Hi, I'm Rajesh Paswan
Full Stack Developer | DevOps Engineer | Cloud & Security Enthusiast
Building scalable applications, automating infrastructure, and securing systems.
Full-stack developer with hands-on experience building and deploying production applications. Expertise spans frontend, backend, cloud infrastructure, deployment automation, and security hardening.
About
Engineer who ships and secures
I bridge the gap between writing code and running it in production. My work isn't limited to frontend interfaces — I own the full lifecycle from development through deployment, monitoring, and incident response.
Full-Stack Development
Building production applications with React, Next.js, Node.js, and Express — from UI components to REST APIs and database layers.
Real-World Deployments
Not just local dev — I've provisioned AWS EC2 servers, configured Nginx reverse proxies, managed SSL certificates, and kept production sites running.
Self-Driven DevOps
Learned infrastructure through doing: Docker containerization, GitHub Actions CI/CD, PM2 process management, and webhook-based deploy automation.
Production Troubleshooting
Handled real incidents — cryptominer detection and removal, malware cleanup, log forensics, and post-incident server hardening.
Security-Minded Engineering
Security headers, rate limiting, IAM best practices, GuardDuty monitoring, and practical hardening woven into every deployment.
Automation First
I automate repetitive ops work — CI/CD pipelines, container builds, deploy scripts, and infrastructure patterns that scale with the codebase.
Skills
Technologies I work with
Categorized by domain — each tool listed here reflects hands-on experience, not resume padding.
Frontend
Modern interfaces from static sites to React and Next.js apps.
HTML5 & CSS3
ProductionSemantic markup, responsive layouts, and accessible UI patterns.
JavaScript (ES6+)
ProductionAsync flows, DOM APIs, and modular application logic.
TypeScript
ProficientTyped React and Node.js codebases with safer refactors.
Tailwind CSS
ProductionUtility-first styling for fast, consistent UI delivery.
Bootstrap
ProficientRapid prototyping and legacy client site maintenance.
React
ProductionComponent-driven UIs with hooks and client-side state.
Next.js
ProductionApp Router, SSR/SSG, and production-ready React apps.
EJS Templates
ProductionServer-rendered views for Node.js production websites.
Swiper.js
ProficientTouch-friendly carousels and content sliders.
Owl Carousel
ProficientLegacy carousel integrations on business websites.
Magnific Popup
ProficientLightbox and modal experiences for media galleries.
jQuery
FamiliarDOM manipulation on existing production codebases.
Progressive Web Apps
ProficientOffline-ready experiences and installable web apps.
Backend
APIs, authentication, and server-side rendering with Node.js.
Node.js
ProductionREST services, middleware pipelines, and production APIs.
Express.js
ProductionRouting, validation, and modular backend architecture.
REST APIs
ProductionResource design, versioning, and integration patterns.
EJS SSR
ProductionDynamic HTML generation for multi-page applications.
Token Authentication
ProductionAccess and refresh token flows for secure sessions.
SMTP & Email
ProficientTransactional email via Brevo and custom SMTP setups.
Databases
Document and relational data stores in production workloads.
MongoDB
ProductionSchema design, indexing, and application data modeling.
MySQL
ProficientRelational queries, migrations, and structured data.
phpMyAdmin
ProficientDatabase administration and query debugging.
Cloud & AWS
AWS services for compute, storage, monitoring, and security.
AWS EC2
ProductionUbuntu server provisioning and application hosting.
AWS S3
ProductionObject storage for assets, backups, and static files.
AWS CloudTrail
ProficientAPI activity auditing and accountability trails.
AWS CloudWatch
ProficientMetrics, alarms, and operational visibility.
AWS GuardDuty
ProficientThreat detection and suspicious activity monitoring.
AWS Inspector
ProficientAutomated vulnerability assessments for workloads.
AWS SNS
ProficientAlerting and notification fan-out for incidents.
AWS Athena
Working KnowledgeSQL analysis over CloudTrail and log data in S3.
DevOps
Deployment pipelines, containers, and Linux server operations.
