Embedded • Robotics Safety • Distributed Backend • AI/RAG

I build systems that survive reality.
Hardware that doesn’t fail, and backend/services that don’t fall over.

I'm Harsha Vardhan Guntreddi, B.Tech CSE @ Amrita (AEEE AIR 369). I work across embedded firmware and Backend mainly in C ,Python and Java (ESP32, Sony Spresense, FreeRTOS), safety-first cyber-physical systems (autonomous landmine detection UGV), production-grade backend platforms (Java 17 / Spring Boot / Kafka / PostgreSQL / Kubernetes), secure infra (NAT, VPN, IDS/WAF, zero-trust), and AI/RAG automation for documents and telemetry. Along with this i did many freelancing duting my college and gained a lot of knowledge on DevOPS and FULLSTACK and many more there are many websites i did for businesses and they loved my works one of them can be say https://vishnupumps.com/

Hire me → Call me Email me

20K+

embedded / firmware LOC written & debugged on real boards

<70ms

p95 assign/delivery decisions in real-time dispatch logic

24/7

self-healing NAT Wi-Fi / CPS telemetry in field-like tests

ESP32 / FreeRTOS Spring Boot 3 Kafka Kubernetes FastAPI + RAG

ugv_safety_controller.py

# Landmine Detection UGV
# Never drive onto a threat.
class SafetyController:
    def __init__(self, safety_radius):
        self.safety_radius = safety_radius

    def is_move_safe(self, next_pose, mines):
        # HARD REJECT if next step violates safety radius
        return all(dist(next_pose, m) >= self.safety_radius for m in mines)

Mission: protect people. Robots go first.

About me

I love building backend its soo intresting and I’m a systems engineer who can sit next to hardware with a multimeter at 2AM and write the backend service + CI/CD + monitoring that ships that hardware into the real world. I like safety, reliability, and clean handoff from prototype → production.

What I build

• Backend & Distributed Systems: Spring Boot microservices, Kafka/Flink streaming, real-time delivery/dispatch, PCI-aware tokenization vaults, rate-limited public APIs.

• Cyber-Physical Systems & Robotics: autonomous landmine detection UGV with pulse-induction sensing, safety-radius navigation, confirm-dwell logic, and MATLAB/Simulink controller design.

• Embedded / Edge IoT: ESP32 NAT Wi-Fi repeater (AP+STA, hairpin NAT, OTA), Sony Spresense/STM32 data nodes for polyhouse/solar dryer control with MQTT/FTP fallback, watchdog recovery, and brownout safety.

• Backend & Distributed Systems: Spring Boot microservices, Kafka/Flink streaming fraud signals, real-time delivery assignment (<70ms p95), tokenization vaults, PCI-aware services, DevSecOps pipelines.

• AI / RAG Automation: FastAPI + vector search (Qdrant/OpenSearch), doc extraction (Donut/LayoutLMv3), multilingual assistants, observability and guardrails.

What I'm looking for

Roles where I own real systems end to end: Embedded / Firmware Intern, Robotics / CPS, Backend / Platform Engineer, IoT + Edge Infra, Applied AI/RAG Engineer.

I ship. I debug. I don't ghost when it breaks.

Embedded / CPS Backend / Platform Infra / DevSecOps AI for Operations

Fast facts

📍 Coimbatore, India (Open to: Bangalore / Hyderabad / Chennai)
🎓 B.Tech CSE, Amrita Vishwa Vidyapeetham (2022–2026)
AEEE AIR: 369

Core Skills

Drop me in and I start delivering.

Embedded / CPS / Edge

ESP32 (ESP-IDF 5.x) Sony Spresense STM32 FreeRTOS UART / I2C / SPI OTA / Watchdog / Brownout safety MQTT / GSM / FTP fallback MATLAB / Simulink control

Backend / Distributed Systems

Java 17 Spring Boot 3 Kafka Flink streaming REST / gRPC / OpenAPI PostgreSQL / Oracle / DynamoDB / MongoDB Redis (caching / proximity) CQRS / Saga / Idempotency OAuth2 / OIDC / mTLS

Infra / DevSecOps / Observability

Docker / Kubernetes GitHub Actions / Jenkins Prometheus / Grafana OpenTelemetry SonarQube / Fortify / Black Duck Nginx / TLS / NAT / VPN (WireGuard/IPsec) IDS/IPS (Zeek / Suricata) WAF (Nginx+ModSecurity)

AI / RAG / Doc Intelligence

Python / FastAPI LLM Agents (tool use) Hybrid Retrieval (BM25 + Vector) Qdrant / OpenSearch Donut / LayoutLMv3 OCR Pydantic validation RAG Eval (RAGAS/TruLens) Multilingual (Indic + English)

Projects

These are real builds, not class toy code. I've grouped them so you can skim by domain.

Cyber-Physical Systems, Embedded, Edge & Security

Autonomous Landmine Detection UGV

Demo ↗

Ground robot that scans for buried mines with pulse-induction sensing, classifies live readings with KNN, and enforces a “safety radius” so it never physically drives onto a suspected mine. Includes confirm-dwell logic, safe coverage path planning, MATLAB/Simulink controller design, and autonomous navigation that prioritizes human safety.

C / C++ Python MATLAB / Simulink KNN classification UGV control

ESP32 NAT Router & Secure Wi-Fi Repeater

GitHub ↗

Custom ESP-IDF 5.x firmware turning an ESP32 into a dual-mode AP+STA Wi-Fi repeater with hairpin NAT (U-turn), DHCP server, DNS proxy, mDNS reflector, MAC ACLs, basic rate limits, watchdog recovery, OTA updates with rollback, and MQTT telemetry for remote health monitoring.

ESP-IDF / FreeRTOS lwIP NAT MQTT OTA / WDT Wireshark / iperf3 QA

Smart Polyhouse / Solar Dryer CPS (Sony-SSUP)

Edge-native control node on Sony Spresense / STM32 for agricultural drying and climate control. Real-time multi-sensor acquisition (temperature, humidity, slot sensors) through FreeRTOS-safe queues, hybrid connectivity (ESP32 Wi-Fi + GSM), MQTT/FTP uplink of data and images, and watchdog-driven recovery for field reliability.

Sony Spresense STM32 FreeRTOS MQTT / GSM / FTP Fault tolerance

IoT Telemetry & Device Ops Console

Spring Boot ingest API + React dashboard that watches remote ESP32 / Spresense units. JWT auth, rate limiting, and clean JSON contracts. PostgreSQL models heartbeat / last-seen, plus alerting for offline nodes. Hardened Linux/Nginx deploy with TLS.

Spring Boot PostgreSQL React / TypeScript JWT / Rate limit Nginx / TLS

Zero-Trust Remote Access & Threat Visibility Lab

pfSense/OPNsense in HA (CARP+pfsync) across Untrust/Trust/DMZ/VPN zones; WireGuard + FreeRADIUS + TOTP; Zeek + Suricata into ELK for live traffic intel; Nginx+ModSecurity (OWASP CRS) shielding exposed services; failover drills with near-zero packet loss. Automated infra via Ansible + Docker/Compose.

pfSense / OPNsense WireGuard / IPsec IDS/IPS WAF / OWASP CRS Ansible

Deep Learning for Adaptive Encryption at the Edge

Lightweight ASCON & GIFT ciphers defended using RNN-based adaptive security policies on Raspberry Pi. The goal: keep comms hardened in hostile environments while staying real-time and power aware.

ASCON / GIFT Raspberry Pi RNN policy Edge security

Backend Platforms, Distributed Systems & Production Infra

Task / Ticket Service API

Spring Boot + MongoDB backend for team tasking / SLA tracking / audit trail. Dockerized, shipped with Kubernetes manifests, health checks, and GitHub Actions CI/CD.

