Nikolay Konovalov

— Owned security-critical identity and access domains for 25+ months across a legacy B2B SaaS platform, including AuthN/AuthZ, SAML, RBAC/ABAC, and CSP hardening; addressed 20+ audit-driven findings across all severity levels, supported ~200 auth/access endpoints and flows, and became the solo continuity owner for 15+ months after the original team rolled off.

— Co-led delivery of an enterprise permissions redesign for a 15+ year-old monolith, helping ship an MVP in ~6 months and later becoming a primary owner for production bugs, follow-up fixes, and operational continuity after most of the original team rolled off.

— Owned critical-path registration, verification, login, and token lifecycle logic for ARR-impacting payment-linked flows, contributing to a customer-facing initiative with measurable ARR impact over 2 years and shipping production changes in roughly 2 weeks.

— Turned a fragile, high-risk account-merge workflow with 10 years of legacy complexity into an enforceable engineering system by adding CI guardrails for schema drift, preventing silent regressions as the data model evolves.

— Built LLM-assisted engineering tooling that connected Jira, observability, code search, and GitLab workflows to speed up debugging and investigation across tickets, logs, and code, helping shape ideas that later evolved into Coherence.

Stack: Python, Django, FastAPI, PostgreSQL, AWS, Terraform, Authentication, Authorization, IAM, SAML, OAuth, OpenTelemetry

— Achieved significant improvements in user acquisition metrics by improving the web onboarding flow:

• Increased first platform deposit by 11%

• Decreased referral cost by 32%

• Boosted promo redemptions by 35%

— Improved request traceability, logging, and monitoring across an event-driven architecture consisting of 7+ team-owned microservices, reducing time to identify and resolve issues.

— Built a scalable event aggregation service for Kafka messaging, maintaining an 99.9%+ SLO for 6 months.

— Drove team adoption of commit standards, documentation, debt removal, and bug-reporting hygiene to improve velocity and maintainability.

Stack: AWS, CircleCI, CI/CD, DataDog, Docker, JavaScript, Kubernetes, Kafka, Kotlin, Node.js, PostgreSQL, React, Redis, Ruby/Rails, Scala, Sentry, Terraform

— Built a custom CI/CD pipeline based on GitLab Auto DevOps and a self-hosted Kubernetes cluster as a proof of concept for migrating from Heroku and reducing hosting costs by 50%.

— Dockerized the application monolith into 6 services plus job workers.

— Proposed and helped implement a one-step UAT flow with Review Apps, resulting in 20% higher velocity and 0 monthly master reverts.

Stack: AWS, Docker, Ember.js, Google API, Heroku, MailChimp, Mixpanel, PostgreSQL, Redis, Ruby/Rails, Sidekiq, Stripe, Twilio

— Led cross-functional technical delivery for an e-commerce project, guiding 3 frontend engineers and coordinating with ~15 people across backend, DevOps, engineering leadership, design, and marketing.

— Shaped core architecture for Rails + Vue/Nuxt, covering Nuxt.js frontend structure, JSON:API serialization, and OAuth 2.0/JWT authentication.

— Resolved performance regressions causing up to 80% slowdown in a mobile-heavy e-commerce storefront by optimizing SQL queries, caching layers, CDN/HTTP/2 delivery, SSR behavior, and JavaScript bundle loading.

— Resolved a critical Nuxt.js SSR production incident caused by request-scoped API authentication state being cached in a shared Node.js singleton after a JS→TS migration; restored per-user request isolation and shipped a production fix within 20 hours.

Stack: Ruby/Rails, Vue.js, Nuxt.js, JSON:API, OAuth 2.0/JWT, MySQL, Redis, Sidekiq, Docker, Kubernetes, GKE, Google Cloud, Sentry, Rollbar

— Built an open-source e-commerce MVP in 3 weeks using Rails, Vue.js, Docker, and PayPal payments; published front-end and back-end repositories on GitHub.

— Transitioned from PHP/Laravel to Ruby/Rails through self-directed full-stack product development.

— Developed and launched paid cross-platform safeguarding software used by 350,000+ teachers and 4 million students in the UK and US, receiving strong end-user feedback.

— Identified inefficient bug tracker usage and introduced practical issue-reporting standards, improving turnaround time for common issues by 15%.

— Reduced development/production environment provisioning time from 8–16 hours to ~15 minutes using Vagrant-based automation.

Stack: CakePHP, Mailgun, MySQL, PHP, Vagrant, Vue.js, Webpack

— Owned maintenance and UX improvements across several legacy web projects, improving maintainability, performance, and delivery speed.

— Reduced turnaround time for critical bug fixes from ~8 hours to 1.5–2 hours by adding regression tests around fragile legacy flows.

— Built a secure Stripe-based subscription payment flow for a product used by 500+ users, integrating Stripe API/webhooks, structured error logging, and Mailgun alerts.

— Improved engineering quality through code reviews, CI, and TDD practices.

Stack: CodeIgniter, Laravel, Mailgun, MySQL, PHP, TypeScript, Vue.js, Webpack, jQuery

— Served as the primary contributor and technical owner for custom Moodle LMS plugins, focusing on maintainability, documentation, and long-term extensibility.

— Helped the client launch two months earlier by rapidly prototyping reusable Moodle blocks and modules.

— Led QA, release testing, and support for a Moodle-based open-source education platform.

— Owned final release checks for new features and translated recurring customer issues into engineering fixes.

— Mentored 5 junior developers.