Bengaluru, IN · Remote-first globally · Open to relocation

Debraj Paul

Technical Lead II — Backend / Platform · Node.js · TypeScript · AWS

11+ years designing, building, and operating distributed backend systems across media, fintech, food-tech, and travel. Deep in AWS-native architectures, event-driven platforms, and Backend-for-Frontend GraphQL. Currently shipping privacy-orchestration and multi-brand moderation at Warner Bros. Discovery supporting Food Network, CNN, Eurosport, Magnolia, Golf Digest, and MotorTrend.

Download CV GitHub LinkedIn Email

By the numbers

11+ yrs Building distributed backends Media · fintech · food-tech · travel
~50% Latency reduction Swiggy Dineout — POS event pipelines
95% Credit workflow automation PT Tujuh Asia — P2P lending platform
6+ Microservices orchestrated for GDPR/CCPA fan-out At Warner Bros. Discovery via OneTrust
GDPR / CCPA via OneTrust Multi-brand moderation in-house Kafka in production at scale 10+ POS systems integrated
Open to: Senior Staff / Principal Engineer · Senior Tech Lead · Technical Architect. Remote-first globally · Hybrid in India · Open to relocation. Comfortable across time zones.

Selected work

Warner Bros. Discovery via Robosoft Senior Software Engineer — Technical Lead II (promoted Jan 2026) Aug 2021 — Present · Remote

Global, high-traffic media platform serving multiple brands with personalization, CMS, BFF services, and compliance-critical workflows.

  • Built Node.js/TypeScript microservices for an in-house content platform powering Food Network, CNN, Eurosport, Magnolia, Golf Digest, and MotorTrend.
  • Architected AWS-native infrastructure (Lambda, ECS, SQS, SNS) with Infrastructure-as-Code; designed Lambda-vs-ECS deployment trade-offs per service.
  • Delivered a GraphQL Backend-for-Frontend for Food Network with auth, observability, and proactive monitoring.
  • Integrated OneTrust to enable GDPR/CCPA user-data access, deletion, and auditability across 6+ services.
  • Standardized REST and GraphQL API conventions adopted across teams; cut cross-team onboarding friction.
  • Introduced distributed tracing (OpenTelemetry) and Redis caching, reducing DB pressure and improving incident MTTR.

Two of the systems I built here are walked through with architecture diagrams in the section below.

Swiggy Dineout Senior Software Engineer Dec 2019 — Aug 2021 · Bengaluru

High-volume, event-driven integrations platform connecting POS systems, marketing, and user segmentation pipelines.

  • Designed and built an event-driven integration platform connecting 10+ third-party POS systems using Kafka and Redis.
  • Reduced transaction latency by ~50% through async pipelines, cache-aside, and partition-aware consumer scaling.
  • Built customer segmentation on MongoDB + ElasticSearch, driving ~25% uplift in user conversions and ~15% bounce-rate reduction.
  • Delivered three enterprise-grade microservices contributing to ~25% YoY revenue growth.
  • Owned Kafka topic schemas and backward-compatible event evolution strategy.
PT Teknologi Tujuh Asia Senior Software Engineer Nov 2018 — Dec 2019 · Jakarta

Fintech P2P lending platform with automation, risk assessment, and compliance requirements.

  • Built a P2P lending platform on Express.js + MongoDB + AWS; automated ~95% of credit workflows.
  • Improved loan approval accuracy by ~25% via system-driven decision pipelines; cut end-to-end processing time by ~50%.
  • Implemented OCR + facial recognition for KYC and an NLP-based scoring engine for risk analysis.
  • Reduced communication errors by ~90%, lifting customer satisfaction by ~20%.
Full Budget App Open Source · Personal project Aug 2025 · github →

Modular, multi-tenant SaaS budgeting platform. Ingests bank statements, enriches transactions via rule-based + AI categorisation, and serves a tenant-aware GraphQL API. Built as a pnpm monorepo on AWS serverless.

  • 3 Lambda services + 8 DynamoDB tables fully provisioned via AWS CDK; on-demand pricing throughout.
  • Fully event-driven ingestion: S3 → SQS → txn-loaders Lambda → DynamoDB Stream → tag-loaders Lambda — zero polling.
  • Multi-tenant isolation via tenantId partition key across all tables; JWT auth via SSM Parameter Store.
  • Hybrid categorisation: deterministic NLP rule engine first; Amazon Bedrock (Mistral) fallback for low-confidence matches — cost-optimised.
  • GraphQL API with Apollo Server 5 — 7 queries, 18+ mutations; auth (incl. refresh-token rotation), two-step uploads, financial reviews, forecasts, budgets, savings goals, sinking funds.
  • Observability: AWS X-Ray (10% sampling), CloudWatch alarms (errors, duration, throttle), Winston structured logging, Prometheus /metrics endpoint.

Architecture diagram below ↓

Architecture deep-dives

Two systems built at Warner Bros. Discovery (Food Network, CNN, Eurosport, and others). Plus one open-source personal project with a full diagram.

Privacy / PII Request Orchestrator

Compliance · GDPR Article 15 + 17 · Async fan-out across 6+ services

Privacy / PII Request Orchestrator Architecture Left-to-right: User sends a privacy request to OneTrust (privacy management vendor), which fires a webhook to the Privacy Broker API. The broker forwards to the Compliance Request Orchestrator (primary actor). The orchestrator fans out via a Kafka request stream to 6 downstream services. Each service publishes its result to a Kafka result stream. The orchestrator aggregates and fires a fulfillment callback. State is stored in DynamoDB and a service registry. GDPR Article 15 and 17 compliance. Cross-cutting: CloudWatch, OpenTelemetry, IAM, IaC. ENTRY VENDOR BROKER ORCHESTRATOR ASYNC BACKBONE User privacy request OneTrust Privacy Management Vendor Privacy Broker API Compliance Request Orchestrator subject-request-ID = idempotency key Request State DB (DynamoDB) Service Registry S3 → Access Data export GDPR Art. 15 + 17 · Audit trail Kafka User Request Stream Kafka User Result Stream Comments Service Users / Profile Service Saved Items Service Brand-specific Services Moderation Service Media Service webhook fulfillment callback CROSS-CUTTING CloudWatch · OpenTelemetry · IAM · IaC (CDK / CloudFormation) LEGEND sync HTTP async event primary actor compliance

What it is. A user privacy request (right of access or right to erasure) enters via OneTrust and is forwarded by a third-party broker to the Compliance Request Orchestrator. The orchestrator looks up which downstream services hold PII for that user via a service registry, then fans out across a Kafka request stream. Each downstream consumes its slice, processes (delete or export), and publishes a per-service result. The orchestrator aggregates results and calls the broker’s fulfillment API once the aggregate state flips to complete.

Why this shape. The subject-request-ID drives idempotency end-to-end, so re-deliveries at any hop are safe. A service registry — rather than hardcoded routing — lets new PII-holding services join compliance by registering, with no orchestrator change. Two separate Kafka streams (request out, result in) give each downstream a clean inbound contract and the orchestrator a clean aggregation contract. State is split into per-service status and an aggregate; the aggregate flips to complete only when every individual settles, gating the fulfillment callback.

Multi-Brand Async Moderation Platform

Trust & Safety · Multi-tenant · In-house text + image moderation

What it is. User-generated content — comments, nicknames, image uploads — from multiple brand surfaces flows through an internal API gateway, is identity-checked via CIAM, then published to a Kafka request stream. An inbound Lambda dispatches to two in-house classifiers: a text moderation processor for comments and nicknames, and a media processor for images. Both publish verdicts to a separate Kafka response stream; an outbound Lambda picks up each verdict and notifies the originating brand surface. Image bytes are stored in S3; record metadata and S3 keys live in DynamoDB.

Why this shape. Two streams (request out, response in) localise replay — a failure in moderation never re-drives the entire pipeline. Both classifiers are owned in-house: text moderation was migrated off a third-party vendor, image moderation absorbed from a sister team, eliminating vendor cost and returning policy ownership to the product team. Per-brand rules (banned terms, severity thresholds) are hot-reloadable without redeployment.

Full Budget App — Open Source

Serverless · Multi-tenant · Event-driven categorisation · AWS CDK · github.com/debrajpaul/full-budget-app

Full Budget App Architecture Client sends GraphQL requests through API Gateway to the GraphQL Lambda (Apollo Server, primary actor). The lambda reads and writes eight DynamoDB tables: Users, Transactions (with stream), Budgets, Recurring Transactions, Categories, Refresh Tokens, Savings Goals, and Sinking Funds. For statement uploads the lambda writes to an S3 bucket; an S3 PUT event triggers an SQS message; SQS triggers the txn-loaders Lambda which parses bank statements (HDFC, SBI, Axis) and writes normalised transactions to DynamoDB. The DynamoDB stream on the Transactions table triggers the tag-loaders Lambda which applies a deterministic NLP rule engine first, then falls back to Amazon Bedrock (Mistral) for low-confidence matches, and writes the result to the Categories table. AWS X-Ray, CloudWatch, and SSM Parameter Store provide observability and configuration. CLIENT / ENTRY COMPUTE STORAGE / ASYNC Client (web / mobile) API Gateway GraphQL Lambda Apollo Server 5 · JWT · X-Ray tracing 7 queries · 18+ mutations · multi-tenant DYNAMODB (8 tables · on-demand · tenantId PK) Users Transactions stream Budgets Recurring Transactions Categories (output of tag-loaders) + RefreshTokens · SavingsGoals · SinkingFunds S3 (statement uploads) SQS Queue batch 10 · 300s visibility txn-loaders Lambda parse (HDFC / SBI / Axis) · normalise · write tag-loaders Lambda NLP rule engine (deterministic first) Amazon Bedrock fallback (Mistral) Amazon Bedrock (Mistral) low-confidence matches only SSM Param Store JWT secret OBSERVABILITY AWS X-Ray (10% sampling) · CloudWatch alarms (errors / duration / throttle) · Winston logs · Prometheus /metrics upload S3 event write DDB stream AI fallback categorise sync async / event primary actor AI / categorisation

What it is. A multi-tenant serverless budgeting platform built as a pnpm monorepo on AWS. Users upload bank statements (HDFC, SBI, Axis — PDF or CSV) via a GraphQL mutation; the statement lands in S3, an S3 event queues a message in SQS, and the txn-loaders Lambda parses and normalises the transactions into DynamoDB. A DynamoDB stream on the Transactions table immediately triggers the tag-loaders Lambda, which applies a deterministic NLP rule engine for known merchants and categories, falling back to Amazon Bedrock (Mistral) only for low-confidence matches. All 8 DynamoDB tables use tenantId as the partition key, giving hard data-boundary isolation between users.

Why this shape. S3 → SQS decouples ingestion from parsing — spiky upload volumes don’t block the GraphQL API. DynamoDB Streams replace polling entirely: as soon as a transaction is written, the categorisation worker fires. The hybrid NLP+AI strategy keeps Bedrock calls (and their cost) to a minimum; most common merchants are classified by rules in under a millisecond. AWS CDK provisions all resources — tables, queues, buckets, alarms, X-Ray groups — as reproducible stacks with explicit dependency ordering.

Experience

  1. Warner Bros. Discovery via Robosoft
    Senior Software Engineer — Technical Lead II (promoted Jan 2026)
    Aug 2021 — Present · Remote (Washington DC / Bengaluru)
  2. Swiggy Dineout
    Senior Software Engineer
    Dec 2019 — Aug 2021 · Bengaluru
  3. PT Teknologi Tujuh Asia
    Senior Software Engineer
    Nov 2018 — Dec 2019 · Jakarta, Indonesia
  4. TripBorn
    Backend Developer
    Apr 2018 — Oct 2018 · Bengaluru
  5. Ekagga Technology & Services
    Software Engineer
    May 2017 — Apr 2018 · Bengaluru
  6. Self-Employed
    Backend Developer
    Jun 2015 — May 2017 · Bengaluru
  7. CSIR — URDIP (FAO project)
    SDE Intern
    Jan 2015 — Jun 2015 · Bengaluru