Spring Boot MongoDB Docker / K8s OpenAPI

Industrial Telemetry & Historian

OPC UA + MQTT ingest into PostgreSQL/TimescaleDB with retention + rollups. FastAPI exposes /tags, /events, /trend (downsampling, pagination). Prometheus exporters + Grafana dashboards for ingest QPS and health.

FastAPI OPC UA / MQTT PostgreSQL / TimescaleDB Grafana / Prometheus

Alarm & Events Microservice

C#/.NET 8 service modeling limits, deadbands, hysteresis, shelving; CQRS + outbox to Kafka. REST/gRPC with idempotency keys, xUnit tests, container image signing, SBOM, secure supply chain.

.NET 8 CQRS / Kafka PostgreSQL gRPC / REST

Real-time HMI / Web Client

React + TypeScript dashboard for live tags, alarms, trend charts with virtualized tables and SignalR/WebSocket push. Includes RBAC, offline cache, and OpenTelemetry traces.

React + TS SignalR / WebSockets OpenTelemetry

C++ Tag SDK & Trend Engine

C++17 SDK for tag read/write, subscriptions, buffered time-series queries, and downsampled min/max/avg windows. Built with RAII safety, ASAN/UBSAN, clang-tidy, and full gtest/gmock coverage.

C++17 RAII / clang-tidy ASAN / UBSAN

Order Orchestration Platform

Domain-driven microservices (Java 17, Spring Boot 3, WebFlux) with CQRS+Saga for order lifecycle, Kafka/RabbitMQ events, Redis caching, API Gateway/BFF, and full DevSecOps pipeline (Jenkins, SonarQube, Fortify, Black Duck, blue/green deploys).

Spring Boot 3 / WebFlux Kafka / Redis CQRS / Saga Kubernetes / AWS

Customer Experience Portal

React 18 + TS frontend with Redux Toolkit and Cypress tests; backend Spring Boot REST with OAuth2. Done TDD/BDD style (JUnit5/Mockito/Pact). CI enforced SonarQube, Fortify, Black Duck, and Jira-driven Scrum.

React 18 + TS Spring Boot OAuth2/OIDC Cypress / Pact

DevSecOps Monorepo Pipeline

Jenkins declarative pipeline for multi-service Java repo with automated SBOM, CVE gating, Fortify SAST, Black Duck license scan, signed artifacts, ephemeral preview envs, and blue/green rollback.

Jenkins / GitHub Actions SonarQube / Fortify / Black Duck Docker / Helm / K8s

minisqlpp-compiler

Compact SQL-subset compiler with LL(1) parser, AST, symbol table, semantic checks, and an IR that can eval on CSV or emit vendor SQL (Oracle/SQLite). Includes optimizer (projection/selection pushdown, constant folding) and EXPLAIN-style pretty printer.

C++ / Parsing / AST LL(1) / Semantic Checks Query Optimization

Payments & Risk Microservices

• Real-Time Payment Authorization (Spring Boot, Kafka, Oracle): idempotent auth/capture/void, Saga orchestration, OAuth2/mTLS, OpenAPI, p95 < 50ms.
• Card Tokenization & Vault: format-preserving tokenization with Vault Transit / SoftHSM, RBAC detokenization, KMS key rotation, PCI-aware audit.
• 3-D Secure 2.2 Emulator & SDK: Spring Boot ACS-like emulator (AReq/ARes, CReq/CRes) with signed JWT, Redis state, WireMock-tested merchant SDK.
• Streaming Fraud Signals Pipeline: Kafka → Flink → Spring Boot scoring + Redis cache, exactly-once, OpenTelemetry traces, Grafana SLOs.

Spring Boot 3 Kafka / Flink Redis OAuth2 / mTLS / PCI

Real-Time Dispatch • Search • Dynamic Pricing

• Order & Delivery Assignment Service: Spring Boot + Kafka + Redis + DynamoDB, rider assignment at >50k events/min, p95 < 70ms.
• Instant Search & Recommendation Engine: Go microservice, gRPC, Elasticsearch+Redis hybrid index, SQS eventing, +18% CTR and -10% latency in A/B sims.
• Dynamic Pricing & Surge Forecasting: Spring Boot + Kafka + AWS Lambda + Redis surge cache, DynamoDB rule store, circuit breakers, OpenTelemetry/ELK for alerts.

