📍 Kishangarh (Ajmer) • Rajasthan • India
with Laravel • MySQL • APIs • Cyber Security
Hi, I’m Anil Kumar Sen — a passionate Backend Software Engineer focused on building scalable, secure, and high-performance systems. Since 2021, I’ve worked on APIs, integrations, real-time systems, payments, and cybersecurity with a “security-first” and “performance-oriented” approach.
Near Post Office, Kayasth Mohalla
Kishangarh, Ajmer (Rajasthan)
PHP (Laravel), MySQL
JavaScript, jQuery, Bootstrap
WHM / cPanel, Hostinger
GitHub CI basics, Cron automation
Cyber Security, VAPT
OWASP, AD/Kerberos basics
Backend Software Engineer & Cybersecurity Enthusiast
Hi, I’m Anil Kumar Sen. I am a passionate and result-oriented Backend Software Engineer focused on building scalable, secure, and high-performance systems.
I started my career in the IT industry in November 2021 and now have over 4 years of professional experience. My technical approach has always been “security-first” and “performance-oriented”, ensuring production-ready and maintainable systems.
1. Xcugas Technologies — Kishangarh
Worked on PHP, Flutter, APIs, frontend-mobile integrations. Gained exposure to real-world workflows, Git, and industry standards.
2. Aptech — Ajmer
Structured training and applied client projects. Improved deployment workflows and framework-level understanding.
3. Saer Technologies Pvt. Ltd. — Jaipur (Current)
Leading backend architecture for ServiceTasker (Australia). Built scalable REST APIs, real-time chat, Stripe/Razorpay flows, and secure systems.
PHP, Laravel, APIs, Middleware, Queues
MySQL, Indexing, Optimization, Replication
Firebase, Pusher, Stripe, Razorpay
VAPT, XSS, SQLi, IDOR, CSRF, RBAC
Scalable Laravel systems, API-driven architecture, RBAC, authentication, payment integrations.
Stripe, Razorpay, Webhooks, Firebase, automation systems.
OWASP testing, XSS, SQLi, security hardening & pentesting.
On-page SEO, schema, performance optimization, search stability improvements.
Backend architecture review, database optimization, scalability planning.
About: ServiceTasker is a Lead Generation Platform similar to Airtasker & Oneflare, helping customers connect with service providers across multiple domains and countries — powered by a single backend system.
servicetasker.com.au
servicetasker.co.uk
servicetasker.co.nz
servicetasker.ca
servicetasker.us
I single-handedly designed and developed the complete backend architecture — including database schema design, REST APIs, third-party integrations (Stripe, Razorpay, Firebase, Pusher), authentication, RBAC, security hardening, automated invoicing, and frontend variable binding & AJAX calls. (Only UI designing excluded.)
Worked as Backend Developer — building scalable REST APIs, handling dynamic form submissions, implementing secure authentication, designing optimized database schemas, and ensuring stable production deployment using security-first coding practices.
Apr 2023 – Present • Jaipur
At SAER Technologies, I have primarily worked on ServiceTasker, along with multiple smaller multi-domain projects. My focus has been on building scalable backend systems, secure APIs, and production-ready architectures.
Apr 2023 – Present
ServiceTasker is a multi-country lead generation platform operating across Australia, UK, USA, Canada, and New Zealand. I independently designed and developed the entire backend architecture. Apart from frontend UI design, every server-side functionality was built by me.
6 Months • Ajmer
Nov 2021 – Oct 2022 • Kishangarh
I specialize in On-Site SEO and Technical SEO. I have successfully implemented SEO strategies across multiple production websites, including large platforms like ServiceTasker.
My approach focuses on clean site architecture, schema integration, optimized meta structures, and rich snippets implementation — ensuring improved visibility, crawl efficiency, and ranking performance on Google.
All SEO implementations are performed manually using a data-driven methodology. Every structural or metadata change is validated using structured data testing tools and Google Search Console insights.
I ensure that the site architecture supports both search engine crawlers and real users — delivering optimal ranking performance while maintaining fast load times, mobile responsiveness, and technical stability.
Active practitioner of ethical hacking and defensive security — performing hands-on labs on platforms like TryHackMe, PortSwigger, and controlled virtual environments.