Nginx
ProductionReverse proxy, SSL termination, and static asset serving.
PM2
ProductionProcess supervision and zero-downtime Node.js deploys.
Docker
ProductionContainerized apps with reproducible environments.
GitHub Actions
ProductionCI/CD workflows for build, test, and deploy stages.
GHCR
ProficientContainer image registry integrated with GitHub pipelines.
Linux (Ubuntu)
ProductionServer administration, SSH hardening, and troubleshooting.
SSL & Domains
ProductionCertificate management and DNS configuration.
CI/CD Pipelines
ProductionAutomated build-test-deploy across environments.
Webhook Deploys
ProficientPush-to-deploy automation from Git events.
Security
Practical hardening, monitoring, and incident response experience.
Server Hardening
ProductionSSH lockdown, firewall rules, and least-privilege access.
Security Headers
ProductionCSP, HSTS, and Nginx header hardening.
Rate Limiting
ProficientAPI abuse prevention and edge-level throttling.
API Protection
ProficientAuth boundaries, input validation, and token hygiene.
CloudTrail Auditing
ProficientForensic review of AWS API and access patterns.
GuardDuty Monitoring
ProficientContinuous threat intelligence for cloud workloads.
Vulnerability Assessment
ProficientSurface scanning and prioritized remediation.
Incident Response
ProductionContainment, root cause analysis, and recovery playbooks.
Malware Investigation
ProficientCryptominer detection, cleanup, and post-incident hardening.
Log Analysis
ProductionNginx, system, and application log correlation.
IAM Best Practices
ProficientRole-based access, key rotation, and policy scoping.
Secret Rotation
ProficientCredential lifecycle and secure environment management.
Testing & Tooling
Quality gates and developer workflow tooling.
Playwright
FamiliarEnd-to-end test flows for critical user paths.
Jest
FamiliarUnit and integration tests for Node.js services.
Zod
FamiliarRuntime schema validation at API boundaries.
Sentry
FamiliarError tracking and production observability.
Git & GitHub
ProductionBranching workflows, PR reviews, and release management.
Projects
Featured work
Production systems I've built and deployed — spanning public websites, authenticated portals, internal tooling, and automated infrastructure.
Public Web Platform
Client-facing web application
A modern, responsive public website built with Next.js — optimized for performance, mobile-first layouts, and a polished end-user experience.
Technologies
Responsibilities
- Designed and implemented responsive page layouts
- Optimized assets and rendering for fast page loads
- Structured content for maintainable component architecture
Infrastructure
- Static generation and edge-friendly deployment
- CDN-ready asset pipeline
Security
- Security headers via hosting configuration
- Input sanitization on dynamic content surfaces
Membership Portal
Authenticated web application
A membership management portal with backend integrations for user management, protected routes, and operational workflows.
Technologies
Responsibilities
- Built authentication flows with access and refresh tokens
- Integrated membership APIs and session management
- Developed protected dashboard and admin-facing views
Infrastructure
- API gateway pattern with separated frontend and backend
- Environment-based configuration for staging and production
Security
- JWT-based auth with refresh token rotation
- Role-based route protection
- API rate limiting concepts on sensitive endpoints
Internal Operations Dashboard
Internal operational tooling
An internal operations dashboard powered by Node.js and Express — providing visibility into system health, workflows, and day-to-day operational tasks.
Technologies
Responsibilities
- Designed RESTful API endpoints for operational data
- Built server-rendered views for internal tooling
- Implemented data aggregation for monitoring views
Infrastructure
- PM2 process management on Ubuntu servers
- Nginx reverse proxy with upstream routing
Security
- Internal-only access with authentication middleware
- Request validation with schema checks
- Structured error handling without data leakage
Server-Rendered Production Applications
Multi-site AWS deployments
Multiple production web applications built with EJS and Node.js, deployed on AWS EC2 with Nginx and PM2 — meeting uptime and performance requirements.
