π Senior Application Security Engineer | Backend Architect | AI-Assisted Builder
I build secure, scalable, production-grade systems and leverage AI to accelerate both backend and frontend development. Experienced in leading engineering teams, architecting security platforms, and delivering enterprise solutions.
- π 6+ years in Application Security & Penetration Testing
- π Architect & Lead Developer of Security Assessment Platform (SIERA)
- π¨βπ» Backend Engineer (Golang, Node.js, PHP)
- π€ Using AI to accelerate development lifecycle (backend & frontend)
- 𧩠Strong in multi-tenant SaaS architecture & system design
- π₯ Led cross-functional engineering team (8 members)
- π― Focused on secure, scalable, and production-ready systems
-
π‘ Burp Suite Certified Practitioner (BSCP) β PortSwigger https://portswigger.net/web-security/e/c/5e8b4393196a8d90
-
π§ eLearnSecurity Web Application Penetration Tester eXtreme (eWPTX) β INE https://verified.elearnsecurity.com/certificates/07afa842-f330-4b78-ac3b-133417b98939
A multi-tenant HR platform designed with security-first architecture and built using AI-assisted development.
Backend
- Node.js + Express
- JWT Authentication (Access + Refresh Token via httpOnly Cookie)
Frontend
- Next.js 16 (App Router)
- React 18 + TypeScript
- Tailwind CSS
- Recharts (data visualization)
- Framer Motion (UI animation)
Database
- PostgreSQL
- RBAC (database-driven roles & permissions + dynamic menu mapping)
- Hardened HTTP headers using Helmet
- API Rate Limiting
- Secure token handling (httpOnly cookies)
- Structured logging using Pino
- Request logging middleware
- Audit logs with tamper-evident hash-chain design
- 𧩠Multi-tenant SaaS architecture
- π Security-first design (aligned with real pentesting experience)
- π€ Built using AI-assisted development (backend & frontend acceleration)
- βοΈ Production-ready with Docker-based deployment
- Container-based internal security testing platform
- Built with Golang, Node.js, PostgreSQL, Redis
- Designed for scalable vulnerability assessment workflows
- Used in enterprise security operations
- Vulnerability Assessment Automation Tools
- Backend Systems for Enterprise Applications
- Security Testing Workflows & Reporting Automation
- Golang, Node.js (Express), PHP (Laravel, CodeIgniter, CakePHP)
- PostgreSQL, Redis, Docker, Linux, CI/CD
- Web Security (OWASP Top 10)
- API Security Testing
- Manual Exploitation (Burp Suite)
- CVSS Risk Analysis
- Accelerating development lifecycle using AI
- Rapid prototyping & scalable system scaffolding
- π Security is not an afterthought β it is built-in by design
- βοΈ Systems must be scalable, observable, and production-ready
- π€ AI is a force multiplier, not a shortcut
- π Focus on real-world impact & maintainability
- πΌ LinkedIn: https://www.linkedin.com/in/achmad7113/
- π« Email: achmadfirdaus244@gmail.com
- π Indonesia
β Building secure systems, scaling engineering teams, and leveraging AI to move faster.