I regularly conduct VAPT-style assessments, vulnerability validation, and remediation planning with a security-first engineering mindset. Currently pursuing structured cybersecurity learning (CEH) while applying practical bug-bounty style workflows.
All testing is performed in controlled lab environments, personal virtual machines, or authorized systems. My approach focuses on:
My objective is not exploitation, but strengthening systems through secure coding, preventive controls, and continuous testing.
Improved database performance through indexing, optimized relations, caching strategies, and query profiling across multi-domain systems.
Implemented Stripe & Razorpay with automated refunds, recurring billing, webhook handling, and PCI-compliant flows.
Designed dynamic lead pricing models and fully automated monthly & custom invoice generation systems.
Integrated Firebase & Pusher for live chat, push notifications, and real-time system updates.
Implemented RBAC, VAPT testing, penetration testing, and data protection strategies across production systems.
Architected a single backend powering multiple countries and domains using dynamic configurations.
Designed and integrated a robust deadlock resolution mechanism in Laravel using DB::transaction() with lockForUpdate().
Ensured system reliability under concurrent load by:
Implemented cross-database retry strategies based on error-code detection to maintain transaction integrity.
try {
DB::transaction(function () use ($userId, $recordId, $data) {
$row = DB::table('example_table')
->where('user_id', $userId)
->where('id', $recordId)
->lockForUpdate()
->first();
if ($row) {
DB::table('example_table')
->where('user_id', $userId)
->where('id', $recordId)
->update($data);
}
});
} catch (\Illuminate\Database\QueryException $e) {
if (in_array($e->getCode(), [40001, 1213, 1205])) {
sleep(2); // Retry logic
// Re-run transaction safely
}
Log::error("Transaction failed: " . $e->getMessage());
}
This strategy ensures graceful degradation under concurrency pressure, minimizing downtime and preventing inconsistent data states.
Implemented full Google Search Console configuration for production websites to monitor indexing, keyword performance, crawl issues, and structured data validation.
This setup ensures proper domain verification, sitemap submission, and optimized search visibility monitoring.
Verified domain ownership using HTML meta tag verification.
<meta name="google-site-verification" content="dummy_verification_code" />
Alternative verification methods include DNS record and Google Analytics linkage.
This ensures faster discovery and structured crawling of important URLs.
Used URL Inspection tool to:
Configured robots.txt to support proper crawl directives:
User-agent: *
Allow: /
Sitemap: https://www.example.com/sitemap.xml
✅ Now able to monitor search performance, keyword impressions, indexing coverage, crawl stats, and technical SEO issues efficiently.
Implemented Google Analytics (GA4) to enable real-time visitor tracking, performance insights, traffic source analysis, and behavioral monitoring.
This setup allows data-driven decision making for SEO optimization, user experience improvements, and conversion tracking.
Enhanced Measurement automatically tracks scroll depth, outbound clicks, site search, video engagement, and file downloads.
<!-- Google tag (gtag.js) -->
<script async src="https://www.googletagmanager.com/gtag/js?id=G-XXXXXXX"></script>
<script>
window.dataLayer = window.dataLayer || [];
function gtag(){dataLayer.push(arguments);}
gtag('js', new Date());
gtag('config', 'G-XXXXXXX');
</script>
Integrated directly into the head section of the website to ensure accurate event and pageview tracking.
GA4 enables continuous performance monitoring and data-backed SEO and UX improvements.
Clickjacking is a UI-based attack where attackers load your website inside a hidden or transparent iframe and trick users into clicking buttons or links unknowingly.
This can lead to unauthorized actions such as form submissions, account setting changes, or even payments — all without the user’s awareness.
Add security headers to prevent your website from being embedded inside external iframes:
<IfModule mod_headers.c>
# Security Headers (Clickjacking Protection)
Header always set X-Frame-Options "DENY"
Header always set Content-Security-Policy "frame-ancestors 'none';"
</IfModule>
These headers ensure your application cannot be embedded inside malicious external websites.
Always use X-Frame-Options for basic protection. For modern and stronger security, implement Content-Security-Policy (CSP) frame-ancestors.
Protecting the UI layer is as important as securing the backend. A secure application must defend both the server-side logic and the user interaction layer.