Technologies
Responsibilities
- Full-stack development from templates to database layer
- Server provisioning and deployment on AWS EC2
- Nginx configuration, SSL setup, and domain management
Infrastructure
- Ubuntu Server on AWS EC2 with PM2 clustering
- Nginx reverse proxy with gzip and caching
- Automated deploys via webhooks
Security
- Linux server hardening and SSH key-only access
- Security headers and secure Nginx configurations
- Incident response for malware and cryptominer remediation
Containerized Deployment Pipelines
Docker and CI/CD automation
Containerized deployment pipelines using Docker, GitHub Actions, and GitHub Container Registry — enabling reproducible builds and automated releases.
Technologies
Responsibilities
- Authored multi-stage Dockerfiles for lean production images
- Built GitHub Actions workflows for build, push, and deploy
- Integrated GHCR as the container image registry
Infrastructure
- Multi-stage Docker builds with layer caching
- GitHub Actions matrix and environment secrets
- Webhook-triggered rolling deploys to production servers
Security
- Non-root container execution patterns
- Secret rotation via GitHub encrypted secrets
- Image scanning awareness in CI pipelines
Journey
DevOps progression
How my technical path evolved — from writing frontend code to owning infrastructure, security, and deployment pipelines.
Frontend Development
HTML, CSS, JavaScript, and React — building responsive interfaces and component-driven UIs.
Frontend Development
HTML, CSS, JavaScript, and React — building responsive interfaces and component-driven UIs.
Backend Systems
Node.js, Express, REST APIs, and databases — shipping full-stack features end to end.
Backend Systems
Node.js, Express, REST APIs, and databases — shipping full-stack features end to end.
Linux Administration
Ubuntu server management, SSH hardening, process supervision, and production troubleshooting.
Linux Administration
Ubuntu server management, SSH hardening, process supervision, and production troubleshooting.
AWS Infrastructure
EC2 deployments, S3 storage, CloudWatch monitoring, and cloud-native operational patterns.
AWS Infrastructure
EC2 deployments, S3 storage, CloudWatch monitoring, and cloud-native operational patterns.
Docker & CI/CD
Containerized workflows, GitHub Actions pipelines, and automated deployment through GHCR.
Docker & CI/CD
Containerized workflows, GitHub Actions pipelines, and automated deployment through GHCR.
Security Hardening
Server hardening, GuardDuty monitoring, incident response, and practical DevSecOps practices.
Security Hardening
Server hardening, GuardDuty monitoring, incident response, and practical DevSecOps practices.
DevOps Engineering
Bridging development and operations — infrastructure as code mindset, observability, and reliability.
DevOps Engineering
Bridging development and operations — infrastructure as code mindset, observability, and reliability.
Future DevSecOps Goals
Deeper automation, policy-as-code, advanced threat modeling, and security woven into every pipeline stage.
Future DevSecOps Goals
Deeper automation, policy-as-code, advanced threat modeling, and security woven into every pipeline stage.
Infrastructure
Production systems & security
Practical experience running and securing real infrastructure — not theoretical diagrams.
Production Architecture Overview
GitHub
Source + CI/CD
GHCR
Container Registry
AWS EC2
Ubuntu + Docker
Nginx
Reverse Proxy + SSL
PM2 / App
Node.js Services
AWS Deployments
rajesh@prod:~$ $ aws ec2 describe-instances --filters Name=tag:env,Values=production
State: running | Type: t3.medium
Platform: Ubuntu Server
Tags: env=production, role=application
Provisioned and maintained EC2 instances running Ubuntu with application stacks behind Nginx.
Nginx Reverse Proxy
rajesh@prod:~$ $ nginx -t && systemctl reload nginx
nginx: configuration file test is successful
upstream app_backend { server 127.0.0.1:3000; }
ssl_certificate configured | gzip enabled
Configured reverse proxies with SSL termination, gzip compression, and security headers.
