Menu

📍 Kishangarh (Ajmer) • Rajasthan • India

Secure, Scalable & High-Performance Backends
with Laravel • MySQL • APIs • Cyber Security

Hi, I’m Anil Kumar Sen — a passionate Backend Software Engineer focused on building scalable, secure, and high-performance systems. Since 2021, I’ve worked on APIs, integrations, real-time systems, payments, and cybersecurity with a “security-first” and “performance-oriented” approach.

Download CV 📞 Call 🔗 LinkedIn 💻 GitHub Instagram
🌐 English (Learning), Hindi (Fluent)
⚡ Quick Facts
📍 Based in:

Near Post Office, Kayasth Mohalla,
Kishangarh, Ajmer (Rajasthan)

🛠 Core Stack:

PHP (Laravel), MySQL,
JavaScript, jQuery, Bootstrap

⚙ DevOps:

WHM/cPanel, Hostinger,
GitHub CI basics, Cron automation

🔐 Security:

Cyber Security, Pen-Testing mindset,
VAPT, OWASP, AD/Kerberos basics

About Me

Hi, I’m Anil Kumar Sen. I am a passionate and result-oriented Backend Software Engineer focused on building scalable, secure, and high-performance systems.

I started my career in the IT industry in November 2021 and over the past nearly 4 years, I have developed strong practical skills in backend development, integrations, real-time systems, and cybersecurity. My technical approach has always been “security-first” and “performance-oriented”, ensuring that every solution I deliver is reliable, maintainable, and production-ready.

My Career Journey

1. Xcugas Technologies — Kishangarh (First Practical Exposure)

My professional journey started at Xcugas Technologies, Kishangarh, where I gained exposure to real-world development workflows, team collaboration, and basic-to-intermediate architecture. I worked on practical PHP and Flutter projects, understood frontend-mobile integration, gained experience in consuming and producing APIs, and learned to collaborate on a shared codebase. I also adopted coding conventions, version control, and industry-standard development practices, which strengthened my foundation and developed a production-oriented mindset.

2. Aptech — Ajmer (Training / Applied Projects)

At Aptech, Ajmer, I received structured training and worked on client-oriented projects, which helped me experience frontend-backend coordination and the project delivery lifecycle. Here, I refined my skills in frameworks, version control, and deployment workflows, while also developing a strong problem-solving mindset for practical challenges.

3. Saer Technologies Pvt. Ltd. — Jaipur (Current)

Since April 2023, I have been working as a Backend Software Engineer at Saer Technologies, Jaipur. My primary responsibility is the design and implementation of production-grade backend systems. I had the opportunity to work as a backend lead for a major product, ServiceTasker (Australia) — a lead-generation and service marketplace platform. Here, I designed the complete backend architecture, built scalable RESTful APIs, integrated real-time communication (chat/notifications), and implemented secure payment flows (Stripe, Razorpay, Webhooks).

More...

Core Competencies & Skills

Backend & APIs

Laravel (PHP) RESTful / JSON APIs Middleware & Validation Queues & Background Jobs Authentication & RBAC Real-time Chat / Notifications Cron & Automation

Data & Performance

MySQL Schema Design Relations & Indexing Query Optimization N+1 Fixing / Joins Caching (Redis) Partitioning & Archiving Transactions & Concurrency

Security & DevOps

Cyber Security OWASP Top 10 VAPT & Pentesting (THM, Burp) XSS / SQLi / CSRF / IDOR Kerberos / AD Basics cPanel / WHM / Hostinger GitHub Deployment & Monitoring

Projects Portfolio

🚀 Flagship Project — ServiceTasker

Platforms

About: ServiceTasker is a Lead Generation Platform similar to Airtasker & Oneflare, helping customers connect with service providers across multiple domains and countries — powered by a single backend system.

Role: I single-handedly designed and developed the complete backend architecture — including database schema design, REST APIs, third-party integrations (Stripe, Razorpay, Firebase, Pusher), authentication, RBAC, security hardening, automated invoicing, and even frontend variable binding & AJAX calls. (Only UI designing excluded.)

Why it stands out

  • One codebase running seamlessly across 5+ countries
  • Dynamic & automated lead pricing system
  • Custom invoice generation with secure payment flows
  • Integrated real-time chat & notifications
  • Advanced role-based access control (RBAC)
  • Regular VAPT & security-first development approach

Competitors (AU Market)

Airtasker Oneflare Bark Hipages ServiceSeeking

📌 Other Projects

Role: Worked as Backend Developer — building REST APIs, handling form submissions, setting up authentication, database design, and ensuring deployment stability with security-first coding.

Experience

SAER Technologies — Backend Developer (Apr 2023 – Present, Jaipur)

At SAER Technologies, I have primarily worked on ServiceTasker, along with multiple smaller projects. Since joining SAER, the majority of my focus has been on building and scaling ServiceTasker, while also contributing to other multi-domain projects.

  • Multi-domain backend with dynamic configs; secure & scalable APIs.
  • Stripe & Razorpay integrations, automated refunds & recurring billing.
  • Monthly & Custom Invoice Generation System.
  • Real-time chat (Pusher) & push notifications (Firebase).
  • RBAC, sensitive-data protection, cron-based automations.
  • Regular VAPT, black-box testing, vulnerability assessments.
  • Profile update alerts via email/mobile for compliance.

ServiceTasker — Lead Backend Developer (Apr 2023 – Present)

ServiceTasker is a multi-country lead generation platform operating across Australia, UK, USA, Canada, and New Zealand. I independently designed and built the entire backend architecture, including database schema, APIs, third-party integrations, security, real-time chat, notifications, and automated billing. Apart from frontend UI design, every server-side functionality was developed by me.

  • Single backend powering multiple domains with country-specific configs.
  • Dynamic lead pricing & automated invoice generation system.
  • Stripe & Razorpay payment gateway integrations.
  • Real-time chat (Firebase) & push notifications.
  • Advanced RBAC & data security implementations.
  • Regular VAPT, penetration testing & vulnerability patching.
  • Seamless frontend integration (AJAX calls & variable handling).

Aptec — Laravel & Flutter Developer (6 Months)

  • Optimized backend modules, indexing & performance tuning.
  • Secure authentication with email/phone verification.
  • Official mobile app (Flutter) & Student Enrollment System (Laravel).

Xcugas Technologies — Junior Flutter Developer (Nov 2021 – Oct 2022, Kishangarh)

  • Developed mobile app modules, API integrations, core php and frontend improvements.

Multi-Platform Environment

MacOS Linux Windows Android

Hands-on experience in setting up, managing, and developing applications across multiple operating systems, ensuring seamless deployment and cross-platform compatibility.

SEO Expertise & Implementation

I am an expert in On-Site SEO and Technical SEO. I have successfully implemented SEO strategies across multiple websites, including ServiceTasker.com.au. My approach includes clean site architecture, schema integration, optimized meta structures, and rich snippets implementation for better visibility and ranking on Google.

Core SEO Skills & Focus Areas:
  • Advanced On-Page SEO — Titles, Meta Descriptions, Internal Linking, and Keyword Optimization
  • Technical SEO — Page Speed Optimization, Mobile Responsiveness, and Core Web Vitals
  • Schema Markup Integration (Rich Snippets for articles, services, and products)
  • XML Sitemap, Robots.txt configuration, and Indexing strategies
  • Structured Data Testing and Google Search Console monitoring
  • Clean URL structures and canonicalization handling
  • Performance audits and SEO-friendly content structuring
SEO Tools & Platforms Used:
Google Search Console Google Analytics PageSpeed Insights GTmetrix Rich Results Test WebPageTest
Implementation Approach:

All SEO implementations are performed manually with data-driven analysis. Each change is validated using structured data testing tools and Google Search Console insights. I ensure the site structure supports both crawlers and users — delivering optimal ranking performance while maintaining fast load times and mobile responsiveness.

Cybersecurity Practice & Tools

Active practitioner of ethical hacking and defensive security — hands‑on labs on TryHackMe, PortSwigger, and controlled environments. Regularly perform VAPT-style assessments, vulnerability verification, and remediation recommendations with a security‑first mindset. Currently pursuing structured learning (CEH) and applying practical skills in bug‑bounty style workflows.

Vulnerabilities studied & tested (lab environment):
  • Cross-Site Scripting (XSS), HTML injection
  • SQL Injection (SQLi) and query hardening
  • Local & Remote File Inclusion (LFI / RFI)
  • Insecure Direct Object References (IDOR) & Broken Access Control
  • Cross-Site Request Forgery (CSRF)
  • Authentication/Session flaws and RBAC bypass scenarios
  • Denial-of-Service concepts and mitigation & detection strategies
  • Network enumeration, port scanning, and service fingerprinting
  • Reverse shell & C2/RAT analysis in isolated sandboxes for detection & defense
Lab practices & ethics:

All testing is performed in controlled labs, personal VMs, or authorized environments. My focus is on identifying issues, reproducing them safely, producing clear remediation steps, and implementing defensive measures (logging, monitoring, secure configurations). I follow responsible disclosure practices when applicable.

Achievements

40% faster queries & optimized DB
Indexing, relations, caching & query optimization across multi-domain systems
Secure Payment Integration
Stripe & Razorpay implemented with automated refunds, recurring billing & PCI compliance
Automated Billing & Invoicing
Dynamic lead pricing, monthly & custom invoices fully automated
Real-Time Systems
Firebase & Pusher for chat, notifications & live updates
Advanced Security
RBAC, VAPT, penetration testing & data protection implementations
Multi-Country Backend
Single backend powering multiple countries/domains with dynamic configs

Education & Certifications

Education

  • B.Com — MDSU Ajmer (2018)
  • Higher Diploma in IT — IANT (2012–2014)
  • Advanced PHP & Java — Star Infotech (2019, 10 months)

Certifications & Training

  • Higher Diploma in IT — IANT
  • Advanced PHP & Advance Java — Star Infotech College
  • Ethical Hacking — WsCube Tech
  • Advanced Diploma in Ethical Hacking — NSDC
  • Advanced Diploma in Ethical Hacking — Samyak (Pursuing)
  • Ongoing Cybersecurity Training — TryHackMe
  • Web App Security & Pen-Testing

Respects

https://oneledger.in/about-us
oneledger.in
https://girvimanagement.com/about-team
girvimanagement.com

Certificates

SAER Technologies
SAER Technologies (Currently Working)

Jaipur-based IT company delivering web, mobile, cloud, CRM/HRM, and digital marketing solutions to global clients.

ServiceTasker.com.au — Australian online marketplace with 40,000+ verified providers.

XCugas Certified
Junior Flutter Developer / Core PHP

XCugas Certified

WsCube Ethical Hacking
Ethical Hacking

WsCube Tech, Jaipur

NSDC Diploma
Advanced Diploma In Ethical Hacking

NSDC Certified

CEH Certificate
Advanced Diploma In Ethical Hacking (ADEH)

Samyak Computer Classes

iBirds
Advance PHP / Advance Java

Star Infotech College

Kirnani Technologies
Web Designing Certified

Kirnani Technologies

IANT
Higher Diploma in Information Technologies (HDIT)

IANT

Vivekanand ITI
UPS and Inverter Maintenance

Vivekanand ITI

Skills Flow

Implemented Deadlock Handling in Database Transactions

Designed and integrated a robust deadlock resolution mechanism in Laravel using DB::transaction() with lockForUpdate(). Ensured reliability under concurrent load by retrying failed operations, logging issues, and continuing execution gracefully.

Database-specific Error Codes

  • MySQL/MariaDB: 1213 (Deadlock), 1205 (Lock wait timeout)
  • SQL Standard: 40001 (Serialization failure)
  • PostgreSQL: 40P01 (Deadlock detected)
  • SQL Server: 1205 (Deadlock victim), 1222 (Lock request timeout)

Laravel Example

try {
    DB::transaction(function () use ($userId, $recordId, $data) {
        $row = DB::table('example_table')
            ->where('user_id', $userId)
            ->where('id', $recordId)
            ->lockForUpdate()
            ->first();

        if ($row) {
            DB::table('example_table')
                ->where('user_id', $userId)
                ->where('id', $recordId)
                ->update($data);
        }
    });
} catch (\Illuminate\Database\QueryException $e) {
    if (in_array($e->getCode(), [40001, 1213, 1205])) {
        sleep(2); // retry logic
        // re-run the transaction
    }
    Log::error("Transaction failed: " . $e->getMessage());
}

Portfolio Case Study – Google Search Console & Analytics Setup

1. Google Search Console Setup

Step 1: Add Property
  • Go to Google Search Console
  • Click Add Property
  • Select Domain or URL Prefix
  • Enter your website URL (e.g., https://www.example.com)
Step 2: Verify Ownership
<meta name="google-site-verification" content="dummy_verification_code" />
Step 3: Submit Sitemap
  • Create a sitemap.xml file.
  • Submit in Index > Sitemaps.
  • Example: https://www.example.com/sitemap.xml
Step 4: URL Inspection

Requested indexing of new pages for faster crawling.

Step 5: Robots.txt (Optional)
User-agent: *
Allow: /
Sitemap: https://www.example.com/sitemap.xml

✅ Now I can monitor search performance, keywords, and indexing issues.

2. Google Analytics (GA4) Setup

Step 1: Create Property

Login to Google Analytics → Create property My Portfolio.

Step 2: Set Up Data Stream
  • Choose Web Stream.
  • Website: https://www.example.com
  • Stream Name: Portfolio Website
  • Enable Enhanced Measurement
Step 3: Install Google Tag
<!-- Google tag (gtag.js) -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXXXX"></script>
<script>
  window.dataLayer = window.dataLayer || [];
  function gtag(){dataLayer.push(arguments);}
  gtag('js', new Date());
  gtag('config', 'G-XXXXXXX');
</script>
Step 4: Verify Installation
  • Check with Google Tag Assistant.
  • See Real-time Reports → 1 active user shown.
Step 5: Dashboard Insights
  • Track real-time visitors.
  • See traffic sources (Organic, Direct, Social).
  • Check most viewed pages.
  • Understand device usage (Mobile/Desktop).

Key Learnings

  • Search Console → Indexing, search queries, SEO fixes.
  • Analytics (GA4) → Visitor behavior, engagement.
  • Both provide full visibility of website performance.

Dummy Project Information

  • Website: https://www.example.com
  • Sitemap: https://www.example.com/sitemap.xml
  • GA Measurement ID: G-XXXXXXX
  • Verification Code: dummy_verification_code

Final Note

  1. Setup Google Search Console for SEO monitoring.
  2. Install & configure Google Analytics (GA4).
  3. Use insights to improve performance & UX.

🚫 Clickjacking: A Hidden Threat You Shouldn’t Ignore

Clickjacking is a UI-based attack where attackers load your website inside a hidden or transparent iframe and trick users into clicking buttons or links unknowingly. This can lead to unauthorized actions like form submissions, account changes, or even payments — all without the user's awareness.

🔒 How to Prevent Clickjacking

Add these security headers to block your website from being embedded anywhere:

<IfModule mod_headers.c>
   # Security Headers (Clickjacking Protection)
   Header always set X-Frame-Options "DENY"
   Header always set Content-Security-Policy "frame-ancestors 'none';"
</IfModule>

🛡 Why This Matters

  • Protects users from hidden malicious actions
  • Prevents UI redressing & deceptive overlays
  • Strengthens overall application security

✔ Final Note

  1. Always use X-Frame-Options for basic protection.
  2. Use CSP (Content Security Policy) frame-ancestors for modern & stronger security.
  3. Protecting the UI is as important as securing the backend.

Contact

Direct Reach

📞 Call LinkedIn GitHub Instagram