cv.tex

\documentclass[a4paper,10pt]{article}

%A Few Useful Packages
\usepackage{marvosym}
\usepackage{fontspec} 					%for loading fonts
\usepackage{xunicode,xltxtra,url,parskip} 	%other packages for formatting
\RequirePackage{color,graphicx}
\usepackage[usenames,dvipsnames]{xcolor}
\usepackage[big]{layaureo} 				%better formatting of the A4 page
% an alternative to Layaureo can be ** \usepackage{fullpage} **
\usepackage{supertabular} 				%for Grades
\usepackage{titlesec}					%custom \section
\usepackage{xelatexemoji}
\usepackage{tabulary}

\usepackage{subfiles}
\graphicspath{{images/}{../images/}}

%Setup hyperref package, and colours for links
\usepackage{hyperref}
\definecolor{linkcolour}{rgb}{0,0.2,0.6}
\hypersetup{colorlinks,breaklinks,urlcolor=linkcolour, linkcolor=linkcolour}

%FONTS
\defaultfontfeatures{Mapping=tex-text}
%\setmainfont[SmallCapsFont = Fontin SmallCaps]{Fontin}
%%% modified for Karol Kozioł for ShareLaTeX use
\setmainfont[
SmallCapsFont = Fontin-SmallCaps.otf,
BoldFont = Fontin-Bold.otf,
ItalicFont = Fontin-Italic.otf
]
{Fontin.otf}
%%%

\renewcommand\thesection{}
\renewcommand\thesubsection{}

%CV Sections inspired by: 
%http://stefano.italians.nl/archives/26
\titleformat{\section}{\Large\scshape\raggedright}{}{0em}{}[\titlerule]
\titlespacing{\section}{0pt}{3pt}{3pt}
%Tweak a bit the top margin
%\addtolength{\voffset}{-1.3cm}

%Italian hyphenation for the word: ''corporations''
\hyphenation{im-pre-se}

%-------------WATERMARK TEST [**not part of a CV**]---------------
\usepackage[absolute]{textpos}

\setlength{\TPHorizModule}{30mm}
\setlength{\TPVertModule}{\TPHorizModule}
\textblockorigin{2mm}{0.65\paperheight}
\setlength{\parindent}{0pt}

%--------------------BEGIN DOCUMENT----------------------
\begin{document}

\pagestyle{empty} % non-numbered pages

\font\fb=''[cmr10]'' %for use with \LaTeX command

%--------------------TITLE-------------
\par{\centering
		{\Huge Joakim \textsc{Uddholm}
	}\par}

%--------------------SECTIONS-----------------------------------
\section{Personal Data}

\begin{tabular}{rl}    
    \textsc{website:}   & \href{https://joakim.uddholm.com}{https://joakim.uddholm.com}\\    
    \textsc{linkedin:}   & \href{https://www.linkedin.com/in/joakim-hjalmarsson-uddholm-52718b60/}{https://www.linkedin.com/in/joakim-hjalmarsson-uddholm-52718b60/}\\
    \textsc{github:}   & \href{https://github.com/Tethik}{https://github.com/Tethik}\\        
\end{tabular}

% \section{Summary} % Old summary
% I am a not-so-recently graduated Master in Computer Science who studied at the Royal Institute of Technology in Stockholm, Sweden. 
% My focus was on computer security. Since the age of 17, I've also worked part time as a professional 
% programmer. Mostly I've worked a lot with web development, but I've also dabbled with scraping and some mobile app development. 
% The past few years I've also focused on security. I've performed some minor penetration tests, as well as 
% contributed by finding and disclosing security vulnerabilities to different companies.

% I am confident in my ability as a software engineer, backed by a combination of theoretical and practical experience 
% from having studied and worked at the same time. My keen interest in the subject will ensure that I always keep learning.


\section{Work Experience}
\begin{tabular}{r|p{11cm}}

 \emph{Current} & Senior Security Engineer - Secure Development at \textsc{Klarna Bank AB}\\
 \textsc{August 2020} & \emph{Fintech Unicorn}\\
 &\footnotesize{
    Competence Lead for Secure Development Team. 
    Lead engineer for Klarna's in-house, \href{https://github.com/klarna-incubator/gram}{open source Threat Modeling tool}, process and trainings.  
    Developed custom service and process for monitoring security critical LDAP groups on behalf of SOC.
    Performed security assessments adhoc and as part of due diligence for acquisitions. 
    Proactively looked for and reported vulnerabilities. Helped out with Red Team activities and Security Incidents.
    Captained a CTF team. Go community lead. 



    Technology bingo: Threat Modeling, semgrep (SAST), snyk (SCA), NodeJS, Go, React, Terraform, AWS, Docker
 }\\ \multicolumn{2}{c}{} \\
    
  \textsc{May 2019 - May 2020} & Security Engineer - Infrastructure at \textsc{N26 GmbH}\\
 &\emph{Bank startup}\\
 &\footnotesize{     
 As part of the infrastructure security team my task was to build security tooling to help defend the organization. 
 
