Allan Riddel

Professional Summary

Systems and infrastructure engineer with 35+ years of hands-on experience spanning backend development, distributed systems, security engineering, and full-stack web applications. Not management or planning — writing and operating production systems. Over that career: production Rust services, Python ML pipelines, complex distributed failure diagnosis, enterprise middleware for global organizations, and full-stack applications across finance, healthcare, and insurance. I stay in the code.

🔧 Root Cause Analysis & Systems Troubleshooting

Senior-level escalation across enterprise environments with deep root cause analysis across distributed system layers: application tiers, database systems, middleware components, authentication mechanisms, and infrastructure services. Three decades spanning Windows and Linux platforms, web server technologies, monitoring solutions, and build automation tools. Systematic failure tracing through application logic, SQL operations, and infrastructure layers to underlying causes — not just symptoms. Architecture-level remediation that prevents recurrence. At RGA: top escalation point for international offices, routinely outperforming vendor support teams on complex multi-tier failures.

🚀 PQCrypta — Built from Scratch, Running in Production

Designed and built PQCrypta from scratch — a live platform running right now at pqcrypta.com. Full-stack cryptographic infrastructure: 86,000+ lines of Rust across 20+ modules, 500+ REST API endpoints, post-quantum cryptographic operations, Python ML threat detection pipeline, and a Three.js/WebAssembly frontend — all deployed on production infrastructure I set up and maintain. Source at github.com/PQCrypta.

Platform capabilities — all live and verifiable:

• 31 NIST-compliant post-quantum algorithms (ML-KEM-1024, ML-DSA-87, FN-DSA, SLH-DSA, HQC, ZK-proofs) with 100% workflow success rate
• Memory-safe Rust with constant-time cryptography, side-channel resistance, and PyO3 Python integration
• Bot threat detection with comprehensive behavioral analysis (TLS/JA3 fingerprinting, honeypots, ML classification)
• AI/ML pipeline: RAG chatbot with FAISS vector store, Groq OpenAI GPT-OSS 120B, PyTorch neural networks
• Production infrastructure: HTTP/3 WebTransport, hybrid TLS 1.3 (X25519MLKEM768), 5-minute health monitoring
• 60+ PostgreSQL tables with Redis caching, OAuth2/WebAuthn/TOTP authentication, full SLO tracking observability across 570+ endpoints

Open Source Projects — github.com/PQCrypta

• pqcrypta-proxy (open source) — 20,800+ LOC HTTP/3/QUIC reverse proxy: hybrid post-quantum TLS (X25519MLKEM768), JA3/JA4 fingerprinting, HMAC-secured circuit breakers, 6 load-balancing algorithms, GeoIP blocking, WAF, ACME automation, 142 passing tests
• PQC Binary Format v1.0 (open source) — Standardized self-describing binary format for PQC data interchange: 47 algorithms, 6 language bindings (Rust, Python, JS/WASM, Go, C/C++). Submitted to NIST for review. Published on crates.io, PyPI, and npm
• hmac-circuit-breaker (open source) — Security-focused Rust circuit breaker crate: HMAC-SHA256 on-disk state integrity, fail-open tamper semantics, Axum tower::Layer middleware. Published on crates.io
• pqcrypta-collector (open source) — Async Rust metrics collector and intelligence layer: 13 log sources, SLO tracking, statistical anomaly detection, disk-backed durable queuing, monitoring 570+ endpoints
• wtransport-patched — Patched wtransport 0.7.0 fixing close_reason() race condition panic; contributed upstream

Core strengths: backend development in Rust/Python/JavaScript, root cause analysis across complex distributed systems, security engineering (WAF, TLS, PQC, OWASP), and production infrastructure operations. Open to senior/staff individual contributor roles in backend development, systems/infrastructure engineering, DevOps, security engineering, or full-stack development.

🧠 AI/ML Architecture & Implementation

Integrated Groq API with OpenAI GPT-OSS 120B (400+ tokens/second, 128K context window, 120B parameters) for high-throughput LLM inference. Built advanced RAG chatbot using FAISS vector store with 384-dimensional embeddings (all-MiniLM-L6-v2) and hybrid search combining dense retrieval (FAISS) with sparse retrieval (BM25) and cross-encoder re-ranking (ms-marco-MiniLM-L-6-v2). Deployed PyTorch neural networks for performance prediction and algorithm selection, scikit-learn ensemble models (Random Forest, Gradient Boosting) for multi-criteria classification, and quantum algorithm simulations on classical hardware using Qiskit 1.4.5 and PennyLane 0.42.2 with variational quantum circuits for future quantum hardware readiness.

🔐 Security & Bot Threat Detection Systems

Built comprehensive threat detection platform analyzing 50+ dimensions: IP geolocation and ASN ownership, TLS fingerprinting (JA3/JA4), browser fingerprinting (WebGL, canvas, audio context, fonts, plugins), behavioral patterns (scroll, mouse, click, form interactions), request timing (burst detection, rhythm patterns, velocity), HTTP header analysis, cookie behavior, and user agent validation.

Implemented ML-based threat classification using PyTorch neural networks and ensemble models (Random Forest, SVM, XGBoost) with real-time attack vector probability analysis. Created honeypot system with trap fields, decoy endpoints, and hidden links. Built rate limiting with adaptive thresholds and reputation-based allowlisting.

Integrated PostgreSQL with connection pooling, parameterized queries, and comprehensive audit logging with threat correlation, geographic anomaly detection, and automated incident response. Established GDPR/HIPAA compliance monitoring with input validation and encrypted communication channels.

🔑 Cryptographic Implementation

Developed PyO3-based Rust-Python integration for ML model deployment within memory-safe cryptographic workflows. Built WebGPU compute shaders for accelerated polynomial operations with AVX-512 SIMD optimizations. Implemented streaming encryption with chunked processing for real-time operations and batch processing engine with distributed job management. Created ML-powered threat prediction with confidence scoring and model ensemble validation.

🏗️ Infrastructure & API Development

Designed and built pqcrypta-proxy (20,800+ LOC, open source): production HTTP/3/QUIC reverse proxy with hybrid post-quantum TLS (X25519MLKEM768, NIST Level 3), WebTransport, JA3/JA4 TLS fingerprinting with early-block capability, HMAC-secured circuit breakers, 6 load-balancing algorithms with session affinity and slow-start, GeoIP blocking, WAF with OWASP pattern detection, ACME/OCSP certificate automation, Prometheus metrics, and OpenTelemetry distributed tracing — 142 tests. Developed Rust API server with HTTP/3 WebTransport (Quinn/h3-quinn) and HTTP/2 (Axum framework) on Tokio async runtime. Built Python ML integration for threat detection, performance prediction, and algorithm selection. Created streaming encryption with chunked processing.

🎵 Music Platform & Audio Engineering

Built professional music platform featuring 24 original songs with Web Audio API integration for real-time frequency analysis. Implemented 8-frequency spectrum analyzer (bass, low-mid, mid, high-mid, treble, high, ultra-high, presence) with FFT size 256 and 0.3 smoothing constant. Developed beat detection algorithm with intelligent frequency smoothing using 10-sample window and dynamic gradient effects responding to frequency variance. Created WebGL-based audio visualizers with custom shaders, texture-based rendering, and real-time spectrum visualization at 60 FPS. Built PWA music player with offline capability, Web Share API integration, file handler protocols for audio files, and Edge Side Panel support.

🛡️ WAF & OWASP Top 10 Protection

Implemented custom WAF with comprehensive OWASP Top 10 protection: SQL Injection, XSS, Path Traversal, Command Injection, LDAP/XXE Injection, SSRF, Header Injection, File Upload Attacks, Brute Force, API Abuse, and Data Exfiltration detection. Built 91-column attack logging schema with OWASP-categorized pattern matching. Integrated 8 threat intelligence feeds (ThreatFox, URLhaus, Feodo Tracker, SSLBL, AlienVault OTX, SANS DShield, Binary Defense ATIF, OpenPhish) with 1-hour cache TTL. Developed dynamic blocklist generation with pqcrypta-proxy integration, geographic threat analysis, and automated IP blocking with whitelist management.

💻 Frontend Architecture (100+ JavaScript Modules)

Architected modular frontend with 100+ JavaScript modules including 25+ cryptography modules (WebAssembly SIMD, crypto workers, secure randomness), 15+ compression modules (ML-based selection, neural compression, streaming), 15+ ML/AI modules (federated learning, deep learning architectures, quantum-ML fusion), 15+ WebGL/WebGPU modules (Three.js 3D graphics, custom GLSL shaders, particle systems, 4D quantum cursor), and 15+ authentication modules (2FA management, WebAuthn hardware keys, behavioral validation). Implemented Service Workers for offline capability, IndexedDB for persistent storage, SharedArrayBuffer for parallel processing, and Broadcast Channel API for inter-tab coordination.

🌐 Geographic Visualization & Internationalization

Built 3D globe visualization system using Cesium.js and Leaflet.js for real-time geographic threat mapping, visitor tracking, and country-based analytics display. Implemented TopoJSON world atlas data integration with dynamic country highlighting and threat heat mapping. Created internationalization (i18n) framework with translations.js supporting multi-language content delivery and locale-aware formatting. Developed alert notification system with email delivery for critical security events, compliance violations, and system health alerts.

