About Experience Projects Skills Contact

Hi, I'm Manish Verma

Senior Software Engineer · Security-First Builder

I architect secure, distributed full-stack systems where performance and security aren't trade-offs— they're both non-negotiable. 4 years shipping production systems at scale.

View Projects Get in Touch
manish.json
{
"name": "Manish Verma",
"role": "Senior Software Engineer",
"experience": "4 years",
"location": "Bengaluru, India",
"stack": [
"ASP.NET Core", "Angular", "Go", "C#"
],
"security": "OWASP · NIST · CVSS",
"testCoverage": 90
}

// about me

Building Systems That Don't Break—
or Get Broken

4
Years of Experience
90%
Test Coverage Enforced
3
Projects Shipped
M.Tech
Information Security

I'm a Senior Software Engineer at Siemens Healthineers where I build full-stack features for distributed medical imaging systems used by hundreds of radiologists. My work sits at the intersection of engineering rigor and security discipline.

On the engineering side, I design low-latency RESTful APIs, DICOM-compliant microservices, and cloud-native deployments on Docker and Kubernetes. I believe maintainability is a feature, not an afterthought—hence the 90% test coverage.

On the security side, I lead OWASP Top 10 code reviews, perform threat modeling with the Microsoft Threat Modeling Tool, and prioritize vulnerabilities through CVSS scoring aligned with the NIST Cybersecurity Framework.

Outside work I build production-grade personal projects to sharpen my craft—from secrets managers with AES-256-GCM encryption to distributed systems in Go, including a horizontally-scalable job scheduler with PostgreSQL and Redis. I hold an M.Tech in Information Security from NIT Calicut.

// experience

Where I've Worked

Senior Software Developer
Siemens Healthineers — Bengaluru, India
July 2022 – Present
  • Built full-stack features on distributed medical imaging microservices serving 500+ radiologists, reducing initial bundle size by 35%.
  • Led OWASP Top 10 reviews and threat modeling aligned with NIST CSF, cutting critical security findings by 40%.
  • Maintained 90% test coverage across unit, integration, and E2E layers with NUnit, Playwright, and Cypress on Azure DevOps pipelines.
ASP.NET Core Angular C# DICOM OWASP Microservices Azure DevOps Docker NUnit Playwright

// projects

Things I've Built

Personal projects that go beyond the day job—security-first, production-grade, and fully shipped.

🔐
Secrets & Credential Manager

A production-grade secrets management platform with enterprise-level security baked in from day one.

  • AES-256-GCM encryption at rest, unique 96-bit IVs per secret; plaintext never persisted
  • RBAC with 3 tiers, JWT + refresh token rotation, BCrypt hashing, auto account lockout
  • Append-only SHA-256 audit trail covering full NIST CSF lifecycle
  • OWASP-aligned security headers: HSTS, CSP, X-Frame-Options
ASP.NET Core 8 Angular MongoDB AES-256-GCM JWT
Distributed URL Shortener with Analytics

Production-grade URL shortener achieving sub-1ms redirect latency with privacy-first analytics.

  • Redis cache-aside pattern; Base62 encoding across 56B+ combinations with deduplication
  • Sliding-window rate limiter (Redis): 10 shortens/min, 100 redirects/min per IP
  • SHA-256 IP hashing for GDPR compliance; async fire-and-forget click analytics
  • Clean Architecture: Core, Infrastructure, API layers; MongoDB Atlas + Upstash Redis
ASP.NET Core 8 Redis MongoDB Angular Clean Arch
⚙️
Distributed Job Scheduler in Go

Production-grade distributed background job scheduler built in Go with horizontal scalability and zero duplicate execution guarantees.

  • Goroutine-based worker pool (5 workers), buffered channel queue of 100, exponential backoff retries (3 attempts)
  • PostgreSQL SELECT FOR UPDATE SKIP LOCKED for atomic distributed job claiming across 3+ instances; Redis locking for defense-in-depth
  • Pluggable executor architecture via Go interfaces — add new job types (Email, Webhook) in under 30 lines without touching core logic
  • Pure net/http REST APIs (5 endpoints, no framework) with logging, panic recovery, CORS middleware, and graceful SIGTERM shutdown
Go PostgreSQL Redis Goroutines Distributed Systems
🤖
AI Agent Automation System

Telegram-based AI automation powered by OpenClaw and GPT for natural language command execution.

  • Modular agent architecture separating channel, orchestration, and tool execution layers
  • ASP.NET Core APIs for expense tracking callable as agent tools
  • OpenClaw tool execution framework dynamically routing user intents to actions
ASP.NET Core OpenClaw GPT Telegram API

// skills

Technical Toolkit

A broad foundation with deep specialization in backend systems and application security.

💻
Languages
C#TypeScriptJavaScript PythonGoJavaC++
🖥️
Frontend
AngularHTML5CSS3SCSS
⚙️
Backend & APIs
ASP.NET CoreRESTful APIs MicroservicesSignalR Event-Driven Architecture
🗄️
Databases
MongoDBRedis MySQLCassandra
🌐
Distributed Systems
KafkaRabbitMQ Pub/Sub MessagingDistributed Caching Fault-tolerant Architecture
☁️
Cloud & DevOps
DockerKubernetes Azure DevOpsCI/CD AWS EC2AWS S3Git
🔒
Security
OWASP Top 10Threat Modeling CVSS ScoringNIST CSF AES-256-GCMJWT RBACSSL/TLS
🧪
Testing
NUnitMoq PlaywrightCypress Integration TestingE2E Testing
🤖
AI & Tools
OpenAI APIGroq SDK GitHub CopilotAgile/Scrum

// education

Academic Background

Postgraduate
Master of Technology (M.Tech)
Computer Science & Engineering — Information Security
National Institute of Technology, Calicut
2022
Undergraduate
Bachelor of Technology (B.Tech)
Computer Science & Engineering
JSS Academy of Technical Education, Noida
2019

// contact

Let's Work Together

I'm always open to discussing interesting engineering challenges, security-first architecture, or new opportunities. Drop me a line—I read every message.

✉️
Email
mv005123@gmail.com
💼
LinkedIn
linkedin.com/in/manish-verma005
🌐
Website
itsmemv.com