PM2 Process Management
rajesh@prod:~$ $ pm2 list
┌────┬────────────────┬─────────┬────────┬──────┐
│ id │ name │ status │ cpu │ mem │
├────┼────────────────┼─────────┼────────┼──────┤
│ 0 │ api-service │ online │ 0.3% │ 89mb │
│ 1 │ web-dashboard │ online │ 0.1% │ 62mb │
└────┴────────────────┴─────────┴────────┴──────┘
Supervised Node.js processes with auto-restart, log rotation, and cluster mode.
Docker Workflows
rajesh@prod:~$ $ docker build -t ghcr.io/org/app:latest . && docker push ghcr.io/org/app:latest
Step 12/12 : CMD ["node", "server.js"]
Successfully built production image
Pushed to container registry
Multi-stage builds, lean production images, and registry-based deploy pipelines.
CI/CD Automation
rajesh@prod:~$ $ gh workflow run deploy.yml --ref main
✓ Build & Test — passed
✓ Docker Push GHCR — passed
✓ Deploy Production — passed
GitHub Actions pipelines for automated build, test, container push, and deployment.
Security Monitoring
rajesh@prod:~$ $ aws guardduty list-findings --finding-criteria ...
Finding: UnauthorizedAccess:EC2/SSHBruteForce
Severity: MEDIUM | Recent activity detected
Action: IP blocked via security group update
GuardDuty alerts, CloudTrail auditing, and proactive threat detection on AWS workloads.
Incident Response
rajesh@prod:~$ $ grep -r 'xmrig\|kinsing' /var/log/ /tmp/ 2>/dev/null
ALERT: Suspicious process detected
Action: Process terminated, cron entry removed
Action: SSH keys rotated, fail2ban updated
Status: System hardened, monitoring re-enabled
Real incident handling — cryptominer removal, malware cleanup, and post-incident hardening.
Server Hardening
rajesh@prod:~$ $ sudo ufw status && fail2ban-client status sshd
UFW: active | Default: deny (incoming)
Ports: 22/tcp (LIMIT), 80/tcp, 443/tcp
fail2ban sshd: active enforcement enabled
Firewall rules, fail2ban, SSH hardening, and least-privilege IAM across production servers.
Learnings
Technical background
Certifications, coursework, internships, and self-driven learning — focused on skills acquired, not job titles.
Cybersecurity Foundations
Hands-on exposure to offensive and defensive security through internships, bug bounty training, and network security certification.
- Reconnaissance and bug bounty hunting methodologies
- CNSS Certified Network Security Specialist (ICSI, UK)
- Virtually Testing Foundation cybersecurity program
- Gurugram Police Cyber Security Summer Internship
Cloud Computing
Practical cloud skills from Google Cloud Ready certification and production AWS deployments on EC2.
- Google Cloud Ready (Qwiklabs)
- AWS EC2, S3, CloudWatch, and CloudTrail in production
- Cloud-native monitoring and audit logging
Computer Science Fundamentals
Core engineering coursework covering algorithms, systems, databases, and object-oriented design.
- Data Structures and Algorithms
- Database and Information Systems
- Computer Organization and Architecture
- Object-Oriented Programming with Java
- Internet Technologies and web systems
- Probability, Statistics, and Numerical Analysis
DevSecOps & Infrastructure Learning
Actively expanding into infrastructure-as-code, orchestration, and security-integrated delivery pipelines.
- Kubernetes fundamentals and container orchestration
- Terraform and infrastructure-as-code practices
- DevSecOps — shifting security left in CI/CD
- Policy-driven deployments and secrets management
Version Control & Web Development
Structured learning in Git workflows and full-stack web development through certification courses.
- Git & GitHub Crash Course (Udemy)
- Web Development — HTML, CSS, JavaScript (Udemy)
Self-Driven DevOps & Infrastructure
Real-world skills acquired through deploying and maintaining production systems — not just tutorials.
- Nginx reverse proxy and SSL termination
- PM2 process management and zero-downtime deploys
- Docker containerization and GHCR image pipelines
- Linux server hardening and incident response
- Cryptominer detection, malware cleanup, and log forensics
Contact
Let's connect
Open to full-stack, DevOps, and security-focused opportunities. Reach out via any channel below.