzed the results, removing false positives and adjusting the criticality based on the application context

Performed Thread Modeling analysis for clients to help them determine possible security risks in their applications and infrastructure

As a Web Developer, I used JQuery, ExtJS and Lotus Domino to create web applications.

Used JQuery to perform AJAX requests to backend services exposed by Lotus Domino

Created UI modules using HTML, CSS and JavaScript

Maintained a Lotus Domino database, to store client records

Implemented a proof of concept using Ruby on Rails to create a web application

Pedro Marquez

Full Stack developer, Java Architect and Certified Ethical Hacker.


In the past 10+ years of my career I've worked all over the stack, from the front end all the way to DevOps and system design.

## Front-end

As a web developer, I have experience with frameworks like React and Ember to build large scale applications.
In my professional experience, I have aquired the following skills:

- I'm trained in designing interfaces that are compliant with [WCAG 2](https://www.w3.org/WAI/standards-guidelines/wcag/).
- I'm proficient with both JavaScript and TypeScript.
- I've created D3 visualization components for data analysis.

I also have some experience with Dart and Flutter to build mobile applications for personal projects.

## Back-end

As a Java developer (and as a back-end developer in general), I've worked in enterprise and large, distributed applications for 5+ years. I the past few years, I have:

- Used frameworks like Spring, Maven, Gradle, and Play.
- Integrated with databases like PosgreSQL, MongoDB and Neo4J.
- Deployed Spring Boot and NodeJS Express based applications to Docker containers.
- Integrated Java micro-services services with cloud-hosted services like AWS RDS.

I recently wrote a book about back-end development: ["Backend Developer in 30 Days"](https://www.amazon.com/dp/9355513216/ref=cm_sw_r_apa_i_V19CYDR26B3R3ST9QMPP_0).


Full-Stack developer


Even though I'm a full-stack developer, front-end development has been my main role for the past years.

As a web developer, I have experience with frameworks like React and Ember to build large scale applications.
In my professional experience, I have aquired the following skills:

- I'm trained in designing interfaces that are compliant with [WCAG 2](https://www.w3.org/WAI/standards-guidelines/wcag/).
- I'm proficient with both JavaScript and TypeScript.
- I've created D3 visualization components for data analysis.

I also have some experience with Dart and Flutter to build mobile applications for personal projects.


Front-end developer


As a Java developer (and as a back-end developer in general), I've worked in enterprise and large, distributed applications for 5+ years. I the past few years, I have:

- Used frameworks like Spring, Maven, Gradle, and Play.
- Integrated with databases like PosgreSQL, MongoDB and Neo4J.
- Deployed Spring Boot and NodeJS Express based applications to Docker containers.
- Integrated Java micro-services services with cloud-hosted services like AWS RDS.

I recently wrote a book about back-end development: ["Backend Developer in 30 Days"](https://www.amazon.com/dp/9355513216/ref=cm_sw_r_apa_i_V19CYDR26B3R3ST9QMPP_0).



I aquired my Master of Science in Computer Science title with a specialization in Machine Learning in May 2020.

In the time I worked for my degree, I gained experience with Python and tools like scikit-learn, Tensorflow and Pytorch.

I built visualization tools using Python and JavaScript's D3, sourcing from PostgreSQL databases.


Pedro Marquez-Soto: Full-stack engineer