About Skills Experience QuantumMail Live Demo Architecture Education Contact
MB
Open to Opportunities
Mechanicsburg PA (Open to Relocate)

MIHIR
BOMMISETTY

|

7+ years architecting enterprise-grade systems across government, manufacturing & technology. Creator of QuantumMail — a client-side encrypted email platform.

View QuantumMail Get In Touch ↓ Download Resume
Scroll

Introduction

Who I Am

Results-driven Sr. Full Stack Developer with deep expertise in Java full stack development using Spring Boot, Spring MVC, Spring Security, and RESTful Microservices on the back end — paired with modern front-end frameworks including Angular 17+, React/Redux, and Next.js.

I've delivered enterprise-grade applications across government portals, manufacturing ERP systems, and child support enforcement platforms. I'm equally comfortable designing Hibernate/JPA entity models and crafting pixel-perfect React dashboards.

Most recently, I independently architected and shipped QuantumMail-v2 — a full-stack encrypted email platform leveraging AES-256-GCM and RSA-OAEP envelope encryption entirely on the client side.

7+
Years Experience
3
Major Sectors
15+
Technologies
80%+
Test Coverage
📍
Location
Mechanicsburg, PA
📧
📞
Phone
(551) 349-4114
🔗
🎓
Education
MSc Computer Science — Stevens Institute of Technology
🏛️
Current Role
Application Developer III — PA Fish & Boat Commission

Capabilities

Technical Stack

Java Ecosystem
Core

Java 11/17Spring BootSpring MVCSpring Security
Familiar

JWT / OAuth2Hibernate / JPAMaven / GradleSpring BatchCQRS
Front-End
Core

Angular 15/17React 18Next.js SSR/SSG
Familiar

Redux ToolkitTypeScriptJavaScript ES6+HTML5 / CSS3Material UIBootstrap
Cloud & DevOps
Core

Azure DevOps
Familiar

Azure App ServiceAzure AD / Entra IDAWS EC2 / S3 / LambdaDockerJenkinsYAML PipelinesIIS
Back-End & APIs
Core

Node.jsExpress.js
Familiar

REST MicroservicesGraphQLASP.NET CoreWCF SOAP/RESTEntity FrameworkDapper
Databases
Core

SQL Server
Familiar

PostgreSQLMySQLOracleMongoDBT-SQLStored ProceduresLiquibase
.NET & Testing
.NET 6/7C# / VB.NETJUnit / MockitoNUnit / xUnitTDDSwagger/OpenAPIPostmanWCAG / JAWS

Career

Work Experience

April 2024 — Present
Application Developer III
Fish & Boat Commission of PA — Harrisburg, PA
  • Architected full stack features using Spring Boot REST APIs + Angular 17, replacing a legacy monolithic RFP system with modern microservices.
  • Built Spring Security + JWT/OAuth2 authentication layer enforcing RBAC across government-facing portals.
  • Developed React/Redux admin dashboards integrating with Java REST APIs via Axios and Redux Toolkit.
  • Implemented CQRS with Spring Boot command/query services and Hibernate/JPA entity models with Liquibase schema migration.
  • Ensured WCAG accessibility compliance using Wave Tool and JAWS across all Angular and React views.
  • Automated CI/CD via Azure DevOps YAML pipelines for Spring Boot JARs and Angular builds.
January 2023 — December 2023
Full Stack Developer
Pennsylvania Child Support Enforcement System (PACSES) — Mechanicsburg, PA
  • Developed Spring Boot microservice modules exposing REST endpoints consumed by Angular 15 and legacy ASP.NET C# apps.
  • Implemented Spring Security + JWT/OAuth2, replacing session-based legacy auth across core PACSES services.
  • Built React/Redux interfaces for caseworker dashboards; used Next.js SSR for public-facing pages for SEO and performance.
  • Created Node.js/Express.js middleware bridging Java microservices and React clients with request orchestration.
  • Integrated Azure Active Directory, Exchange Online, and Entra ID for SSO and user lifecycle management.
January 2017 — August 2022
Software Engineer → Development Engineer
Made2Manage — Remote
  • Led Java Spring Boot microservice development for ERP modules (inventory, order management, HCM).
  • Built React 17/Redux dashboards replacing legacy ASP.NET Web Forms; deployed Spring Boot on AWS EC2 with ELB.
  • Wrote JUnit and Mockito tests achieving 80%+ coverage; managed source control across Git/SVN/ClearCase for 6-person team.
  • Migrated front-end from AngularJS to Angular 8/9 with TypeScript; built WPF controls and ADO.NET data layers.
Live Project · 2025

QuantumMail
v2

A full-stack, organization-based, client-side email encryption platform. Secure sharing of sensitive content via encrypted per-recipient access links — plaintext never stored server-side.

🌐 Live Demo ⚙ GitHub
🔒
Envelope Encryption
AES-256-GCM for messages + RSA-OAEP-SHA256 for per-recipient DEK wrapping via Web Crypto API
🏢
Multi-tier RBAC
SuperAdmin, Admin, Member roles with invite-based onboarding and OTP verification via Brevo
🧩
Browser Extensions
Chrome extension and Microsoft Outlook Add-in for in-client compose and decrypt without leaving native UI
📊
React Admin Portal
Encrypted inbox, vault, analytics dashboard, audit trail logging of all access attempts and key operations
JavaScript Node.js React Express.js AES-256-GCM RSA-OAEP Web Crypto API Render

Live Demo

Try the Encryption

Real AES-256-GCM running entirely in your browser. Watch the DevTools panel below — every log, every byte count, every timing entry is live. Your message never leaves this tab.

