Dan Q
- Address
- The Green, Eynsham Road, Sutton, Witney, OX29 5RZ, United Kingdom
- Phone
- +44 7795 100046
- cv@danq.me
- PGP/GPG
- B00A 55DA C3F5 9B51 7CA3 F64F 6342 1D24 3218 A6AC
In a Nutshell
A full-stack developer who loves to engineer for security, performance, and accessibility. I'm known for innovative solutions, services that scale, and focusing on the needs of humans.
With 25+ years of web application development experience (plus a few adjacent disciplines) and a dedication to lifelong learning, I'm proud to bring level of understanding both deep and broad. I've worked in diverse sectors and technologies, providing me with the tools to bring a holistic outlook that transcends any particular stack.
Outside of my work I'm a keen volunteer with a variety of different roles. I'm a regular speaker on my local conference circuit, sharing my love of the open Web. I blog - often about technology - perform magic, and play GPS-based sports. I'm slowly teaching myself the piano.
Experience
-
Automattic Inc.
Senior Software Engineer (WooCommerce)
—
- Acted as security czar: triaging, assessing, and reporting on incidents.
- Led performance-enhancement drives, with focus on cacheability, SSR, progressive enhancement, and SQL optimisation.
- Championed DevEx; produced tools to facilitate onboarding, reliability, and responsive CI/CD.
- Adopted and enhanced third-party standards enforcement toolchain, utilising sandboxed static and dynamic analysis and automated testing.
- Provided workshops on security, accessibility, and performance.
- Undertook critical role in pioneering project providing AI-enhanced features for technical support staff.
- Key skills: WordPress, WooCommerce, PHP, JavaScript, TypeScript, React, CSS, Webpack, multivariate ("A/B") testing, event tracking/funnel management, containerisation, performance.
-
Bodleian Libraries, University of Oxford
Web & CMS Developer / Digital Manager
—
- Led multi-departmental consultation and analysis and the resulting major redevelopment of 40+ public-facing websites.
- Implemented sophisticated reverse proxy "strangler fig pattern" spanning entire Web portfolio of University of Oxford libraries.
- Innovated interactive digital signage solutions, released as FOSS to support Oxford museums and dozens of cultural institutions worldwide.
- Pioneered new platforms supporting research publication, blogging, podcasting, and monetisation of Oxford tourism.
- Designed and delivered training programmes on a variety of topics, and delivered regular lectures on information security.
- Routinely managed staff comprising both technical and non-technical roles.
- Key skills: Squiz, Drupal, WordPress, PHP, Ruby, JavaScript, CSS, JSON, LAPP stacks, Electron, GoLang, websockets, team management, procurement.
-
Freelance
Web Applications Consultant
—
- Specified and delivered software tools to a variety of clients with differing sizes, budgets, and requirements.
- Provided security training, consultancy, and analysis services.
- Performed original security research and "ethical hacking" services, identifying critical issues and reporting them responsibly.
- Maintaining self-discipline and time management and a focus on efficiency and client needs.
- Key skills: HTML, CSS, Ruby, JavaScript, Perl, web APIs, Drupal, pentesting/fuzzing toolkits, data scraping.
-
Three Rings CIC
Founder / Technical Director
—
- Founded nonprofit providing secure, flexible volunteer management SaaS supporting ~22,000 hours of volunteer activity every day.
- Managed, trained, and supported a distributed team of volunteer developers.
- Implemented server architectures designed to scale sublinearly, maximising value to charities.
- Served on the board, ensuring best legal practice and strategic direction.
- Key skills: Ruby, Rails, accessibility, responsive design, Service Workers, Coffeescript/JavaScript, hardened configuration, SASS/CSS, LANR stacks.
-
SmartData UK Ltd.
Software Engineer
—
-
Community Transport Association
Database Administrator
—
Education
-
MSc Information Security and Forensics (Hons)
The Open University
—
-
Certificate in Ethical Hacking
EC-Council
—
-
FdA Counselling & Psychotherapy
Aylesbury College & The Open University
—
-
BEng Computer Science with Software Engineering (Hons)
Aberystwyth University
—
Portfolio
I have been an active contributor to the open-source community and research into the evolution of the Web, some of which can be explored via my GitHub profile, my blog, and (for a more-eccentric overview) my "things" page. Projects include:
- FreeDeedPoll.org.uk, which has helped thousands of British citizens to change their names for free and without the need for a solicitor.
- The de-facto standard Ruby implementation of the MOTP authentication mechanism.
- The first public demonstration of what would later be known as HTTP 301 'Evercookies'.
- Original security research and training resources covering topics such as EV SSL spoofing, mobile HTTPS interception, and ethical disclosure. Also, probably the Internet's easiest-to-follow introduction to the fundamentals of SHA1 length extension attacks.
- A Wordle-like game in which players try to guess the daily D&D monster by its stats.
- Pre-filtered RSS feeds of BBC News sources, initially generated to allow me to skip the sports news but now enjoying widespread appeal.
- CapsulePress, a gateway to allow WordPress/ClassicPress sites to publish via the Gemini, Spartan and Gopher protocols.
- Twee2, a command-line compiler for the Twine interactive fiction engine.
- The original implementation of OpenID for WordPress.
- Various projects relating to museum interactive exhibitions both on- and off-premises, and creative applications of digital signage.
- Projects suitable for teaching probability theory (and lottery statistics), OTP cryptography, CSS steganography, screen scraping, reverse-engineering Flash for reimplementation in JS, websockets, mathematics, and decentralised and progressive web applications, among others.