Ivan Sedlak
Verified Expert in Engineering
Security Developer
Subotica, Vojvodina, Serbia
Toptal member since December 8, 2015
Ivan has over 12 years of professional hands-on experience using a wide range of Microsoft technologies, mainly on enterprise web applications, security, internet, and serverless functions. His previous position was in a private company working as a senior .NET full-stack developer, software architect, and team leader. He has worked primarily on large-scale projects. Ivan has been working with Toptal clients since 2015.
Portfolio
Experience
- .NET - 9 years
- C# - 5 years
- Security - 4 years
- ASP.NET Web API - 4 years
- Azure - 3 years
- Serverless Architecture - 2 years
- .NET Core - 2 years
- Azure Functions - 2 years
Availability
Preferred Environment
Azure, SQL Server Management Studio (SSMS), Visual Studio, Windows 10, Node.js, Visual Studio Code (VS Code), Zsh, Bash
The most amazing...
...thing I've coded is a serverless stack of nano and microservices that rapidly scale to the storm of the incoming requests.
Work Experience
Head of Engineering
Fintech Startup in Europe (via Toptal)
- Took over the legacy projects for a review and gave feedback to the client about the current status and what can be done to improve it.
- Designed and implemented completely new serverless architecture based on Azure Durable Functions along with data stores and other relevant infrastructure on Azure.
- Built tools for easier and faster request capturing, analysis, debug and replay of the requests once they started coming in large numbers in the live environment as it couldn't be done manually anymore.
- Helped team members make architecture decisions, implementation decisions, and the implementation itself, communicated with both the business and tech sides.
Lead and Senior Software Engineer
Major Telecommunications Firm in New York (via Toptal)
- Created web API endpoints with highly optimized throughput to support scaling up and scaling out.
- Optimized the existing codebase.
- Introduced a distributed cache using a Redis cluster to the existing codebase.
- Introduced Dapper lightweight ORM to manually optimize heavy-lifting SQL queries.
- Made general bug fixes and version updates for packages and/or framework version.
Security Lead
Major Telecommunications Firm in New York (via Toptal)
- Designed and implemented an in-house authentication endpoint for SSO.
- Implemented authentication using IdentityServer3 at its core and making it compatible with OpenID Connect, OAuth2, SAML2, WS-Federation, and more.
- Built a custom solution to suit the business needs along with the different authentication flows based on the subdomain (departments), 2FA, existing user migration from legacy store to ASP.NET Identity user store, administration UI for user store, and IdentityServer3.
- Developed custom flows for password recovery, linking the external provider’s user to the internal user and user lockout.
- Used dynamic middleware registration to achieve different behavior of the same deployed application on a different server (domain) to control the authentication flows.
.NET Web Developer
InnoSoft Canada, Inc. (via Toptal)
- Constructed database tables, diagrams, and stored procedures.
- Created complex SQL stored procedures to implement advanced scheduling algorithms.
- Built CSLA.NET business objects for ORM (object-relational mapping).
- Resolved security vulnerabilities in OWIN middleware implementation.
- Created web API controllers and action methods.
- Implemented Ajax calls to get data from Web API controllers and utilize it in appropriate partial views.
- Created a view to render SVG vector images based on data and the ability to download it as PNG with transparent background (for printing) or with a custom color background.
.NET Security Expert
FocustApps (via Toptal)
- Constructed a back-end library that standardized the security model.
- Implemented and designed the code that supports multiple identity providers using OWIN middleware.
- Engineered a custom change-aware lazy-load caching solution.
- Created an application and low-level database auditing solutions.
- Established standards for other developers to follow to make the solution easier to develop and maintain as well as being more secure.
Senior .NET Developer | Project Leader | Team Manager | Software Architect
Chinook Software
- Created a custom reusable code library for authentication, caching, auditing, and messaging.
- Built a custom Moneris API wrapper for online credit card processing.
- Developed and implemented custom shopping cart solutions.
- Programmed various functions with advanced custom features for Composite C1 CMS.
- Wrote complex SQL Server Agent jobs for data conversions, importing, and syncing.
Oracle Developer
InterSoft
- Designed ER diagrams based on BRD.
- Migrated Oracle forms from desktop to in-browser apps using Java.
- Maintained and supported existing Oracle DB instances.
- Created data imports from legacy data formats into a new Oracle DB instance.
- Went on-site and got field experience in problem solving and solutions implementation for remote locations.
Experience
.NET Security Library
Some of the supported providers were Azure AD, custom SAML IdPs, ASP.NET Identity login, and Facebook. I also designed and implemented a custom change-aware lazy-load caching solution, application, and low-level database auditing solutions, various helpers, and base classes.
The library set a standard for other developers to follow and make their job easier as they could just use the exposed methods and properties, which made their code a lot easier to develop and maintain with one-line solutions to get current user properties, set claims, authenticate, access cached data, register a new user, authorize the user to access a resource, etc.
I had a great time working on this project as I enjoy designing the back-end libraries and standards to make developers' lives a bit easier and solutions more maintainable and secure.
.NET Web Development
After that I started working with CSLA.NET to create business objects that are used for ORM and making Web APIs to expose that data to specific set of security roles.
I also helped developers working on front-end to utilize exposed data using AJAX calls.
Most complex thing I worked on was the advanced scheduler that takes a lot of different things into consideration to determine available places and times and based on selected algorithm makes the scheduling, creates games and assigns teams. This was done in pure T-SQL to keep it as close to database as possible to avoid doing a lot of plumbing to get and write the data in CSLA.NET framework (avoided creating a lot of business objects). Scheduling works fast and has validations and data corruption prevention built in, even a read only mode (transactions are not persisted).
I had a great time working with the client. The work was well organized, using JIRA and daily Scrum and story grooming meetings. This was the biggest solution I've worked on and also the most complex T-SQL code I've written so far.
Web API Built from Microservices and Nanoservices
Authorization and routing were handled with APIM (reverse proxy on steroids). The data was kept in both SQL and NoSQL data stores depending on the use case. Rapid scaling capabilities, good solution design, and overall system stability handled all the spikes in live traffic without increasing the failure rate.
Education
Bachelor's Degree in Information Technology
ITS - Information Technology School - Belgrade
Skills
Libraries/APIs
LINQ, Entity Framework, Web API, OpenID, jQuery, Node.js
Tools
Visual Studio .NET, Postman, Hangfire, Fiddler, Jira, TFS, Git, Dapper, Visual Studio, Oracle Forms, Zsh
Languages
T-SQL (Transact-SQL), C#, HTML5, SAML, VB.NET, CSS3, XHTML, JavaScript, Bash, C#.NET
Frameworks
Entity 6, ASP.NET Identity, ASP.NET, ASP.NET Web API, .NET, ASP.NET MVC, OAuth 2, .NET Core, IdentityServer 4, IdentityServer 3, Swagger, Bootstrap, CSLA, Razor, AngularJS
Paradigms
Object-relational Mapping (ORM), Dependency Injection, Agile Software Development, DRY, Scrum, Serverless Architecture, On-demand Scaling
Platforms
Android, Windows, Azure Functions, Azure, NLog, Azure PaaS, Azure IaaS, Docker, Oracle, Visual Studio Code (VS Code)
Storage
SQL Server Management Studio (SSMS), Microsoft SQL Server, JSON, Redis Cache, DB, Redis, Elasticsearch
Other
Algorithms, Ajax, Architecture, Caching, Security Audits, Security, Data Structures, OWIN, Identity Server, CORS, OpenID Connect (OIDC), Optimization, SVG, Windows 10, Kentor, Payment Gateways, APIs
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring