Hi, I'm Francisco 👋

Backend Software Engineer

Engineering predictable architectures, secure data pipelines, and highly cohesive modular systems within the Java ecosystem. Currently transitioning toward low-level systems programming and AI-integrated backend solutions.

⚡ Engineering Focus & Standards

Concurrency & Performance Optimization

• Virtual Threads (Project Loom): Standard implementation using Spring Boot 3.x and Java 21+. I leverage the default virtual thread scheduler to maximize request throughput, eliminating the complexity of reactive stacks while maintaining a lightweight thread-per-request model.
• Persistence & Auditing: Systematic management of entity lifecycles through JpaAuditing for automated metadata tracking. Database performance is optimized via strategic indexing based on high-frequency business rules and the prevention of the N+1 query problem using EntityGraphs and Join Fetching.
• Scalable Caching Logic: Context-aware selection between Caffeine for local, ultra-low latency caching and Redis for distributed state management. Implementation is strictly reserved for Read-Heavy patterns where the Cache Hit Rate justifies the consistency overhead.

Architectural Design

• Modular Monoliths: Built upon strict Bounded Contexts to ensure domain isolation. I manage internal communication through synchronous calls for immediate logic and asynchronous processing for long-running tasks, maintaining a single-port deployment for architectural simplicity.
• Microservices & WebClient: For distributed environments, I implement non-blocking communication using WebClient, ensuring resilient inter-service requests and preventing blocking-I/O bottlenecks.

Security, Identity & OWASP Compliance

• OWASP Top 10 Alignment: My development process is governed by OWASP security principles. I prioritize the mitigation of Injection through Jakarta Validation and Parameterized Queries, and Broken Access Control via granular RBAC.
• Hardened JWT Implementation: High-security signing utilizing HS512. Efficiency is optimized by pre-decoding the Base64 secret key through a Singleton pattern, reducing computational overhead on every request.
• State-Synchronized Authorization: Architectural preference for lightweight JWTs complemented by a cached /me endpoint. This strategy ensures real-time permission updates and prevents the use of stale roles, maintaining strict consistency between the identity provider and the Resource Server.
• Vulnerability Mitigation: Token transport is strictly enforced through HTTP-Only, Secure, and SameSite=Strict Cookies, neutralizing XSS/CSRF vectors. I utilize standardized global exception handling via @RestControllerAdvice to prevent sensitive data exposure in error responses.

🤖 AI-Augmented Workflow

Controlled integration of specialized LLMs as engineering agents to optimize the development lifecycle.

• Accelerated Delivery: Scaffolding and repetitive code patterns via Gemini, QwenCode, and KiloCode.
• Automated QA: Rapid generation of Unit Tests (JUnit 5, Mockito, AssertJ) and E2E/Integration Tests (Testcontainers, H2), ensuring a robust TDD culture.
• Continuous Quality: Automated static analysis and code coverage reporting via SonarQube and JaCoCo.

🛠️ Technology Ecosystem

Core Frameworks

Persistence

Security

API Protocols

Messaging

Caching

Testing

Quality Analysis

DevOps & Build

IDEs & Environment

Management

AI Agents

🚀 Strategic Roadmap

I am transitioning toward languages that offer explicit resource control and lightweight runtimes for high-concurrency environments.

• Python [■□□□□□□□□□]
  Alternative backend and primary tool for AI integration and data orchestration.

• Rust [■□□□□□□□□□]
  Strategic migration for mission-critical tasks requiring memory safety and zero-cost abstractions.

• Go [■□□□□□□□□□]
  Lightweight runtime alternative to Java for concurrent microservices and system utilities.