View As PDF
https://cv.oliver.fish
I am a product-orientated full-stack software developer. My go-to tech stack is Go and Postgres for the backend and React and Typescript for the frontend. However, I consider myself a polyglot as I am willing to use and learn the best language for the job at hand. Additionally, I have a keen interest in cybersecurity, and I also participate in bug bounty programs where I have found numerous critical vulnerabilities in popular products.
Bookmark Llama is a micro saas product that allows teams to share bookmark folders natively in the browser. The backend is Go, and the frontend is Typescript and React. The product is already actively used by large companies and is helping teams communicate better around the resources they use.
Dropbar was a product that allowed users to create data-driven promotions without writing code. The product allowed e-commerce platforms to pass data on Customers, Shopping Carts and SKUs and then use our custom visual programming language to create unique promotions around them. The backend API and DSL that powered the visual programming language is Go, and the frontend is React and Typescript.
The Talon.One API is very sensitive to latency, and we would often get very bursty traffic patterns. Since the product integrates directly into e-commerce order flow, it must respond to requests as fast as possible and handle traffic spikes, as downtime leads to a loss of e-commerce sales. When scaling the product, our most significant limitation was our legacy database communication layer. I redesigned this layer to reduce database transaction times and improve database access patterns. Because of this work, API throughput was doubled without any increase in server load.
The existing Loyalty engine was not fit for production; as a result. I redesigned it from scratch to be flexible and scalable. The system was a success, and because of forwarding thinking database design, we were able to make use of clever indexes on the Postgres side to prevent slow-down regardless of how large the loyalty point ledger grew. This system powers loyalty for large companies such as National Express & Ticketmaster.
As the company began to acquire more enterprise customers, we needed a permissions system that allowed for very granular permissions. I built this system based on my experience dealing with enterprise products in previous roles and was able to design and complete a zero-downtime migration to it. Additionally, to this, the new permission system significantly security-hardened our product.
Participating in open bug bounties, I found and disclosed multiple instances of the following bugs; XSS, SSRF, AWS infrastructure takeovers, AWS secret leaks, exploiting misconfigured AWS buckets, CSRF, and Clickjacking.