Open to internships, new-grad & junior software / security roles

Milton Adina Shisia

Full-Stack & Security-Focused Software Engineer

I build secure, test-driven web and mobile systems — and I have the architecture diagrams, schemas, and real test runs to prove it.

3.48
GPA · Honor Roll
Oklahoma Christian University
6
Production Systems
client + product work
2,200+
Tests Passing
real green-bar runs
8
Languages Shipped
TS · Dart · Java · Rust · …

Featured Work

Real client and product systems where I was the primary engineer. Source is private; full case studies — architecture diagrams, ER schemas, security patterns, and dated test-run evidence — live in the Portfolio Showcase. Every number on this page was re-verified against the real repos on 2026-05-29.

BrightPath

Private

Multi-Tenant School-Management SaaS

Full-Stack & Security Engineer

A production-scale, multi-tenant platform for African schools — student lifecycle, grading, mobile-money payments, and parent communications, with tenant isolation enforced at the database engine.

403
Tables
1,063
RLS policies
69
Edge functions
2,228
Test files
19,639
Test cases
~485K
Source LOC
  • Tenant isolation via 1,063 PostgreSQL Row-Level Security policies — derived server-side from the JWT, never trusted from the client.
  • 12+ hierarchical roles with granular resource.action permissions (RBAC).
  • Multi-provider payments: M-Pesa (Daraja), Airtel, MTN, Stripe — with HMAC webhook verification.
  • COPPA-focused AppSec: custom Playwright consent/age-gate scripts, Semgrep, gitleaks, OWASP ZAP, dependency CVE auditing in CI.
BrightPath — real test/run evidence
React 18TypeScriptSupabasePostgreSQLDeno EdgeDocker

Flourish

Private

Compliance-Engineered Health Platform

Full-Stack & Compliance Engineer

A clinical/health platform engineered around privacy and consent — HIPAA-ready posture, FDA SaMD-avoidance, and multi-jurisdiction privacy controls anchored by an append-only, tamper-evident audit ledger.

1,278
Tests passing
25
Workspaces
25
ADRs
4
Apps
21
Packages
  • 1,278 automated tests across a 25-workspace Turborepo monorepo, all green.
  • Privacy controls mapping to HIPAA, COPPA, CCPA, GDPR, and Washington MHMDA.
  • Append-only audit-log schema enforced at the data layer (REVOKE UPDATE/DELETE), proven by an immutability test.
  • Security CI: Semgrep SAST, gitleaks, CycloneDX SBOM, dependency audit — gated on every PR.
Flourish — real test/run evidence
Next.js 16ExpoFastifytRPCDrizzlePostgreSQLTurborepo

Light Routines

Private

Cross-Platform Mobile + Native Engines

Founder & Sole Engineer

A cross-platform Flutter app on a 5-package Clean Architecture monorepo, with offline-first SQLite as the source of truth and native iOS/Android session engines behind a BLE hardware-abstraction layer.

354
Tests passing
5
Packages
740 LOC
Kotlin (native)
475 LOC
Swift (native)
  • 5-package Clean Architecture — the analyzer physically prevents the domain layer from importing Flutter or platform code.
  • Native session engines: Kotlin Foreground Service (Android) + Swift CoreBluetooth (iOS) behind a typed MethodChannel/EventChannel contract.
  • 354 tests passing across all five packages, 0 analyzer issues.
  • Firebase Auth + Firestore sync repositories implemented and gated behind a v2 cutover (current build runs on mock auth).
Light Routines — real test/run evidence
FlutterDartKotlinSwiftSQLiteBLEFirebase

DevOPs + Stratum

Private

Operating System + Memory Backend for AI Coding Agents

Systems Engineer

A verification-first operating layer for AI coding agents (Claude Code, Codex, Cursor, and more) with deterministic safety hooks, plus Stratum — a three-tier memory backend with a Rust/WASM hot path on Cloudflare Workers.

8
Agents supported
64
Universal skills
12
Safety hooks
3
Memory tiers
  • Three-tier memory: hot in-RAM → warm Supabase → cold Pinecone + Neo4j, with a Cloudflare Workers + Rust/WASM hot path.
  • CQ-Extended KadaneDial scheduling algorithm (extending DyCP, arXiv:2601.07994).
  • Deterministic safety hooks run outside the LLM cognitive space — loop detection, budget brakes, secret/prod-write blocks.
  • Self-configuring layer that provisions agent-specific configs across 8 coding agents via universal SKILL.md / AGENTS.md formats.
TypeScriptRust (WASM)Cloudflare WorkersSupabasePineconeNeo4j

Lumière

Private

Bilingual Next.js Agency Platform

Full-Stack Developer

A bilingual (EN/SW) agency platform built on the Next.js App Router with React Server Components, a CMS-style admin over 17 Prisma content models, Stripe checkout, and RLS-gated admin access.

17
Content models
40
App Router pages
25
API routes
EN / SW
Locales
  • 40 App Router pages + 25 API routes, with React Server Components for data fetching.
  • CMS-style admin over 17 Prisma content models with a translation pattern for every entity.
  • Stripe checkout, three rate-limited API endpoints, and RLS-gated admin access on Supabase/PostgreSQL.
Lumière — real test/run evidence
Next.js 16React 19PrismaSupabaseTailwindStripe

Open-Source & Coursework

Doctor Who Knowledge API

Open Source

Node/Express/Supabase API · Team of 3

Backend & Security Engineer

A team final project: a Node/Express/Sequelize API over a 16-model PostgreSQL schema with JWT-protected routes and OpenAI natural-language-to-SQL querying.

16
Data models
18
Endpoints
3
Team size
  • 16-model relational schema with many-to-many join tables.
  • JWT auth middleware covered by a Jest/Supertest suite.
  • OpenAI natural-language-to-SQL querying over the schema.
Node.jsExpressSequelizeSupabaseOpenAIJest

E-Commerce REST API

Open Source

Spring Boot Auction/Bidding API

Backend Developer

A Spring Boot REST API for an auction-style marketplace — users, products, bids, and orders — with a multi-layer architecture, Dockerized PostgreSQL, and JUnit + Maven CI.

controller / service / repo
Architecture
JUnit + Maven
CI
  • Multi-layer Spring Boot architecture with Spring Data JPA repositories.
  • Containerized PostgreSQL via Docker Compose for reproducible local dev.
  • Automated verification through JUnit + Maven build workflows.
JavaSpring BootPostgreSQLDockerJUnitMaven

Skills

Languages

TypeScriptJavaScriptJavaDartPythonRust (WASM)C++SQL

Frontend

React 18/19Next.js (App Router)Vue 3FlutterTailwind CSSshadcn/ui

Backend

Node.jsExpressFastifytRPCSpring BootDeno Edge Functions

Data

PostgreSQLSupabaseMySQLSQLiteDrizzlePrismaSequelizePineconeNeo4j

Security

OWASP Top 10Multi-tenant RLSRBACSAST/DASTSemgrepgitleaksOWASP ZAPJWTbcryptCycloneDX SBOM

Testing

VitestPlaywrightJestSupertestJUnit 5flutter_testMaestro

DevOps / Cloud

DockerGitHub ActionsVercelCloudflare WorkersSupabase Edge

Experience

Freelance Software Engineer (Contract)

2024 – Present

Independent Contractor · Remote

  • Deliver production web and mobile applications for private clients end-to-end — architecture, implementation, testing, and deployment — across TypeScript/React/Next.js, Node.js, and Flutter/Dart.
  • Ship with production rigor: multi-tenant Row-Level Security and RBAC, OWASP-aligned hardening, automated SAST/DAST scanning, and full unit/integration/E2E test suites.

Data Analyst Intern

Jun 2022 – Nov 2022

USAID HealthIT · Nairobi, Kenya

  • Performed data cleaning and statistical analysis on 5,000+ monthly health-record submissions across 47 county facilities.
  • Aligned datasets with Kenya Ministry of Health standards; contributed to work recognized by the Ministry for a 20% report-efficiency improvement.

Freelance Data Analyst & Research Assistant

2020 – 2022

Various Contracts · Kenya

  • Designed and deployed mobile data-collection tools (ODK, KoBo, CommCare) for health, education, and industrial research.
  • Managed cross-functional teams and analyzed datasets to deliver reports guiding policy and community-development work.

Education

Oklahoma Christian University

B.S. Computer Science (Cybersecurity)

Expected 2027 · Honor Roll · GPA 3.48

Network Security · Operating Systems · Software Engineering I–IV · Data Structures & Algorithms · Database Systems · Cloud Architecture & Security · AI · CS Team — Cyber Contest

Masinde Muliro University of Science & Technology

B.S. Epidemiology & Biostatistics

2019 · Second-Class Honors

Research methods, data analysis, disease modeling, clinical-trial design.

Let's build something secure.

Open to internships, new-grad & junior software / security roles. Based in Edmond, OK · F-1 visa · CPT/OPT eligible.