Available for opportunities

Hi, I'm Rajesh Paswan

Full Stack Developer | DevOps Engineer | Cloud & Security Enthusiast

Building scalable applications, automating infrastructure, and securing systems.

Full-stack developer with hands-on experience building and deploying production applications. Expertise spans frontend, backend, cloud infrastructure, deployment automation, and security hardening.

View Projects

About

Engineer who ships and secures

I bridge the gap between writing code and running it in production. My work isn't limited to frontend interfaces — I own the full lifecycle from development through deployment, monitoring, and incident response.

Full-Stack Development

Building production applications with React, Next.js, Node.js, and Express — from UI components to REST APIs and database layers.

Real-World Deployments

Not just local dev — I've provisioned AWS EC2 servers, configured Nginx reverse proxies, managed SSL certificates, and kept production sites running.

Self-Driven DevOps

Learned infrastructure through doing: Docker containerization, GitHub Actions CI/CD, PM2 process management, and webhook-based deploy automation.

Production Troubleshooting

Handled real incidents — cryptominer detection and removal, malware cleanup, log forensics, and post-incident server hardening.

Security-Minded Engineering

Security headers, rate limiting, IAM best practices, GuardDuty monitoring, and practical hardening woven into every deployment.

Automation First

I automate repetitive ops work — CI/CD pipelines, container builds, deploy scripts, and infrastructure patterns that scale with the codebase.

Skills

Technologies I work with

Categorized by domain — each tool listed here reflects hands-on experience, not resume padding.

Frontend

Modern interfaces from static sites to React and Next.js apps.

HTML5 & CSS3

Production

Semantic markup, responsive layouts, and accessible UI patterns.

JavaScript (ES6+)

Production

Async flows, DOM APIs, and modular application logic.

TypeScript

Proficient

Typed React and Node.js codebases with safer refactors.

Tailwind CSS

Production

Utility-first styling for fast, consistent UI delivery.

Bootstrap

Proficient

Rapid prototyping and legacy client site maintenance.

React

Production

Component-driven UIs with hooks and client-side state.

Next.js

Production

App Router, SSR/SSG, and production-ready React apps.

EJS Templates

Production

Server-rendered views for Node.js production websites.

Swiper.js

Proficient

Touch-friendly carousels and content sliders.

Owl Carousel

Proficient

Legacy carousel integrations on business websites.

Magnific Popup

Proficient

Lightbox and modal experiences for media galleries.

jQuery

Familiar

DOM manipulation on existing production codebases.

Progressive Web Apps

Proficient

Offline-ready experiences and installable web apps.

Backend

APIs, authentication, and server-side rendering with Node.js.

Node.js

Production

REST services, middleware pipelines, and production APIs.

Express.js

Production

Routing, validation, and modular backend architecture.

REST APIs

Production

Resource design, versioning, and integration patterns.

EJS SSR

Production

Dynamic HTML generation for multi-page applications.

Token Authentication

Production

Access and refresh token flows for secure sessions.

SMTP & Email

Proficient

Transactional email via Brevo and custom SMTP setups.

Databases

Document and relational data stores in production workloads.

MongoDB

Production

Schema design, indexing, and application data modeling.

MySQL

Proficient

Relational queries, migrations, and structured data.

phpMyAdmin

Proficient

Database administration and query debugging.

Cloud & AWS

AWS services for compute, storage, monitoring, and security.

AWS EC2

Production

Ubuntu server provisioning and application hosting.

AWS S3

Production

Object storage for assets, backups, and static files.

AWS CloudTrail

Proficient

API activity auditing and accountability trails.

AWS CloudWatch

Proficient

Metrics, alarms, and operational visibility.

AWS GuardDuty

Proficient

Threat detection and suspicious activity monitoring.

AWS Inspector

Proficient

Automated vulnerability assessments for workloads.

AWS SNS

Proficient

Alerting and notification fan-out for incidents.

AWS Athena

Working Knowledge

SQL analysis over CloudTrail and log data in S3.

DevOps

Deployment pipelines, containers, and Linux server operations.