Skills

Languages & Runtime

TypeScriptNode.jsJavaScriptJavaGo

Backend Frameworks & APIs

Express.jsCustom Node.js frameworksGraphQL (BFF)Spring BootHibernateGin

Cloud & DevOps

AWS LambdaECSSQSSNSS3IAMDynamoDBRDSGlueOpenSearchAmazon BedrockDockerJenkinsGitHub ActionsCircleCIIaC (CDK / CloudFormation)

Architecture & Design

MicroservicesEvent-Driven SystemsBackend-for-Frontend (BFF)RESTGraphQLDistributed SystemsTDDService-registry orchestrationTwo-stream Kafka contractsState-machine async fulfillmentDomain-based service boundariesIdempotent message handlingRetry with exponential backoffCache-asideFault isolation via queue decoupling

Messaging & Streaming

KafkaAWS KinesisSNSSQS (Standard + FIFO + DLQ)

Data Stores

MongoDB (Mongoose)DynamoDBPostgreSQLMySQLRDSRedisElasticSearchOpenSearchParquet (Snappy) on S3

Compliance & Security

GDPRCCPAOneTrustJWTOAuthIAMSubject-rights-request orchestrationAudit trails

Observability & Reliability

Structured loggingOpenTelemetryCloudWatch monitoring + alerting

Testing

JestSinonNewmanMocha-ChaiJUnit
Years of evidence
SkillYearsWhere used
Node.js8+Warner Bros. Discovery · Swiggy · PT Tujuh Asia · TripBorn · Freelance
TypeScript8+Warner Bros. Discovery · Swiggy
AWS (overall)11+Swiggy · PT Tujuh Asia · Warner Bros. Discovery
AWS Lambda8+Event processing, serverless APIs
ECS6+Containerized microservices at Warner Bros. Discovery
SQS / SNS6+Event-driven pipelines
DynamoDB6+Serverless & high-scale workloads
Kafka8+Swiggy POS integrations · privacy + moderation pipelines
GraphQL (BFF)5+Food Network BFF (Apollo certified)
Microservices Architecture8+Swiggy · Warner Bros. Discovery · Fintech
Distributed Systems7+Platform-scale services
OpenTelemetry3+Distributed tracing
GDPR / CCPA6+Warner Bros. Discovery compliance systems
OneTrust3+User data access & deletion

Certifications

  • AWS Certified Developer — Associate (2024–2027) Credly →
  • Apollo GraphQL Developer — Associate (2025) Apollo →
  • Ethereum Blockchain Developer Bootcamp with Solidity (2022) — Udemy
  • Serverless Framework Bootcamp: Node.js, AWS & Microservices (2021) — Udemy
  • Design Patterns in TypeScript (2021) — Udemy
Additional courses & licences
CourseIssuedProvider
Java Memory ManagementDec 2019LinkedIn
Kafka Essential TrainingDec 2019LinkedIn
AWS for Developers: Data-Driven Serverless Apps with KinesisOct 2019LinkedIn
Advanced Node.js: Scaling ApplicationsSep 2019LinkedIn
Programming Foundations: Design PatternsJun 2019LinkedIn
Node.js: SecurityApr 2019LinkedIn
The Complete Developer's Guide (Golang)Feb 2019Udemy
Node JS: Advanced ConceptsOct 2018Udemy
Learn Blockchain by Building Your Own in JavaScriptAug 2018Udemy
Node.js: The Complete Guide to Build RESTful APIsJun 2018Udemy

Education

Master of Computer Applications
Tezpur University, Assam
Aug 2012 – Aug 2015
Bachelor of Computer Applications
Gauhati University, Assam
Aug 2009 – Aug 2012

Volunteer

WWF-India
Volunteer — Environment
Jun 2018 — Present
UNICEF
Volunteer — Health
Jan 2021 — Jan 2024
Red Cross Blood Services
Volunteer — Health
Feb 2015 — Mar 2016