OPERATIONAL

GET /muhammad-zohaib  →  200 OK

Muhammad Zohaib

Backend Engineer · Java / Spring Boot · AWS Cloud · DevOps

I build and run production backend systems — REST APIs, auth pipelines, and the infrastructure underneath them. BS Software Engineering student at University of Mianwali, currently shipping researchpaper.site on AWS EC2.

days building in production
3.80 CGPA / 4.00
30+ documented API endpoints
2 production Spring Boot systems

/about

Currently in Semester 7

I'm a BS Software Engineering student at University of Mianwali, based in Pakistan, focused on backend engineering with a growing pull toward DevSecOps and infrastructure work. Most of my learning happens by shipping — real deployments over local demos, PostgreSQL over H2, production incidents over tutorials.

Day to day I split time between a Windows machine (i7-14650HX, RTX 4070) for Spring Boot development and CI builds, and an Ubuntu laptop running as a self-hosted GitHub Actions runner — alongside an ARM64 EC2 instance in production.

institution University of Mianwali
program BS Software Engineering
status Semester 7 · In Progress
cgpa 3.80 / 4.00
location Pakistan
exploring Kafka · Kubernetes · RAG / pgvector

/skills

Stack

languages & frameworks

JavaSpring Boot Spring SecuritySpring Data JPA Hibernate

cloud & infrastructure

AWS EC2AWS RDSAWS S3 ElastiCacheDockerDocker Compose NginxGitHub Actions

databases & cache

PostgreSQLRedis OTP rate-limitingtoken blacklisting

security & apis

JWT + refresh rotationRBAC BCryptHTTPS / SSL Swagger / OpenAPI 3Postman

tools

SendGrid (SPF/DKIM)GitMaven IntelliJ IDEALinuxJira

cs fundamentals

DSAOOPMVC Operating SystemsNetworksDBMS

/projects

Production systems

Cloud-Native Research Paper Management System

4-role production platform · Live at researchpaper.site

Spring BootPostgreSQLRedis AWS EC2/RDS/S3/ElastiCacheDocker NginxGitHub ActionsSendGridMinIO
  • Architected role-isolated REST API for the full paper lifecycle — SUBMITTED → UNDER_REVIEW → ACCEPTED / REJECTED / REVISION — across Admin, Researcher, Reviewer, and Reader roles via @PreAuthorize.
  • Stateless JWT auth with refresh token rotation; access tokens verified in-memory. Redis OTP rate-limiting uses atomic setIfAbsent() to prevent race conditions under load.
  • Deployed on AWS EC2 behind Nginx with Let's Encrypt SSL, TLS 1.2/1.3 hardening, and HTTP→HTTPS redirect. RDS (PostgreSQL) + ElastiCache (Redis) as managed backends.
  • CI/CD via GitHub Actions: Maven build → Trivy scan → Docker image (SHA-tagged) → Docker Hub → SSH deploy — images built off-server to preserve EC2 memory.
  • Dual-mode object storage with AWS S3 + MinIO; SendGrid with SPF/DKIM domain auth for OTP email; 30+ endpoints documented via Swagger / OpenAPI 3 with a Postman collection.

ReveilleX — Smart Alarm Backend

Challenge-based dismissal engine for a Flutter alarm app

Spring BootPostgreSQLRedis Docker ComposeJWTSpring Security
  • Secure REST backend with JWT auth, refresh token rotation, and a locked-down Spring Security filter chain.
  • Server-side challenge validation engine for math and QR-based alarm dismissal workflows.
  • Redis for session/token lookups, PostgreSQL for alarm and user persistence via Spring Data JPA.
  • Diagnosed and fixed a Jackson version conflict and duplicate Spring Security filter registration caused by transitive dependency clashes, resolved via explicit version pinning in pom.xml.

/certifications

Log

2026-06 AWS Certification — EmpRadar view →
2026-06 CI/CD — EmpRadar view →
2026-06 Git — EmpRadar view →
2026-02 Get the Most Out of Jira — Atlassian University sprint planning, backlog, epics

/contact

Let's talk

Open to backend and DevOps roles. Fastest way to reach me is email.