Senior Software Engineer · Platform · Application Security

Constantin Cosuleanu

I design, build and stabilise secure production software: platform services, APIs, enterprise integrations, cloud-native backends and automation with security, reliability and maintainability built into the delivery flow.

Profile

Pragmatic engineering for secure business systems

I combine hands-on software engineering with technical leadership. My focus is on reliable delivery: understanding the business process, choosing the right architecture, writing maintainable code and making sure systems are observable, deployable and secure enough for real production use.

I am comfortable working across the full delivery chain - requirements, solution design, backend services, frontend interfaces, integrations, infrastructure, CI/CD and production support - with special attention to secure implementation, automated quality gates and operational risk reduction.

01

Backend & platform engineering

PHP, Laravel, Symfony, Node.js, Express, Restify, ActionHero, JavaScript and TypeScript APIs built for maintainability, performance and real production use.

02

Application security & secure SDLC

Security-minded design and review around auth, authorization, input validation, dependency hygiene, secrets handling, automated checks, tests and safer release workflows.

03

Enterprise integrations

Business-critical data flows, SaaS integrations, queues, CSV processing, ERP/commerce workflows and operational tooling with validation, traceability and rollback thinking.

04

Cloud & infrastructure

AWS, Docker, Kubernetes, Helm, RDS, CloudFront, Lambda, EventBridge, CI/CD, logging and monitoring, with a practical approach to reliability, security and cost.

Application security focus

Security built into the engineering workflow, not bolted on at the end

My security background is practical and delivery-oriented: secure code review, defensive API design, careful auth and authorization boundaries, input validation, dependency hygiene, secrets/configuration handling, cloud exposure minimisation and automated quality gates in CI/CD.

Secure SDLC habits

Threat-aware planning, review checklists, OWASP-informed implementation, code-review feedback, regression prevention and security standards that fit the team workflow.

Automated quality gates

Unit, integration and E2E tests, linting/static checks, dependency audits, container and pipeline checks, plus AI-assisted review support to catch issues earlier.

Cloud-native security

AWS, Kubernetes, Helm and GitLab CI experience with attention to IAM, secrets separation, deployment safety, network exposure, observability and rollbackable releases.

Risk-aware integrations

Secure API usage, idempotent processing, validation of CSV/import workflows, queue reliability, error handling and auditability for business-critical operations.

AI-assisted delivery

Using AI and AI agents to move faster without lowering engineering standards

I use AI as part of the engineering workflow to shorten feedback loops, explore implementation options, catch code-review and security issues earlier and produce clearer project documentation. The goal is not to replace engineering judgment, but to amplify it: faster delivery, better coverage and fewer avoidable mistakes.

Faster implementation loops

AI agents help draft, refactor and validate code quickly while I keep ownership of architecture, security and maintainability.

Security-aware review support

AI-assisted checks help surface missing validations, risky edge cases, regressions, readability issues and incomplete error handling before review.

Documentation & test coverage

Documentation, unit tests, integration tests and E2E tests can be produced faster and kept closer to the actual code.

AI engines

ChatGPT, Claude, Codex, GitHub Copilot and Gemini - used pragmatically depending on the task, codebase and privacy requirements.

Selected work

Technical detail that belongs on a security-minded platform profile

Supply-chain and commerce systems

Technical leadership and implementation for supply-chain solutions and integrations involving Shopify, Fluent Commerce, Business Central/Dynamics 365, RabbitMQ, Snowflake, Retool and Zapier.

Operational automation with safeguards

Tools for high-volume order operations, CSV-based workflows, partial refunds, gift cards, SKU mapping, data validation and reporting, designed to reduce manual work, mistakes and operational risk.

Platform reliability and secure delivery

Database and infrastructure work including MySQL/RDS upgrades, encoding fixes, deployment pipelines, queue-based processing, cache strategy, production troubleshooting and controlled release practices.

Secure API and integration boundaries

REST APIs and integrations with attention to auth, authorization, validation, error handling, idempotency, traceability and safe data processing across business-critical systems.

Cloud-native operations

AWS, Docker, Kubernetes, Helm, GitLab CI and production support experience with practical concern for secrets, IAM, observability, network exposure and rollbackable deployments.

Streaming and media systems

Experience with JWPlayer, Wowza, AWS CloudFront, AWS MediaConvert, FFMPEG and streaming CDN integrations for video delivery and processing workflows.

Technical stack

Tools I use to deliver

Languages & frameworks

  • PHP
  • Laravel
  • Symfony
  • Zend
  • CodeIgniter
  • Node.js
  • JavaScript
  • TypeScript
  • Express
  • Restify
  • ActionHero
  • React
  • Next.js
  • Go
  • Android / Java
  • SQL

Application security

  • Secure SDLC
  • OWASP Top 10
  • Security-focused code review
  • Auth
  • Authorization
  • RBAC
  • Input validation
  • Secrets handling
  • Dependency hygiene
  • Automated quality gates
  • Threat modeling
  • Secure API design

Data, queues & integrations

  • MySQL
  • MariaDB
  • PostgreSQL
  • MSSQL
  • Snowflake
  • Redis
  • Memcached
  • RabbitMQ
  • MQTT
  • CSV pipelines
  • REST APIs

Cloud, DevOps & tooling

  • AWS
  • Docker
  • Kubernetes
  • Helm
  • Nginx
  • HAProxy
  • GitLab CI
  • Elastic / Kibana
  • Metabase
  • Puppeteer
  • BackstopJS

AI-assisted engineering

  • ChatGPT
  • Claude
  • Codex
  • GitHub Copilot
  • Gemini
  • AI agents
  • Code-review checks
  • Security review checks
  • Documentation
  • Unit tests
  • E2E tests

Let’s talk

Need a senior engineer who can build platform features and strengthen secure delivery?