Nginx

Production

Reverse proxy, SSL termination, and static asset serving.

PM2

Production

Process supervision and zero-downtime Node.js deploys.

Docker

Production

Containerized apps with reproducible environments.

GitHub Actions

Production

CI/CD workflows for build, test, and deploy stages.

GHCR

Proficient

Container image registry integrated with GitHub pipelines.

Linux (Ubuntu)

Production

Server administration, SSH hardening, and troubleshooting.

SSL & Domains

Production

Certificate management and DNS configuration.

CI/CD Pipelines

Production

Automated build-test-deploy across environments.

Webhook Deploys

Proficient

Push-to-deploy automation from Git events.

Security

Practical hardening, monitoring, and incident response experience.

Server Hardening

Production

SSH lockdown, firewall rules, and least-privilege access.

Security Headers

Production

CSP, HSTS, and Nginx header hardening.

Rate Limiting

Proficient

API abuse prevention and edge-level throttling.

API Protection

Proficient

Auth boundaries, input validation, and token hygiene.

CloudTrail Auditing

Proficient

Forensic review of AWS API and access patterns.

GuardDuty Monitoring

Proficient

Continuous threat intelligence for cloud workloads.

Vulnerability Assessment

Proficient

Surface scanning and prioritized remediation.

Incident Response

Production

Containment, root cause analysis, and recovery playbooks.

Malware Investigation

Proficient

Cryptominer detection, cleanup, and post-incident hardening.

Log Analysis

Production

Nginx, system, and application log correlation.

IAM Best Practices

Proficient

Role-based access, key rotation, and policy scoping.

Secret Rotation

Proficient

Credential lifecycle and secure environment management.

Testing & Tooling

Quality gates and developer workflow tooling.

Playwright

Familiar

End-to-end test flows for critical user paths.

Jest

Familiar

Unit and integration tests for Node.js services.

Zod

Familiar

Runtime schema validation at API boundaries.

Sentry

Familiar

Error tracking and production observability.

Git & GitHub

Production

Branching workflows, PR reviews, and release management.

Projects

Featured work

Production systems I've built and deployed — spanning public websites, authenticated portals, internal tooling, and automated infrastructure.

Public Web Platform

Client-facing web application

Next.js

A modern, responsive public website built with Next.js — optimized for performance, mobile-first layouts, and a polished end-user experience.

Technologies

Next.jsTypeScriptTailwind CSSReact

Responsibilities

  • Designed and implemented responsive page layouts
  • Optimized assets and rendering for fast page loads
  • Structured content for maintainable component architecture

Infrastructure

  • Static generation and edge-friendly deployment
  • CDN-ready asset pipeline

Security

  • Security headers via hosting configuration
  • Input sanitization on dynamic content surfaces

Membership Portal

Authenticated web application

Auth

A membership management portal with backend integrations for user management, protected routes, and operational workflows.

Technologies

Next.jsNode.jsREST APIsToken AuthenticationMongoDB

Responsibilities

  • Built authentication flows with access and refresh tokens
  • Integrated membership APIs and session management
  • Developed protected dashboard and admin-facing views

Infrastructure

  • API gateway pattern with separated frontend and backend
  • Environment-based configuration for staging and production

Security

  • JWT-based auth with refresh token rotation
  • Role-based route protection
  • API rate limiting concepts on sensitive endpoints

Internal Operations Dashboard

Internal operational tooling

Node.js

An internal operations dashboard powered by Node.js and Express — providing visibility into system health, workflows, and day-to-day operational tasks.

Technologies

Node.jsExpress.jsREST APIsMongoDBEJS

Responsibilities

  • Designed RESTful API endpoints for operational data
  • Built server-rendered views for internal tooling
  • Implemented data aggregation for monitoring views

Infrastructure

  • PM2 process management on Ubuntu servers
  • Nginx reverse proxy with upstream routing

Security

  • Internal-only access with authentication middleware
  • Request validation with schema checks
  • Structured error handling without data leakage

Server-Rendered Production Applications

Multi-site AWS deployments

AWS

Multiple production web applications built with EJS and Node.js, deployed on AWS EC2 with Nginx and PM2 — meeting uptime and performance requirements.

