Alvaro Tellez, Developer in Frankfurt, Hesse, Germany
Alvaro is available for hire
Hire Alvaro

Alvaro Tellez

Verified Expert  in Engineering

IT Security Developer

Frankfurt, Hesse, Germany
Toptal Member Since
November 22, 2019

Alvaro is a technical consultant and back-end developer with a focus on Node.js and Java. In his last few projects, he has contributed to the development of applications/tools, analyzing problems and solving them, defining and implementing APIs, ethical hacking support, and vulnerabilities analysis.


IBM API Connect, Security, API Design, JavaScript, Spring, Java, Node.js
Vector ITC group
CSS3, HTML5, JavaScript, Jakarta Server Pages (JSP), Java
Vector ITC group
JavaScript, Shell Scripting, Java




Preferred Environment

IBM API Connect, Jenkins, OpenShift, Confluence, Jira, Eclipse, Visual Studio Code (VS Code), Windows, Command Prompt (CMD), Git

The most amazing...

...project was to adapt and extend the Node-Red architecture until it could be used as a CI image with source code management, local security, and automatic tests.

Work Experience

IT Technical Advisor

2015 - 2019
  • Extended the Node-Red architecture to adjust the needs of the customer (CI, source control, tests, etc.).
  • Developed custom security policies for the API server.
  • Supported a variety of projects in all the phases: requirements definition, development, integration, and deployment to production.
  • Provided level 3 support, for both brownfield and greenfield projects.
Technologies: IBM API Connect, Security, API Design, JavaScript, Spring, Java, Node.js

Functional Analyst and Developer of Security Components

2015 - 2015
Vector ITC group
  • Defined and implemented security components (mainly signing methods) that were integrated into the client's customer applications.
  • Provided level 3 support regarding the security components and the client's customer applications themselves.
  • Maintained and developed visual templates for the client's customer applications.
  • Developed a few sets of Node.js applications as part of tools for internal use in the team.
Technologies: CSS3, HTML5, JavaScript, Jakarta Server Pages (JSP), Java

Integrator in customers' channels area

2010 - 2015
Vector ITC group
  • Defined and integrated different applications for different customer channels (internet, mobile, branches, and ATM).
  • Provided level 3 support of different applications inside those channels.
  • Developed applications for data migration, specifically related to the customer's credentials and their signing methods.
Technologies: JavaScript, Shell Scripting, Java

Extending the Architecture of Node-Red

Starting with the public version of Node-Red, I was on a 2-member team for extending its architecture in order to add more capabilities required to fit in the client's requirements, in terms of cloud-aware Docker image that was able to be deployed in a CI circuit.

In addition to the architecture, we prepared a whole set of modules with functionalities of the client's legacy systems so they could be easily integrated into the new developments.

Security Policies and A New CI Circuit for Them

I developed several security policies that were deployed in the client's IBM Connect instance. These policies were different scenarios, but mainly related to the security (customer log in, check permissions, check relations between some data, etc.)

These policies ran in the corresponding IBM Datapower, and I created the policies and a CI circuit to be able to develop this kind of policy out of the IBM tools and easily generate the release package.

Security Applications for Making the Applications Independent of The Different Authentications

The client had several security mechanisms, some of them were custom, and what I did was create a set of small applications and add-ons to be used in the different developments for being able to verify the security before starting the execution and to extract the needed information out of it.

User Credentials Migration Software

As part of a project for removing some legacy pieces, I did a set of applications to be run on a batch basis for extracting user credentials from LDAP and Oracle and migrate them to the destiny LDAP and database. The biggest challenge was the extraction and conversion of the secret keys (a password and a secret list of TANs) since they were encrypted in the source system in one way and they had to be encrypted in a totally different way in the destination.

Implementation of New Automatic Testing

Using the Postman collection already generated by the dev teams, I set in place a new automatic testing tool that uses Newman (Postman runner) to launch the tests of each application with the data according to the environment.

This tool could be used easily from the CI circuit.
2017 - 2019

Master's Degree in Computer Science

UNED - Spain

2016 - 2017

Master’s Course in Renewable Energies

Universidad de Zaragoza - Zaragoza, Spain

2001 - 2006

Technical IT Engineering Degree in Computer Science

Universidad Carlos III - Madrid, Spain


Node.js, Jenkins Pipeline


Node-RED, IBM API Connect, Git, Jira, Confluence, Jenkins, IBM DataPower


Java, JavaScript, HTML5, CSS3, PHP 7


Spring, Jakarta Server Pages (JSP)


Red Hat OpenShift, Windows, Visual Studio Code (VS Code), Eclipse, OpenShift


APIs, API Design, Platform as a Service (PaaS), LDAP, Command Prompt (CMD), Security, Shell Scripting, IT Security, Ethical Hacking, Data Migration

Collaboration That Works

How to Work with Toptal

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.


Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring