B.E. Computer Engineering · M.S. Cybersecurity

☁

AWS Certified Solutions Architect

☕

10,000+ Users Served

🔐

M.S. Cybersecurity Webster University

Available · F-1 OPT · St. Louis, MO

Java Backend Engineer

AWS Solutions Architect Cloud Security Engineer Computer Engineer AWS Solutions Architect

5+ years building enterprise-grade Java microservices and multi-cloud AWS systems. AWS Certified Solutions Architect & Cloud Practitioner. Currently pursuing M.S. Cybersecurity Operations at Webster University — researching insider threat detection in AWS using behavioral analytics.

0+ Years Experience

0K+ Users Served

0.9% Uptime Achieved

0% MTTD Reduction

Let's Work Together View Projects

AWS Solutions Architect – Associate

AWS Cloud Practitioner

Scroll to explore

01 — About Me

Building systems
that scale and
stay secure.

I'm Anjan Rimal — a Java Backend Developer and AWS Certified Solutions Architect based in St. Louis, Missouri. I graduated with a B.E. in Computer Engineering from Nepal College of Information Technology and am completing my M.S. in Cybersecurity Operations at Webster University's George Herbert Walker School of Business & Technology (May 2026).

Over 5+ years at Aarambha Infosys, I designed and shipped systems that real organizations depend on: REST APIs and microservices serving 10,000+ users, 3-tier AWS platforms with 99.9% uptime, and security pipelines that cut threat detection time in half. I don't build demos — I build production.

My graduate research focuses on detecting insider threats in AWS environments using CloudTrail event logs, Athena SQL analytics, GuardDuty findings, and MITRE ATT&CK framework mappings — translating academic rigor into deployable security tooling.

02 — Experience

Where I Built
Real Things

Java Backend & Cloud Engineer

Aarambha Infosys · Kathmandu, Nepal

Jan 2021 – Jul 2024

99.9%Uptime

35%Cost ↓

50%MTTD ↓

$600/mo saved

Built RESTful APIs and microservices with Java/Spring Boot serving 10,000+ users; implemented Spring Security + JWT authentication + RBAC authorization; maintained 80%+ test coverage with JUnit 5 and Mockito.
Architected a production 3-tier AWS platform: ALB + Auto Scaling Groups, RDS Multi-AZ (PostgreSQL), S3 lifecycle policies — achieving 99.9% uptime and 35% storage cost reduction. Extended to Azure AKS and GCP Cloud Run for multi-cloud workloads.
Designed segmented VPCs (public/private/isolated subnets, NAT Gateways, NACLs, WAF + Shield Standard) and enforced least-privilege IAM with Permission Boundaries, SCPs, and cross-account assume-role for CI/CD pipelines.
Centralized observability: CloudWatch dashboards/alarms, CloudTrail → S3 → Athena detection queries, GuardDuty threat intelligence — cutting MTTD by 50%. Authored Python/Boto3 automation scripts saving ~$600/month in idle resources.
Containerized microservices with Docker; orchestrated on Kubernetes (EKS/AKS) with Helm charts; CI/CD via Jenkins + GitHub Actions; event streaming with Kafka; delivered E-Commerce API and Student Management System.

JavaSpring BootAWSKubernetesDockerTerraformKafkaPostgreSQLPython/Boto3GitHub Actions

Junior Java Developer

Aarambha Infosys · Kathmandu, Nepal

Feb 2019 – Dec 2020

Developed and maintained Java/Spring MVC REST APIs for internal business applications and client-facing services.
MySQL schema design and stored procedures; supported AWS EC2/RDS/S3 migration projects from on-premise infrastructure.
Introduced Docker containerization practices; wrote JUnit unit tests across existing codebases; collaborated in Agile/Scrum sprints.

JavaSpring MVCMySQLAWS EC2/RDSDockerJUnitAgile

Projects

Selected
Work

01 Security Research

Insider Threat Detection — AWS Native Pipeline

Research project architecting a complete behavioral analytics detection pipeline for insider threats in AWS environments. Ingests CloudTrail event logs → S3 → Athena SQL detection queries, correlates GuardDuty findings, and maps detected behaviors to MITRE ATT&CK tactics and techniques. Covers 5 real-world attack scenarios: privilege escalation via IAM role chaining, unauthorized S3 exfiltration, credential abuse, lateral movement through cross-account assume-role, and supply chain compromise via compromised Lambda functions.

Detection Coverage 5 MITRE ATT&CK scenarios

Stack CloudTrail → S3 → Athena → GuardDuty → SNS

Framework MITRE ATT&CK for Cloud

CloudTrailAthenaGuardDutyMITRE ATT&CKIAMPythonSecurity Hub

02 Cloud Architecture

3-Tier AWS Production Platform

Designed and deployed a production-grade 3-tier AWS architecture serving 10,000+ concurrent users. Frontend via CloudFront CDN, application layer with ALB + Auto Scaling Groups (EC2 Launch Templates with mixed On-Demand/Spot instances), database layer with RDS Multi-AZ PostgreSQL and ElastiCache Redis for session caching. VPC with public/private/isolated subnet design, NAT Gateways, VPC Flow Logs, WAF + Shield Standard for DDoS protection, KMS encryption at rest. Achieved 99.9% uptime SLA and 35% cost reduction through S3 Intelligent-Tiering and EC2 rightsizing automation.

Users 10,000+ concurrent

Uptime 99.9% SLA achieved

Cost Savings 35% + $600/mo automation

AWS EC2ALBAuto ScalingRDS Multi-AZElastiCacheWAFCloudFrontKMSTerraform

03 Backend · Microservices

E-Commerce Microservices Platform

Event-driven microservices backend with Product, Order, Notification, and User services. Each service independently deployable with its own PostgreSQL/MySQL schema. Inter-service communication via Kafka event streaming and Eureka service discovery. API Gateway for rate limiting and routing. Spring Security + JWT + OAuth2 for auth. Deployed to AWS EKS using Helm charts via GitHub Actions CI/CD pipeline with ArgoCD GitOps. 80%+ test coverage enforced at pipeline level.

Architecture Event-driven microservices

Test Coverage 80%+ enforced in CI

Spring BootKafkaDockerKubernetes/EKSHelmArgoCDJWTGitHub Actions

View on GitHub →

04 Multi-Cloud · IaC

Multi-Cloud Security & IAM Framework

Cross-cloud identity federation and security posture across AWS, Azure, and GCP. AWS side: IAM Permission Boundaries, SCPs across OUs, cross-account assume-role for CI/CD with minimal privileges. Azure: Azure AD integration, AKS RBAC policies, Azure DevOps service principal management. GCP: Cloud Run IAM bindings, GKE workload identity. Terraform modules for all three clouds. CloudWatch + CloudTrail + X-Ray unified observability. Python/Boto3 lambda functions for automated compliance drift detection.

Clouds AWS + Azure + GCP

IaC Terraform (modules, remote state)

AWS IAMAzure ADGCP IAMTerraformAnsiblePython/Boto3CloudFormation

Technical Skills

Full Stack
Depth

☕

Java Backend

Java

Expert

Spring Boot

Expert

Spring Security

Expert

Spring Cloud

Advanced

Hibernate / JPA

Expert

JWT / OAuth2

Advanced

REST APIs

Expert

Microservices

Expert

JUnit 5 / Mockito

Advanced

☁

AWS Cloud

EC2 / ASG / Launch Templates

Expert

VPC / Subnets / NAT / NACLs

Expert

IAM / SCPs / Permission Boundaries

Expert

RDS Multi-AZ / Aurora

Advanced

Lambda / ECS / EKS

Advanced

CloudTrail / Athena / GuardDuty

Advanced

CloudFront / Route 53 / ALB

Advanced

CloudFormation / CDK / Terraform

Advanced

WAF + Shield / KMS / Secrets Manager

Advanced

🔐

Security & Observability

MITRE ATT&CK Framework

Advanced

Insider Threat Detection

Advanced

GuardDuty / Security Hub

Advanced

OWASP Top 10

Proficient

CloudWatch / X-Ray / SNS

Advanced

Encryption / PKI / KMS

Proficient

🐳

DevOps & IaC

Docker

Expert

Kubernetes / EKS / Helm

Advanced

Terraform

Advanced

GitHub Actions / Jenkins

Advanced

ArgoCD / GitLab CI

Advanced

Kafka / Event-Driven

Advanced

Ansible / CloudFormation

Proficient

🗄

Databases

PostgreSQL

Expert

MySQL / Oracle SQL

Advanced

DynamoDB

Advanced

Redis / ElastiCache

Proficient

Aurora / RDS

Advanced

MongoDB / H2

Proficient

⚡

Multi-Cloud & Languages

Python / Boto3

Advanced

Azure AKS / Azure AD

Proficient

GCP Cloud Run / GKE

Proficient

SQL / Bash Scripting

Advanced

JavaScript

Proficient

05 — Education

Academic
Foundation

Aug 2024 – May 2026

M.S. Cybersecurity Operations

Webster University — George Herbert Walker School of Business & Technology

St. Louis, Missouri

Research Focus: Detecting and Mitigating Insider Threats in AWS Cloud Environments Using Native Security Services and Behavioral Analytics. Covers CloudTrail, Athena, GuardDuty, MITRE ATT&CK for Cloud, UEBA patterns, and preventive IAM controls.

Key Courses: CSSS-6000 Practical Research in Cybersecurity · Cloud Security Architecture · Digital Forensics · Incident Response

2016 – 2022

B.E. Computer Engineering

Nepal College of Information Technology (NCIT)

Kathmandu, Nepal · Affiliated with Pokhara University

Foundation: Data Structures & Algorithms · Computer Networks · Operating Systems · Database Management · Software Engineering · Object-Oriented Programming · Digital Systems

AWS

2026

AWS Certifications

Amazon Web Services

AWS Certified Solutions Architect – Associate (SAA-C03) Multi-tier architecture, VPC design, IAM, high availability, cost optimization

AWS Certified Cloud Practitioner (CLF-C02) Cloud concepts, AWS services, security, pricing, and support

Java Backend Engineer

Building systemsthat scale andstay secure.

Where I BuiltReal Things

Java Backend & Cloud Engineer

Junior Java Developer

SelectedWork

Insider Threat Detection — AWS Native Pipeline

3-Tier AWS Production Platform

E-Commerce Microservices Platform

Multi-Cloud Security & IAM Framework

Full StackDepth

Java Backend

AWS Cloud

Security & Observability

DevOps & IaC

Databases

Multi-Cloud & Languages

AcademicFoundation

M.S. Cybersecurity Operations

B.E. Computer Engineering

AWS Certifications

Let's buildsomethingremarkable.

Building systems
that scale and
stay secure.

Where I Built
Real Things

Selected
Work

Full Stack
Depth

Academic
Foundation

Let's build
something
remarkable.