Nima Shahmoradi — Toronto, ON
Senior Front-End Developer with 5+ years of experience designing and optimizing enterprise-scale web applications. Expert in React, TypeScript, and scalable component architectures — with a strong emphasis on performance, security, and maintainability.
┌───────────────────────┐ │ ███╗ ██╗███████╗ │ │ ████╗ ██║██╔════╝ │ │ ██╔██╗██║███████╗ │ │ ██║╚████║╚════██║ │ │ ██║ ╚███║███████║ │ │ ╚═╝ ╚══╝╚══════╝ │ │ │ │ > role: Sr. FE Dev │ │ > status: busy │ └───────────────────────┘┌──────────────────────────────────────────┐ │ │ │ ███╗ ██╗██╗███╗ ███╗ █████╗ │ │ ████╗ ██║██║████╗ ████║██╔══██╗ │ │ ██╔██╗██║██║██╔████╔██║███████║ │ │ ██║╚████║██║██║╚██╔╝██║██╔══██║ │ │ ██║ ╚███║██║██║ ╚═╝ ██║██║ ██║ │ │ ╚═╝ ╚══╝╚═╝╚═╝ ╚═╝╚═╝ ╚═╝ │ │ │ │ > role: Senior Front-End Developer │ │ > stack: React · TypeScript · Next.js │ │ > security: Secure SDLC · Threat Model │ │ > location: Toronto, ON │ │ > status: currently busy │ │ │ └──────────────────────────────────────────┘
Artifacts
Built and optimized a large-scale React dashboard for enterprise risk analysis, enabling users to paginate, filter, and transform complex datasets with high responsiveness. Improved maintainability through strict TypeScript contracts, reusable component architecture, and performance-focused rendering patterns.
Developed advanced pagination, filtering, and client-side data transformation logic for large enterprise datasets. Leveraged Redux Toolkit and React memoization patterns to reduce unnecessary re-renders and maintain smooth UI performance under heavy data loads.
Standardized shared UI patterns across enterprise applications by building reusable components with Material UI and Tailwind CSS. Improved design consistency, responsiveness, and accessibility while accelerating feature delivery through a more scalable component architecture.
Refactored legacy React modules into strongly typed, hook-based functional components to improve scalability and developer experience. Introduced reusable interfaces and stricter typing conventions that reduced ambiguity and made the codebase significantly easier to extend and maintain.
Modernized asynchronous data handling by integrating RTK Query to replace legacy fetch logic. Streamlined API communication, improved caching behavior, reduced boilerplate, and created a more predictable data flow across multiple enterprise application modules.
Next-generation Point of Sale interface for Volante Systems, improving transaction speed and UX by 35%. Built with React, Redux Toolkit, RTK Query, and styled with Material UI and Tailwind CSS. Integrated real-time inventory and sales analytics with Azure DevOps CI/CD.
Applied secure frontend engineering practices across React applications, including input validation, safer API interaction patterns, and mitigation of common web risks such as XSS, injection vectors, and insecure data exposure. Strengthened the security posture of production-facing interfaces without sacrificing usability.
Storybook-documented React component library with built-in XSS sanitization, CSRF token handling, and strict Content Security Policy headers. Production-ready with open-source distribution.
SOC analyst dashboard built with React and D3.js, ingesting simulated network logs and visualizing anomaly spikes, SYN flood patterns, and DDoS indicators in real time.
Full OAuth2 authorization code flow with PKCE and JWT refresh token rotation. Built with React and Node.js, covering token storage best practices and session hijacking prevention.
CI/CD pipeline with integrated SAST static analysis, dependency vulnerability scanning via npm audit and Snyk, and automated security gate enforcement before deployment on Azure Pipelines.
Built a full-stack SOC-style operations dashboard with live threat feeds over WebSockets, buffered event history, pause/filter controls, and keyboard shortcuts. Implemented a backend threat pipeline with configurable simulation modes, MITRE tactic to kill-chain mapping, event correlation into incidents (time-windowed, per-source-IP), geo intelligence, and IP reputation scoring. Delivered analyst-grade features: SOAR-style rules, blocked IP management, saved searches, incident notes, session replay, and report export — all persisted to SQLite.
Engineered a full-stack JWT vulnerability analysis platform that performs real attack simulations without JWT libraries, using manual base64url parsing and Node.js crypto. Implemented three parallel attack modules — alg:none downgrade forgery, HMAC brute-force via weak-secret dictionaries, and replay weakness detection across exp/nbf/jti/iat — each returning structured risk reports with MITRE ATT&CK-aligned tags. Built a React frontend with token paste/load/clear controls, instant client-side decode validation, and tabbed attack result visualization for SOC analyst and engineer workflows.
Chained XSS + CSRF + insecure JWT vulnerabilities in a React/Node.js app to achieve full account takeover simulation. Includes a detailed remediation report with code-level fixes.
Wireshark + Python pipeline that captures live traffic, parses PCAP files, and outputs structured threat reports identifying ARP anomalies, SSL handshake failures, and port scan signatures.
Work History
5+ years delivering production-grade frontend systems across insurance, gaming, and cybersecurity.
Pong Game Studios
Toronto, ON
Liberty Mutual Canada
Toronto, ON
HydroOne on behalf of NobleProg
Mississauga, ON
Technical Stack
A full-spectrum toolkit spanning front-end engineering, backend integration, secure software development lifecycle, and SOC-level security engineering.
Front-End
UI & Styling
Backend & APIs
Secure Coding & CSSLP
SOC & Security Engineering
DevOps & CI/CD
Cloud & Tools
Certifications
Microsoft Certified Solutions Expert: Security (MCSE)
Microsoft Certified Solutions Associate (MCSA)
Microsoft Certified Trainer (MCT)