Dipanjan Haldar
Principal Cloud Engineer at Fidelity Investments
Boston, Massachusetts, United States
Actions
Experienced software lead engineer with a demonstrated history of working in the information technology and services industry. Skilled in full-stack software development using Java, SpringBoot, Apache Kafka and React. Experienced in containerizing micro-services using Docker and deploying on public cloud(AWS/OracleCloud) using Kubernetes and Helm charts. Experienced in leading and building software engineering team.
Area of Expertise
Topics
Enhancing Code Review Processes for Security, Efficiency, and Effectiveness
We have revolutionized our code review process to ensure it is secure, efficient, and effective. By integrating automated security scans with high code coverage on new code, leveraging real-time updates and AI-powered suggestions, and enforcing rigorous CI/CD pipeline checks that prevent merging if tests fail, we have significantly improved our workflow. Additional measures such as automated code formatting, peer review rotation, and pre-merge testing environments further enhance our process. This presentation will showcase our comprehensive approach, demonstrating how these practices can be applied to optimize code quality and developer productivity.
Automating DevOps Governance with a Unified Pipeline Platform
In large-scale organisations, ensuring compliance with Software Delivery Life Cycle (SDLC) standards while maintaining engineering efficiency is a critical challenge. A Unified Pipeline Platform addresses this by automating the detection and measurement of SDLC control standards, reducing the operational burden on engineering teams and fostering a culture of compliance and innovation.
This platform introduces a suite of tools, including centrally managed pipeline templates and reusable libraries, to standardise and streamline CI/CD workflows. Pipeline templates enforce consistency across executions, while reusable libraries leverage prebuilt buildpacks and modular functions to enable flexibility and scalability. Additionally, modularisation workflows allow teams to adapt to diverse business unit requirements, ensuring both enterprise-wide consistency and localised customisation. Key benefits include automated compliance, modular workflows, centralised scalability, and improved engineering efficiency.
This session will demonstrate how a Unified Pipeline Platform empowers engineering teams to deliver faster, safer, and more compliant software by combining automation, modularity, and governance. Attendees will gain actionable insights and visualisation into the principles and practices that drive scalable and compliant CI/CD implementations. We will explore the future of DevOps governance and unlock strategies to streamline delivery without compromising on control.
Paving Golden Paths: Building a Frictionless Developer Experience on Kubernetes
Kubernetes enables powerful infrastructure capabilities—but for developers, it often feels like an obstacle course. In large organizations, where teams span multiple tech stacks, environments, and compliance needs, delivering a great developer experience becomes both more critical and more complex.
Platform Engineering offers a path forward by creating Internal Developer Platforms (IDPs) that balance abstraction and control. By designing reusable “golden paths”—secure, opinionated workflows tailored to organizational standards—teams can reduce onboarding time, eliminate toil, and enable faster, safer shipping at scale.
This session explores what can be done to design and implement such platforms:
Key elements of a great developer experience on Kubernetes
Building golden paths with tools like Backstage, ArgoCD, and GitOps workflows
Enabling self-service provisioning while maintaining security, policy, and auditability
Supporting diverse teams across multiple environments and business units
Lessons learned from platform teams across industries on driving adoption and iteration
If you're building or evolving a Kubernetes platform for a growing organization, this talk will provide a practical guide to improving developer experience—without compromising on scalability, governance, or velocity.
Beyond OAuth: Fortifying Kubernetes Workflows with PKCE
OAuth 2.0 is everywhere in cloud-native environments—from securing APIs to enabling developer tools—but it wasn’t designed with Kubernetes in mind. And when used without key security enhancements like PKCE (Proof Key for Code Exchange), it leaves your clusters and users exposed to token interception and impersonation risks.
In this session, we’ll go beyond basic OAuth to explore how PKCE can be used to lock down authentication flows in Kubernetes-centric systems. You’ll learn how PKCE helps protect against man-in-the-middle attacks, how it fits into common cloud-native architectures, and where most teams go wrong when implementing it.
If you’re building secure platforms on Kubernetes or looking to tighten your auth flows, this talk will give you the patterns and tools you need to move beyond OAuth—and do it right.
Fortify Your Web Apps: Unlocking Secure Authentication with PKCE
n today's cloud and SaaS landscape, implementing secure authentication for web applications and APIs is paramount. This session presents a modern approach leveraging Azure Active Directory (Azure AD) and the Proof Key for Code Exchange (PKCE) extension to the OAuth 2.0 standard.
Attendees will learn about a "zero trust" authentication flow that explicitly verifies user identity per session, adhering to principles like least privilege access for enhanced security. The session will cover implementing the authorization code flow with PKCE for secure token acquisition, optimized with token caching and refreshing mechanisms.
By the end, attendees will gain insights into building a seamless, secure authentication experience for their web applications, leveraging Azure's modern cloud identity platform and promoting trust in the digital landscape.
Fortify Your Web Apps: Unlocking Secure Authentication with PKCE
In today’s digital landscape, securing web applications is more critical than ever. As cyber threats evolve, so must our strategies to protect sensitive data and ensure user privacy. This session, “Fortify Your Web Apps: Unlocking Secure Authentication with PKCE,” delves into the intricacies of implementing Proof Key for Code Exchange (PKCE) to enhance the security of modern web applications. Attendees will gain a deep understanding of PKCE and its role in securing OAuth 2.0 authorization flows, learning how to mitigate common vulnerabilities such as authorization code interception. By the end of this session, attendees will be empowered with the knowledge and skills to implement PKCE effectively, fortifying their web applications against potential security breaches and enhancing their overall security posture. Whether you are a seasoned developer or new to web app security, this session offers valuable insights and practical guidance to navigate the complexities of modern web app security.
Achieving Architectural Scalability: Advanced Techniques for Crafting Resilient Future-Ready Systems
How can your systems stay ahead in a world where technological demands and user expectations are constantly evolving? Mastering architectural scalability is crucial for maintaining a competitive advantage and ensuring long-term system resilience. Architectural scalability is not merely about accommodating increased traffic or user loads; it involves creating systems that remain robust, performant, and adaptable over time.
This presentation will explore advanced techniques and best practices essential for achieving this goal, focusing on how to design and implement scalable systems that are both resilient and future-ready. Participants will gain a comprehensive understanding of sophisticated strategies for designing systems that can grow seamlessly while adapting to emerging challenges and opportunities. By attending this presentation, you will learn how to build scalable, resilient, and future-ready systems. Equipped with these insights, you will be better prepared to tackle the complexities of modern system design and drive your organization toward scalable success. Join us to unlock the secrets of building systems that stand the test of time.
Unlocking Full Visibility: Supercharge Your Observability with Open Telemetry
In the dynamic world of modern software development, achieving comprehensive observability is crucial for maintaining robust, high-performing systems. Join Fidelity Investments to explore how Open Telemetry is revolutionizing the way we monitor and understand our applications. We'll delve into the core components of Open Telemetry, including tracing, metrics, and logging, and demonstrate how it integrates seamlessly with existing platforms and technologies. Discover the benefits of adopting a unified standard for observability data collection and learn practical steps to implement Open Telemetry in your own projects. Through real-world examples and success stories, you'll see how Open Telemetry can enhance your ability to troubleshoot and optimize your systems. Stay ahead of the curve with insights into the future of observability and the evolving role of Open Telemetry in the industry.
Engineering Resilient Software with Clean Architecture
In today's fast-paced digital world, software must be agile, adaptable, and resilient. As applications grow in complexity, architects and developers face the challenge of designing systems that can withstand the test of time. Clean Architecture has emerged as a compelling solution, offering a structured methodology to craft maintainable and adaptable software solutions. Join Fidelity Investments for a look at the core principles and benefits of Clean Architecture such as separation of concerns, dependency inversion, and prioritizing use cases over implementation details. Through real-world examples and case studies, attendees will learn how to apply these principles to build efficient, testable, and modular systems that can seamlessly integrate new technologies and embrace change.
Unleashing Helm for Cloud Native Deployments : A Contemporary Approach to Streamlined Orchestration
As software organizations enthusiastically adopts containerization and orchestration through Kubernetes, the complexity of managing deployments, scaling applications, and ensuring consistency across multiple environments emerged as a significant challenge. In response to this complexity, developers can successfully implement Helm charts as an indispensable tool that automates the creation, packaging, configuration, and deployment of Kubernetes applications by combining the configuration files into a single reusable package. By embracing Helm, engineering organizations have witnessed substantial reduction in the time to market seamlessly facilitating build and deployment phases. Furthermore, incorporating Helm templates within the microservices architecture can be easily leveraged in CICD pipelines.
Crafting Robust Cloud-Native Software with Clean Architecture
In today's fast-paced digital world, software must be agile, adaptable, and resilient. As applications grow in complexity, architects and developers face the challenge of designing systems that can withstand the test of time. Clean Architecture has emerged as a compelling solution, offering a structured methodology to craft maintainable and adaptable software solutions.This presentation dives into the core principles and benefits of Clean Architecture. Through real-world examples and case studies, attendees will learn how to apply these principles to build efficient, testable, and modular cloud native systems that can seamlessly integrate new technologies and embrace change. Additionally, techniques for fostering collaboration between cross-functional teams and promoting a shared understanding of the system's architecture will be explored.
Streamlining Kubernetes Deployments with Helm Charts
As Fidelity Investments enthusiastically adopts containerization and orchestration through Kubernetes, the complexity of managing deployments, scaling applications, and ensuring consistency across multiple environments emerged as a significant challenge. In response to this complexity, we have successfully implemented Helm charts as an indispensable tool that automates the creation, packaging, configuration, and deployment of Kubernetes applications by combining the configuration files into a single reusable package.
This strategic move has proven to be a transformative lesson in our deployment processes. By embracing Helm, we have witnessed substantial reduction in the time to market seamlessly facilitating build and deployment phases. Furthermore, we have identified the importance of incorporating Helm templates within the micro-services architecture, which can be easily leveraged in CICD pipelines.
In this session, we will cover how Fidelity leverages Helm charts and has taken a strategic approach to not only enhance efficiency but also establish best practices for maintaining a robust and automated deployment ecosystem.
Navigating the Shift: Key Considerations in Monolithic to Cloud-Native Migration and Refactoring
Embarking on a transformative journey from monolithic to cloud-native architecture is a monumental shift, unlocking the potential of scalability, resiliency, and agility. In this pursuit of evolution, Fidelity Investments has encountered and triumphed over numerous challenges. Guided by industry best practices in clean architecture, dependency injection principles, and various design patterns, we navigated through the complexities inherent in such a significant paradigm shift. The pivotal success factor lay in meticulously planning our migration strategy, involving the systematic breakdown of monolithic stacks into smaller, service-specific components. Our achievement was grounded in well-defined migration strategies, iterative approaches, and a steadfast commitment to industry best practices, particularly clean architecture principles.
In this session, we aim to share insights into our organization’s cloud-first approach and strategic steps taken during the monolithic to cloud-native migration. By delving into key considerations, challenges overcome and role of clean architecture, this presentation will delve into the nuances that can elevate success of similar endeavors.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top