Your Message 0 chars
256
Key Bits
AES-GCM
Algorithm
Bytes
READY
Status
AES-256 Key (hex) never transmitted
Generating...
IV / Nonce (hex) 96-bit · unique per message
Type to generate IV...
Ciphertext (base64) AES-256-GCM output
Type a message to see ciphertext...
Chrome DevTools — quantum-encryption-demo.html ● Live
0 entries
Filter
All Errors Warnings

System Design

QuantumMail Architecture

Full system architecture from github.com/munnamihir/QuantumMail-v2 — dual encryption modes (PQC & Passphrase/PBKDF2), quorum-based vault recovery, KEK keyrings, Chrome MV3 extension, Outlook Add-in, and 4-bucket storage.

/portal  ·  /extension  ·  /outlook-addin  ·  /server  ·  /scripts  ·  /docs  ·  /pitch   |   JS 76.7% · HTML 21.2% · CSS 2.1% · 438 commits · MIT

QuantumMail-v2 Full Architecture Client layer with dual encryption modes, quorum vault recovery, HTTPS transport, server with RBAC and KEK keyrings, Brevo external, and 4-bucket storage. CLIENT LAYER ● Plaintext & private keys never leave this boundary React Portal /portal Inbox · Compose · Decrypt · Keygen Vault · Analytics · Admin · .qm/super Alerts · Org management · Invites 438 commits · MIT License Chrome Extension /extension Manifest V3 (MV3) popup.js · background.js · content.js Compose & decrypt inside Gmail extension.zip · packaged for Chrome Web Store Outlook Add-in /outlook-addin src/taskpane.js · src/commands.js manifest.xml · Office.js integration Compose & decrypt inside Outlook Requires extension detected for decrypt Web Crypto API (browser built-in) RSA keypair generation · device-bound · private key lives in client runtime only · never transmitted AES-256-GCM Msg + attachment encrypt Unique DEK per message Symmetric · fast +16-byte auth tag (GCM) RSA-OAEP-SHA256 DEK wrapping per recipient Uses recipient RSA pubkey Asymmetric · envelope model Useless without private key ML-KEM-768 Post-Quantum Crypto Mode Compose → PQC tab Encrypt to ML-KEM pubkey Quantum-resistant KEM NIST PQC standard PBKDF2 Passphrase Mode Compose → Passphrase tab Key derived from passphrase No pubkey needed Salt + iterations client-side QUORUM-BASED VAULT RECOVERY /portal/vault 1 · Trusted Device Registry Register Desktop / Mobile / Tablet Label + type stored client-side Must manually trust each device Refresh devices · view list N trusted devices registered 2 · Recovery Token Generate once · save offline Enable Recovery Vault step PBKDF2-derived secret Never transmitted to server 1-of-1 factor (required) QUORUM Token + 1 Device threshold = 2-of-N Q 3 · Recovery Flow Start Recovery on new device Trusted device holder approves recovery request from vault Finish Recovery: token + approval Private key re-encrypted to new device Load pending requests · approve HTTPS · encrypted payload only · no plaintext · no private keys ever transmitted SERVER — Render · Node.js / Express /server REST API JWT authentication Setup token generation Org approval workflow Encrypted access links Timing-safe comparisons Vault recovery request broker RBAC Engine SuperAdmin Admin Member Org identity + pubkey registry Policy-based authentication Wrapped key ownership checks Zero Trust · Least privilege KEK Keyrings Key Encryption Keys Org-specific KEK per org Encrypts payloads at rest Separate from client DEKs Policy configurations Server-side only · not client DEK Brevo OTP verify Acct setup Pwd reset Org approval Invite email Transact. SMTP DATABASE STORAGE Encrypted Payloads Msgs + attachments AES-256-GCM ciphertext KEK-wrapped at rest Wrapped DEKs Per-recipient RSA-OAEP blobs ML-KEM wrapped variants Useless without private key Public Key Registry RSA pubkeys per member ML-KEM-768 pubkeys Safe to store · public only Audit + Policy Access attempts + key ops Recovery request logs Encryption policy configs Client Web Crypto AES/RSA PQC/PBKDF2 Quorum Vault Server/KEK Brevo Storage

Academics

Education

Master of Science
Stevens Institute of Technology
MSc — Computer Science
Advanced Web Technologies · Distributed Systems · Cloud Computing · Software Architecture · Database Management Systems · Algorithms & Data Structures
Bachelor of Technology
Koneru Lakshmaiah Education Foundation
BTech — Computer Science
Object-Oriented Programming · Data Structures · Operating Systems · Computer Networks · Software Engineering · DBMS

Credentials

Certifications

🤖
RPA — RE Framework
UiPath
Robotic Process Automation
⚙️
Certified System Administrator
ServiceNow · CSA
Platform administration & ITSM
Certified Java Professional
Wipro
Enterprise Java development
🗄️
Oracle Academy
Oracle · DBMS & Java
Database management & Java fundamentals
📄
Research Publication
IRJET · Peer-Reviewed
Disease Detection of Plants using Convolutional Neural Networks — published research applying deep learning to agricultural pathology

Let's Build
Something.

Open to senior full stack roles, interesting projects, and conversations about encrypted systems. Based in Mechanicsburg, PA.

📧
Email
mihirbommisettys@gmail.com
🔗
LinkedIn
mihirbommisetty
GitHub
QuantumMail-v2
📞
Phone
(551) 349-4114
Say Hello →