Java / Go Kafka / SQS Redis / DynamoDB Elasticsearch / OpenSearch

AI / RAG / Intelligent Automation

Agentic Document QA & Automation

End-to-end RAG pipeline with semantic+layout chunking, hybrid retrieval (BM25 in OpenSearch + dense in Qdrant), bge reranker, tool-using agent (table extraction, OCR fallback), and FastAPI+vLLM serving. Responses are Pydantic-validated JSON. Includes RAG eval (RAGAS/TruLens), OpenTelemetry tracing, and Grafana dashboards.

FastAPI Qdrant / OpenSearch LLM Agents RAGAS / TruLens

Contract / Invoice Extraction

Fine-tuned Donut & LayoutLMv3 to pull key fields from scanned contracts/invoices. Added post-processing with regex + Pydantic validators and an LLM repair step for bad edge cases, then export as clean structured JSON/CSV.

Donut LayoutLMv3 Pydantic OCR / PDF parsing

RAG Observability & Safety Toolkit

Reusable eval harness with RAGAS, golden-set sampling, toxicity/PII guardrails, schema validation, drift monitoring, and OpenTelemetry traces into Grafana dashboards.

OpenTelemetry Prometheus / Grafana Safety / Guardrails

Multilingual KB Assistant (Indic + English)

Retrieval-augmented assistant for English + Indic FAQs using IndicTrans2 normalization and multilingual embeddings. Runs on FastAPI with Qdrant + Redis cache and BM25 fallback so it still answers when embeddings miss.

FastAPI Qdrant / Redis IndicTrans2 Sentence Transformers

Experience & Education

Real teams. Real deployments. Real users.

Project Intern — Sony SSUP

India

Dec 2024 – Sep 2025

• Built Spresense/ESP32 edge CPS node for smart polyhouse drying: FreeRTOS pipeline, MQTT/FTP uplink, watchdog recovery.
• Wrote Java Spring Boot ingest API with JWT auth, rate limiting, PostgreSQL, Docker/K8s deploy, CI/CD, SonarQube gates.
• Shipped observability (Prometheus, OpenTelemetry, Grafana) so field deployments are debuggable instead of guesswork.
• Worked cross-team (hardware, data, platform), sprint-based delivery.

Freelance Infra / Full-Stack

vishnupumps.com

2025

Delivered production site + lead capture backend. Set up Linux hosting (Nginx, SSL/TLS), DNS, uptime tuning, and simple admin portal for real industrial clients.

B.Tech CSE

Amrita Vishwa Vidyapeetham, Coimbatore

Sep 2022 – Jun 2026

B.Tech in Computer Science and Engineering. AEEE AIR 369. Coursework: Distributed Systems, Networks, OS, DBMS, Algorithms/Data Structures, Embedded Systems, AI/ML. Workshops: IIT Madras (AI/ML, IoT on Raspberry Pi). AWS Academy Graduate: Cloud Foundations & Data Engineering.

GitHub Activity

I ship constantly. Contributions, experiments, infra work — it’s all visible.

HarshaGuntreddi

@HarshaGuntreddi ↗

public commits • firmware • backend • infra • AI/RAG

Consistent activity matters more than buzzwords. I care about long-term maintainability, not one-off hacks.

Hire Me

I'm open for Embedded / Robotics Safety (CPS), Backend/Platform, Infra/DevSecOps, and Applied AI/RAG. If you have something serious and you want it shipped, reach out:

Email me Call / WhatsApp LinkedIn Resume (PDF)

harshavguntreddi@gmail.com

Phone

+91 7386117763

Location

India — Available onsite in BLR / HYD / CHN

I build systems that survive reality. Hardware that doesn’t fail, and backend/services that don’t fall over.