Amir Malik

Senior Software Engineer

From San Francisco ๐Ÿ‡บ๐Ÿ‡ธ

Based in Bangkok ๐Ÿ‡น๐Ÿ‡ญ

Detail Oriented Creative Empathic Leadership Analytical Responsible
Go TypeScript Elixir JavaScript node.js Python Rust Ruby WebAssembly HTTP TCP/IP WireGuard OpenVPN Cocoa Win32 ESP32

๐Ÿ“Œ Qualifications

  • Over 10 years of software project management experience.
  • Formerly head of engineering for largest paid VPN provider in the world ($4MM monthly revenue, 1+ million active users).
  • Passionate about diving deep into systems and understanding top-to-bottom complexity.
  • Rapid application prototyping experience across mobile, desktop, and backend API platforms.
  • Systems architecture and implementation experience.

๐Ÿ’ป Work Experience

  • March 2010 – Present

    Pilvy LLC

    San Francisco, CA

    Managing a software consulting agency, leading product development, engineering, and managing third-party contractors. Currently specializing in VPN and cybersecurity, but have worked on a diverse set of projects, including:

    • ExecAPI - A distributed WebAssembly edge functions and workers platform. Built with Elixir/Erlang, Rust, Wasmtime.
    • KVdb - A NoSQL key-value database as a service and serverless developer platform for prototyping, metrics collection, web crawling, analytics applications, and more.
    • Business VPN - A cybersecurity solution and VPN service for SMBs based on our VPN Client/Server Toolkit product. Acquired by London Trust Media (makers of Private Internet Access VPN service) in 2018.
    • Pilvy VPN Server - A modern VPN server solution with extensive customizability and plugin support. Offered as an on-premise license or a hosted service.
    • PIA VPN for iOS - Client app for Private Internet Access VPN service. Uses generated iOS configuration profiles to deliver an easy-to-use VPN experience, instead of having users manually configure PPTP or L2TP/IPsec settings.
    • IVPN Client for Mac & Windows - Developed a custom OpenVPN client for IVPN that includes critical privacy and security features like insecure WiFi detection, DNS leak prevention, and firewall blocking.
    • VMware End User Computing Demo Portal - A turnkey Desktop as a Service (DaaS) that lets VMware's sales teams easily demonstrate the Horizon product suite to high-value customers.
    • CloudPlay - A Mac app that lets people quickly find and play music from a variety of sources.
  • December 2019 – December 2023

    SISU Ltd. / ์‹œ์ˆ˜(์œ )

    Seoul, Korea

    Designing and developing endpoint protection, password and identity management, and VPN solutions for customers around the world.

    • LoginWith - Authentication as a Service that lets websites add login with crypto web3 wallets using the LoginWith SDK. Supports Ethereum and Solana in the same API.

  • August 2021 – February 2022

    WithUno Inc.

    San Francisco, CA
    Software Engineer

    Uno is an identity manager that is a new take on password management and making authentication across the web easier and faster.

    • Developed the original prototype of the Uno iOS app in 2020 using React Native.
    • Created generic web automation engine that executes JSON "scripts" on web pages and single-page apps to support Uno's one-click sign-in experience. Like Puppeteer but with scripts written in JSON and running on mobile webviews and in-page browser extension content scripts. Interesting challenges in state persistence, HTML element detection using CSS selectors, XPath, etc.
    • Implemented browser extension UI and components.

  • August 2020 – March 2021

    Letter Technology, Inc. (YC S20)

    San Diego, CA
    Principal Software Engineer

    Letter is a new private bank and wealth management platform recently launched in the U.S.

    Design and development of core functionality in Letter's Event Sourcing microservices architecture prior to public launch, including:

    • Led development of internal admin tool that integrates Twilio Flex to provide a simple interface for customer support agents to access relevant information about customer accounts. Implemented security controls to require agents to request access to view customers' data by integrating push notifications in the mobile app.
    • Implemented secure storage of secrets and third-party tokens as a microservice backed by HashiCorp Vault.
    • Implemented notifications microservice, which consumes events from across the system, and sends out emails, SMS, and push notifications, depending on each user's notification settings. Corresponding functionality also implemented in the React Native-based mobile app.
    • Researched and prototyped debit card activation strategies in the mobile app, like embedding custom NDEF data in NFC tag at time of card manufacture/personalization.
    • Implemented workflow engine to allow use of business process modeling tools to more easily develop future products and services.

  • July 2018 – September 2019

    London Trust Media, Inc.

    Denver, CO
    Head of Private Business Network

    Product owner and technical team lead for a next-gen cybersecurity web filtering and endpoint protection product. Developed custom VPN client/server framework, IP packet filtering plugin architecture, DNS packet inspection and rewriting technology, and Single Sign-On (SSO). Designed end-to-end least-privilege event auditing framework with customer-controlled encryption keys.

  • April 2015 – February 2016

    London Trust Media, Inc.

    Los Angeles, CA
    Chief Technology Officer

    As CTO, created and managed technology strategy for Private Internet Access, the leading paid VPN service provider in the world, as well as other initiatives in the company.

    • Managed remote developer team across 3 times zones with minimal process.
    • Reduced customer support costs and workload by improving diagnostics reporting and building internal tools.
    • Handled technical recruitment, sourcing, interviewing candidates, negotiating offers, and onboarding.
    • Triaged and evaluated security vulnerabilities from researchers as part of PIA's Whitehat Alert Security Program.
    • Managed technical relationships with vendors, service providers, and B2B partners.
    • Prototyped new product ideas to help executives plan future roadmap.
    • Performed technical due diligence on potential startup investments and other M&A activity.

๐Ÿฅ‡ Awards & Acknowledgements

  • 7 January, 2014

    Apparatus, system, and method for SOAP access to data source procedures

    U.S. Patent - US 8,627,345

    An invention that dynamically exposes user-defined database functions (stored procedures) through a web service (e.g., REST API) without requiring the schema of the underlying data to be defined beforehand. Although the initial implementation used the XML-based Simple Object Access Protocol (SOAP) as was popular in the late 2000s, the invention is applicable to any network transport protocol.

๐ŸŽ“ Education

2003 – 2007

University of California, Santa Cruz

B.S. Computer Engineering

Presented senior design project paper โ€œUniversal Real-Time Navigational Assistance (URNA): An Urban Bluetooth Beacon for the Blindโ€ at HealthNet 2007 workshop at ACM MobiSys 2007.