🍪 GDPR-Compliant Dual-Track Analytics

Built cookie consent manager using View Transitions API and Web Animations API with secure __Host- prefixed cookies, CSP-compliant architecture, and granular per-category consent controls. No analytics cookies are required to view the site. Implemented true dual-track system: anonymous server-side analytics (zero cookies, zero consent required — anonymized pageviews, device types, geographic data via GeoIP) run entirely independently of all user-side tracking. Consented analytics (session duration, bounce rate, scroll depth, click patterns, Core Web Vitals, performance timing via Navigation Timing API) are fully optional and activate only on explicit user choice. Chatbot persistence is separately gated behind its own consent toggle. Consent state stored in __Host-prefixed cookie with 365-day retention, version tracking, and timestamp. Dashboard displays both streams with clear separation; backend filters on consent_given for strict GDPR Article 7 compliance.

🗄️ Database Architecture (60+ Tables)

Designed PostgreSQL database with 60+ tables across 11 versioned migrations including health monitoring (17 tables with full endpoint tracking), security/WAF (12 tables with attack logging and pattern detection), analytics (8 tables with real-time aggregation), blockchain (6 tables with smart contract state), billing/subscriptions (9 tables with Stripe integration), ML/chatbot (6 tables with conversation history and embeddings), and honeypot system (3 tables with interaction tracking). Implemented connection pooling, parameterized queries, full-text search indexes, and automated backup systems.

🧪 Testing Infrastructure

Built comprehensive testing framework with 20+ test suites using Vitest, Playwright for E2E testing, and Chai/Sinon for assertions and mocking. Implemented security-specific test suites for CSP violation detection, WAF attack simulation, CORS validation, and nonce matching. Created API test suites validating all endpoints, compression algorithm testing (12 algorithms), cryptographic workflow validation (100% success rate on all 28 algorithms), and dashboard rendering tests. Established automated CI/CD validation with npm audit, ESLint security rules, bundle analysis, and production pre-deployment checks.

⚙️ DevOps & Automation

Implemented cron-based automation: 15-minute health check intervals running a compiled Rust binary that performs full cryptographic roundtrip validation (key generation → encryption → decryption) for all 31 algorithms against 166 endpoints, with Known-Answer Test fingerprint checks to detect silent primitive swaps; dynamic threat blocklist generation and WAF pattern updates; session and wizard state cleanup. Built 57 database migrations (50 enterprise + 7 collector) with sequential version control across three Rust services. Configured structured logging with Rust tracing crate, daily gzip rotation, per-day security event files, and HMAC-protected circuit breaker state in JSON. Established 3-tier monitoring with 30-second collection intervals: raw metrics (14-day retention), hourly aggregates (90-day), daily summaries (365-day); latency percentiles p5/p25/p50/p75/p95/p99; SLO tracking with 30-day error budgets, 7-day Z-score anomaly detection baseline, cross-domain correlation (CPU → DB latency → API error rate), and automated alert state machine (fire/resolve). Three systemd services (API, collector, proxy) with centralized TOML configuration and backup binary management.

🎮 PQC Challenge Mode - Interactive Learning Platform

Built gamified cryptography learning platform with 40 progressive challenges across 4 difficulty tiers (Beginner, Intermediate, Advanced, Expert) teaching post-quantum cryptography concepts through hands-on terminal-based exercises. Implemented 50+ command types covering ML-KEM key encapsulation/decapsulation, Ed25519/ML-DSA-87 digital signatures, zero-knowledge proofs (zkproof/zkverify), quad-layer encryption inspection, homomorphic operations, blockchain mining, VQE quantum optimization, and crypto-agility policy management. Created challenge engine with progress tracking, hint system, solution validation, and comprehensive puzzle library testing all API endpoints. Built WebGPU-accelerated terminal interface with syntax highlighting and real-time command feedback.

🌌 Quantum Entanglement Sandbox - Interactive Particle Physics

Developed Three.js particle physics playground simulating quantum entanglement behavior with 5,000 interactive particles. Implemented entanglement mechanics where particle pairs maintain correlated quantum states across distances with visual connection lines. Built physics engine with configurable gravity strength, entanglement strength, chaos factor, and interaction radius. Created multiple interaction modes (attract, repel, orbit, chaos) with mouse-driven particle manipulation and trail effects. Integrated WebGPU acceleration detection with automatic fallback to WebGL, post-processing pipeline with bloom effects and motion blur, adaptive quality scaling targeting 60 FPS, and real-time statistics display (FPS, active particles, entangled count, system energy). Built custom cursor system and responsive controls panel for parameter adjustment.