Technologies

Node.jsExpress.jsEJSMySQLNginxPM2AWS EC2

Responsibilities

  • Full-stack development from templates to database layer
  • Server provisioning and deployment on AWS EC2
  • Nginx configuration, SSL setup, and domain management

Infrastructure

  • Ubuntu Server on AWS EC2 with PM2 clustering
  • Nginx reverse proxy with gzip and caching
  • Automated deploys via webhooks

Security

  • Linux server hardening and SSH key-only access
  • Security headers and secure Nginx configurations
  • Incident response for malware and cryptominer remediation

Containerized Deployment Pipelines

Docker and CI/CD automation

Docker

Containerized deployment pipelines using Docker, GitHub Actions, and GitHub Container Registry — enabling reproducible builds and automated releases.

Technologies

DockerGitHub ActionsGHCRNginxLinux

Responsibilities

  • Authored multi-stage Dockerfiles for lean production images
  • Built GitHub Actions workflows for build, push, and deploy
  • Integrated GHCR as the container image registry

Infrastructure

  • Multi-stage Docker builds with layer caching
  • GitHub Actions matrix and environment secrets
  • Webhook-triggered rolling deploys to production servers

Security

  • Non-root container execution patterns
  • Secret rotation via GitHub encrypted secrets
  • Image scanning awareness in CI pipelines

Journey

DevOps progression

How my technical path evolved — from writing frontend code to owning infrastructure, security, and deployment pipelines.

Frontend Development

HTML, CSS, JavaScript, and React — building responsive interfaces and component-driven UIs.

Backend Systems

Node.js, Express, REST APIs, and databases — shipping full-stack features end to end.

Linux Administration

Ubuntu server management, SSH hardening, process supervision, and production troubleshooting.

AWS Infrastructure

EC2 deployments, S3 storage, CloudWatch monitoring, and cloud-native operational patterns.

Docker & CI/CD

Containerized workflows, GitHub Actions pipelines, and automated deployment through GHCR.

Security Hardening

Server hardening, GuardDuty monitoring, incident response, and practical DevSecOps practices.

DevOps Engineering

Bridging development and operations — infrastructure as code mindset, observability, and reliability.

Future DevSecOps Goals

Deeper automation, policy-as-code, advanced threat modeling, and security woven into every pipeline stage.

Infrastructure

Production systems & security

Practical experience running and securing real infrastructure — not theoretical diagrams.

Production Architecture Overview

GitHub

Source + CI/CD

GHCR

Container Registry

AWS EC2

Ubuntu + Docker

Nginx

Reverse Proxy + SSL

PM2 / App

Node.js Services

CloudWatchCloudTrailGuardDutySNS Alerts

AWS Deployments

aws-deploy

rajesh@prod:~$ $ aws ec2 describe-instances --filters Name=tag:env,Values=production

State: running | Type: t3.medium

Platform: Ubuntu Server

Tags: env=production, role=application

Provisioned and maintained EC2 instances running Ubuntu with application stacks behind Nginx.

Nginx Reverse Proxy

nginx-proxy

rajesh@prod:~$ $ nginx -t && systemctl reload nginx

nginx: configuration file test is successful

upstream app_backend { server 127.0.0.1:3000; }

ssl_certificate configured | gzip enabled

Configured reverse proxies with SSL termination, gzip compression, and security headers.

PM2 Process Management

pm2

rajesh@prod:~$ $ pm2 list

┌────┬────────────────┬─────────┬────────┬──────┐

│ id │ name │ status │ cpu │ mem │

├────┼────────────────┼─────────┼────────┼──────┤

│ 0 │ api-service │ online │ 0.3% │ 89mb │

│ 1 │ web-dashboard │ online │ 0.1% │ 62mb │

└────┴────────────────┴─────────┴────────┴──────┘

Supervised Node.js processes with auto-restart, log rotation, and cluster mode.

