Senior/Staff Software Engineer
Rust & C++ · Backend Systems · Distributed Architectures · CI/CD · High-Performance Applications

Solution-oriented, results-driven software engineer with 15+ years of experience in systems and backend development — currently specializing in Rust for authentication infrastructure, backend systems, and high-assurance applications. Skilled in Rust, Modern C++, and Python, with strong focus on architectural clarity, modularity, and automated testing.

• 🌍 Based in Yuba City, CA
• 🤝 Open to collaborating on backend systems, authentication infrastructure, or distributed systems in Rust

Currently developing tokn (OAuth2/OIDC/JWT authorization server) and integrating WebAuthn/Passkeys into axum-quickstart. Implementing RFC 6749/7636 compliance with automated protocol testing (10 security test scenarios covering PKCE, token rotation, scope enforcement). Applying cr8s CI/CD patterns to containerized authentication services.

Designing a real-time audio streaming system in Rust — rtp-opus-streamer — using RTP (RFC 3550) and Opus (RFC 6716). This work explores end-to-end systems behavior from audio capture through network transport to playback, with emphasis on production concerns such as network resilience, observability, and adaptive behavior under constrained conditions.

👉 📝 "Building Reliable Rust CI/CD: Lessons from Production Failures"
👉 📝 "What the Cloudflare Outage Teaches Us About Production Rust"

OAuth2/OIDC authorization server in Rust with RFC 6749/7636 compliance, PKCE flow, refresh token rotation, and automated protocol testing.

🔧 Highlights:

• Complete OAuth2 authorization server (RFC 6749) with PostgreSQL persistence
• JWT token service (RFC 7519) with HS256 signing and lifecycle management
• 5 REST API endpoints for complete token flows (generation, validation, refresh, revocation)
• AuthMiddleware for Bearer token validation on protected routes
• 10 automated integration tests validating all authentication flows and security scenarios
• Token rotation and JTI-based revocation using Redis TTL blacklist
• Clean Architecture with EMBP pattern and trait-based abstractions
• Comprehensive rustdoc with RFC references

🧪 Testing & Quality:

./scripts/test-jwt-service.sh

✅ Token generation & validation (HS256 signing, expiration)
✅ Refresh token rotation (prevents replay attacks)
✅ Token revocation & blacklisting (Redis-backed)
✅ Protected route authentication (JWT middleware)
✅ Security edge cases (missing tokens, revoked tokens)

Technical Stack: Axum, PostgreSQL (SQLx), Redis, Argon2id, jsonwebtoken, Docker Compose

📁 Complete Repository List — All GitHub repositories with descriptions

Core Expertise

• Rust & C++ Systems Programming
• Backend & Distributed Systems
• Authentication & Authorization (OAuth2/OIDC/JWT/WebAuthn)
• API Design (REST, gRPC, GraphQL)
• Cryptography & Zero-Knowledge Proofs

Languages

• Rust (since 2022; async, networking, systems)
• C / Modern C++ (STL, Boost)
• Python, Java, SQL
• WebAssembly (WASM)

Async & Networking

• Tokio, Async/Futures, reqwest
• WebSocket, TCP/IP, UDP, RTP
• Real-time streaming, packetized media transport
• Ethereum WebSocket Integration

Databases & Infrastructure

• PostgreSQL, Redis, SQLx, Diesel
• AWS (Lambda, Dev/Deploy)
• Docker / Docker Compose
• IronBank container hardening

Testing Strategies

• Unit & Integration Testing (Rust cargo test)
• Security Testing (OAuth2/JWT token lifecycle, rotation, revocation)
• E2E Testing (Playwright browser automation)
• API Testing (RESTful endpoint validation)
• CI/CD Integration (Docker service orchestration)

DevOps & CI/CD

• GitLab CI/CD, GitHub Actions (performance optimization, cross-platform workflows)
• Automated test execution with Docker orchestration

Web Frameworks & Middleware

• Axum / Rocket / Actix / Yew
• Axum middleware (authentication, request validation)
• Trait-based middleware composition

Monitoring & Observability

• Prometheus, Loki, Grafana
• Latency, throughput, and runtime metrics

Testing across multiple layers with emphasis on automation and isolation:

• Security Testing: 10 automated OAuth2/JWT tests (token lifecycle, rotation, revocation, middleware)
• Backend Integration: Database transaction testing, API endpoint validation, authentication flows
• Frontend E2E: User journey automation with Playwright
• CI/CD Integration: Automated test execution with Docker service orchestration
• Test Isolation: Proper database setup/teardown and transaction rollback patterns

Explicit Module Boundary Pattern (EMBP)

A Rust architectural pattern I've documented that uses gateway files (mod.rs, lib.rs, main.rs) to create explicit module boundaries and controlled dependencies. EMBP enables complete internal refactoring freedom while maintaining clean public APIs and clear architectural layers.

If you're hiring for backend, distributed systems, authentication infrastructure, or Rust-focused roles, feel free to reach out on LinkedIn.