Tom Lindley, Web Application Developer in Watford, United Kingdom
Tom Lindley

Web Application Developer in Watford, United Kingdom

Member since July 16, 2019
Tom has been a developer since he was 13—a hobby turned career. A lifelong ambition for "cool" software and the skills to deliver it mark Tom out as a leader in his field. He specializes in web application security and application architecture. He strives to build solid, well-thought-out software using PHP/Laravel, VueJS, Docker and is an experienced developer and CTO with a strong business understanding, which complements his technical skills.
Tom is now available for hire



  • HTML 13 years
  • PHP 13 years
  • Web Application Architecture 10 years
  • Web App Security 7 years
  • Docker 4 years
  • Laravel 5 4 years
  • Vue 2 3 years


Watford, United Kingdom



Preferred Environment

NetBeans, PhpStorm, Docker, Debian, Ubuntu, Git

The most amazing...

...thing I've made is a platform that powers an entire pen-testing vendor from booking, estimate through to reporting, data importing, and PDF generation.


  • Chief Technology Officer

    2017 - PRESENT
    OnSecurity, LLP
    • Led the development of a customer and internal facing portal application in PHP/Laravel, Bash, Node.js, and Vue.js.
    • Managed the production environment using AWS, ELB, EC2, S3, ELK stack, and Docker orchestration using Rancher.
    • Planned and managed technical expansion of the business.
    • Managed the development team and personal development of team members.
    • Led the architecture of a large enterprise portal application in Laravel and Vue.js.
    • Provided technical support for external and internal users.
    • Developed and maintained backups and monitoring solutions written in PHP and Node.js.
    Technologies: Amazon Web Services (AWS), PostgreSQL, AWS, Docker, HTML5, Vue, Node.js, JavaScript, Laravel, PHP
  • Web Developer

    2015 - 2017
    Digital Marmalade, Ltd.
    • Led the architecture and development of an internal CMS system used as a base for all client engagements.
    • Developed fully bespoke web applications in PHP, Laravel, and Vue.js for a variety of clients.
    • Provided estimates and quotes for existing and new businesses.
    • Deployed and maintained web applications in a variety of server environments for clients.
    • Led the migration of the company from an old base CMS to new bespoke CMS, and trained developers.
    Technologies: Vue, jQuery, JavaScript, Laravel, PHP
  • Lead Web Developer

    2013 - 2015
    Portcullis Computer Security, Ltd.
    • Led the development of two large internal applications written in PHP, JavaScript, Perl, and Bash.
    • Led a project to migrate the CRM to a new platform and integrated it with existing internal systems.
    • Managed and expanded a team of developers working on multiple simultaneous projects.
    • Provided support for sales, pen-testing, and operations teams of 100 people across multiple internal applications.
    • Deployed application updates and maintained production systems across three internal networks.
    • Led the development of a new internal application written in PHP and JavaScript for proposal generation, scheduling, and internal workflow.
    Technologies: Bash, Perl, HTML, jQuery, JavaScript, PHP
  • Web Developer

    2012 - 2013
    Portcullis Computer Security, Ltd.
    • Developed internal applications for proposal generation, consultant scheduling, and internal workflow management in PHP, HTML, and JavaScript.
    • Analyzed many departments to ensure that internal application development met business requirements.
    • Built complex web applications for a security company using PHP and JavaScript/jQuery with Perl import scripts.
    • Designed and architected new features of a variety of web applications including internal workflow management, scheduling of 80 consultants, and CRM integration.
    Technologies: HTML, PHP, jQuery, JavaScript


  • OnSecurity Portal

    A PHP Laravel and Vue.js based web application sold as a SaaS and powering the business from prospective clients all the way through to delivery and beyond.

    The enterprise grade web application is used for:

    • Booking/scheduling penetration tests
    • Providing automated and manual estimates
    • Generating customisable Proposal and Report PDFs
    • Reporting security vulnerabilities with asset association, screenshots/videos, external references
    • A high-level overview of a companies security posture
    • API integration with Jira and Stripe
    • Externally available API
    • Booking/scheduling retests and reviews
    • Peer review process
    • Security finding template management

  • TeamHuddl

    A startup mobile application for football score predictions in a team.