Docker Workflows

docker

rajesh@prod:~$ $ docker build -t ghcr.io/org/app:latest . && docker push ghcr.io/org/app:latest

Step 12/12 : CMD ["node", "server.js"]

Successfully built production image

Pushed to container registry

Multi-stage builds, lean production images, and registry-based deploy pipelines.

CI/CD Automation

cicd

rajesh@prod:~$ $ gh workflow run deploy.yml --ref main

✓ Build & Test — passed

✓ Docker Push GHCR — passed

✓ Deploy Production — passed

GitHub Actions pipelines for automated build, test, container push, and deployment.

Security Monitoring

security-monitoring

rajesh@prod:~$ $ aws guardduty list-findings --finding-criteria ...

Finding: UnauthorizedAccess:EC2/SSHBruteForce

Severity: MEDIUM | Recent activity detected

Action: IP blocked via security group update

GuardDuty alerts, CloudTrail auditing, and proactive threat detection on AWS workloads.

Incident Response

incident-response

rajesh@prod:~$ $ grep -r 'xmrig\|kinsing' /var/log/ /tmp/ 2>/dev/null

ALERT: Suspicious process detected

Action: Process terminated, cron entry removed

Action: SSH keys rotated, fail2ban updated

Status: System hardened, monitoring re-enabled

Real incident handling — cryptominer removal, malware cleanup, and post-incident hardening.

Server Hardening

hardening

rajesh@prod:~$ $ sudo ufw status && fail2ban-client status sshd

UFW: active | Default: deny (incoming)

Ports: 22/tcp (LIMIT), 80/tcp, 443/tcp

fail2ban sshd: active enforcement enabled

Firewall rules, fail2ban, SSH hardening, and least-privilege IAM across production servers.

Learnings

Technical background

Certifications, coursework, internships, and self-driven learning — focused on skills acquired, not job titles.

Security

Cybersecurity Foundations

Hands-on exposure to offensive and defensive security through internships, bug bounty training, and network security certification.

  • Reconnaissance and bug bounty hunting methodologies
  • CNSS Certified Network Security Specialist (ICSI, UK)
  • Virtually Testing Foundation cybersecurity program
  • Gurugram Police Cyber Security Summer Internship
Cloud

Cloud Computing

Practical cloud skills from Google Cloud Ready certification and production AWS deployments on EC2.

  • Google Cloud Ready (Qwiklabs)
  • AWS EC2, S3, CloudWatch, and CloudTrail in production
  • Cloud-native monitoring and audit logging
Computer Science

Computer Science Fundamentals

Core engineering coursework covering algorithms, systems, databases, and object-oriented design.

  • Data Structures and Algorithms
  • Database and Information Systems
  • Computer Organization and Architecture
  • Object-Oriented Programming with Java
  • Internet Technologies and web systems
  • Probability, Statistics, and Numerical Analysis
DevSecOps

DevSecOps & Infrastructure Learning

Actively expanding into infrastructure-as-code, orchestration, and security-integrated delivery pipelines.

  • Kubernetes fundamentals and container orchestration
  • Terraform and infrastructure-as-code practices
  • DevSecOps — shifting security left in CI/CD
  • Policy-driven deployments and secrets management
Developer Workflow

Version Control & Web Development

Structured learning in Git workflows and full-stack web development through certification courses.

  • Git & GitHub Crash Course (Udemy)
  • Web Development — HTML, CSS, JavaScript (Udemy)
Production Operations

Self-Driven DevOps & Infrastructure

Real-world skills acquired through deploying and maintaining production systems — not just tutorials.

  • Nginx reverse proxy and SSL termination
  • PM2 process management and zero-downtime deploys
  • Docker containerization and GHCR image pipelines
  • Linux server hardening and incident response
  • Cryptominer detection, malware cleanup, and log forensics

Contact

Let's connect

Open to full-stack, DevOps, and security-focused opportunities. Reach out via any channel below.

LinkedIn

rajeshpaswan

Professional network and technical discussions

GitHub

rajesh545862

Open source projects and code samples