    The back-end API used data from Betfair, William Hill, and Sportmonks to generate real-time odds and recommended bets based on team predictions.

    The PHP Laravel-based API powered the mobile application and was deployed into DigitalOcean and AWS.

    A wallet within the application took funds from SMS messages, PayPal payments and mass payouts using Pay360.

    The API handled requests for login, registration, wallet top-ups, wallet extraction, avatars, predictions, real-time scores, historic performance, teams, team join/leave, and recommended bets.

    Sadly, the application did not make it beyond the testing phase due to lack of funding.

  • LinkedIn Scraper

    Named Subtle Scraper, this node-based tool imitated a human user and scraped information from LinkedIn for business development purposes.

    Written using Node.js and headless Chrome in response to the ban of automated tools on LinkedIn, the tool would mis-click, have extended pauses, and vary the order of certain activities to scrape user data from the social network.

  • Marble

    A long-term financial planning web application written in Laravel PHP and React.

    Utilizing Neo4j graph database and PostgreSQL to provide insights into spending using data from Open Banking and Bank/Credit Card excel exports, the app implemented complex actuarial functions to provide financial estimates and plans for long-term saving and investment.

  • Docker To Elasticsearch

    A Node.js application to stream PostgreSQL audit data into an Elasticsearch cluster.

    Created to allow trigger based PostgreSQL audit to be streamed out of the database without losing data in the event of a restart/crash of either Elasticsearch or PostgreSQL, it uses an in-memory cache and asynchronous database triggers.

  • EC2 Scheduler

    A bash-based microservice to allow EC2 instances to be stopped and started using a schedule defined in environment variables, built to save AWS costs for non-essential services that could be turned off during weekends and evenings to save costs.

  • You Only Code Once

    A brochure-ware website written in JavaScript and PHP to promote my own company. I designed it to use service-workers and HTTP 2.0 as a proof of concept allowing offline usage and lightning-fast load times, utilizing preloading and cache-first service workers.


  • Languages

    PHP, PHP 7, PHP 5, HTML, HTML5, CSS2, CSS, JavaScript, Perl, Sass, Bash, Bash Script, XML, XSLT, XSL-FO, ECMAScript (ES6), SCSS, Less
  • Frameworks

    Laravel, Laravel 5, Laravel Mix, Bootstrap, Swagger, Bootstrap 3, PHPUnit, Lumen
  • Libraries/APIs

    Vue 2, Vuex, Slack API, Moment.js, Vue, Node.js, PayPal API, jQuery, JSON API, Stripe API, Google Maps, Google Maps API, Google Maps JavaScript API 3, Cesium.js, Lodash, React
  • Paradigms

    Web Application Architecture, REST, Database Design, Web UX Design, Web App Design, Scrum, Agile, Asynchronous Programming, Test-driven Development (TDD)
  • Other

    Web Applications, Web App Security, Vue-router, Axios, SSL Certificates, HTTP, APIs, Web App UX, Web App UI, Web App Deployment, HTTP REST, Server-side PDF Generation, AWS, Endpoint Security, Scrum Master, SSL Configurations, TCP/IP, FTP, HTTPS, Authentication, API Design, PHPDoc, Service Workers, Cookies, User Permissions, Servers, HTTP Server, Ajax, ES6 Promises, Session Handling
  • Tools

    Apache, Slack, PhpStorm, CVS, Webpack, AWS ELB, Amazon EBS, AWS CLI, Docker Compose, Nessus, cURL Command Line Tool, Kibana, Logstash, Git, GitHub, GitLab, Bitbucket, Google Docs, Google Sheets
  • Platforms

    Rancher, Google Chrome, Docker, Ubuntu, NetBeans, LAMP, Debian, Firefox, Ubuntu Linux, Windows, Apache2, Burp Suite, Linux, Amazon Web Services (AWS)
  • Storage

    Databases, Database Triggers, PostgreSQL, MySQL, Amazon S3 (AWS S3), Elasticsearch, SQLite, Neo4j, JSON, XML Parsing, Linux File Systems, LAMP Server, Google Cloud
  • Industry Expertise

    IT Security, Security


  • Certified Scrum Master
    Scrum Alliance

To view more profiles

Join Toptal
Share it with others