 Implemented a Cloud Auditing tool.
 Worked on implementing a Vulnerability Management Process and implemented different automated scanners.
 Audited existing infrastructure and code for vulnerabilities. Wrote remediation plans to help developers fix found vulnerabilities.
 Worked with and helped build parts of the SIEM system.
 Improved the existing processes and documentation around PKI. Helped teams securely generate and store new TLS/SSL keypairs.
 }\\ \multicolumn{2}{c}{} \\

 \textsc{July 2017 - May 2019} & Software Engineer at \textsc{Wellnow GmbH}\\ 
 &\emph{Berlin based startup}\\
 &\footnotesize{
 Tasked with maintaining and developing new features for the Wellnow platform as the company rapidly grows. 
 Polyglot development in a modern microservice infrastructure. 

 As a full stack developer in a small team I got to interact with most parts of the system and infrastructure. I handled most of the backend APIs
 and server infrastructure of the company.
 
 Specific projects: geospatial querying using postgis, Microservice Orchestration and CI/CD rewrite using Hashicorp products, 
 cache for fast availability querying, deployment service, application and infrastructure logging via ELK stack, complete onboarding and offboarding
 from a legacy system to a new.
 
 Technology bingo: Docker, Consul, Nomad, Terraform, Packer, Vault, AWS, Serverless, Typescript, Expo, GraphQL, MySQL, 
 Redis, React, NodeJS, Python, Golang, Scala, Rust, Elasticsearch.}\\ \multicolumn{2}{c}{} \\



 \textsc{Jan 2015 - July 2017} & Self-Employed at \textsc{Blacknode} \\
 &\emph{Programming and Penetration Testing}\\
 &\footnotesize{I performed penetration testing focused on Network-, Application-, and Web Security, as well as took
 on more specialized programming projects. I reverse engineered an Android application and assessed store-networks
 for vulnerabilities for a major retail company (100+ stores). I built and ran multiple web-scrapers with infrastructure 
 for a major Scandinavian retail chain to gather information about competitors' products and prices.}\\\multicolumn{2}{c}{} \\
 
\end{tabular}
\begin{tabular}{r|p{11cm}}

 \textsc{May-Oct 2015} & Part-time Security Consultant and Programmer at \textsc{Bambora}\\
 &\emph{Mobile Payment Company}\\&\footnotesize{Short term hire after finding vulnerabilities in the 
 mobile payment platform delivered by Bambora. Performed penetration tests and prototyped new 
 features to improve security at the mobile division of Bambora. Added encryption for locally stored 
 user credentials to better secure the user data stored on a phone against e.g. theft. Prototyped 
 platform-authentication for clients using BankID. Focused on web and mobile security. 
 Android and Python development.}\\\multicolumn{2}{c}{} \\
 
\textsc{Aug 2013 - May 2015} & Part-time Security Consultant and Programmer at \textsc{Payson AB}\\
&\emph{Online Payment Platform}
\\&\footnotesize{Tasked with finding vulnerabilities in Payson's systems. 
Programming frontend and backend in C\# .NET. In addition to helping out with new 
functionality on the website, I had my own project involving web scraping and 
regularily data mining thousands of sites.}\\\multicolumn{2}{c}{} \\

\textsc{Dec 2007 - Dec 2013} & Part-time Programmer at \textsc{Awave AB}\\
&\emph{Web Development and Programming Consultancy Shop}
\\&\footnotesize{
Programming websites in PHP and .NET. Mostly "backoffice" adminstrative applications, 
with lots of obtuse SQL queries. Created three iPhone apps in Mono Xamarin. 
Desktop applications for invoicing and accounting on Windows. Server administration 
and setup in Linux and Windows. Security auditing/pentesting of websites. }


\end{tabular}

%Section: Education
\section{Education}
\begin{tabular}{rl}	
 \textsc{January} 2017 & Master of Computer Science, \textbf{KTH Royal Institute of Technology}, Stockholm\\
&Major: Computer Security\\
& Thesis: ``Anonymous Javascript Cryptography and Cover Traffic in Whistleblowing\\& Applications'' | \small Supervisor: Prof. Sonja \textsc{Buchegger}\\ \\
%&\normalsize \textsc{Gpa}: 28.61/30\hyperlink{grds}{\hfill | \footnotesize Detailed List of Exams}\\&\\

\textsc{July} 2013 & Bachelor of Computer Science, \textbf{KTH Royal Institute of Technology}, Stockholm\\
& Thesis: ``Voting Mix-Net'' | \small Supervisor: Douglas \textsc{Wikström}\\ \\
\end{tabular}

%Section: Work Experience at the top
\section{Volunteering Work}
\begin{tabular}{r|p{11cm}}
 \emph{Dec 2016 - Feb 2018} & \textsc{Security Without Borders} \\
 \textsc{}&\emph{Volunteering Organisation}\\
 &\footnotesize{At SWB I helped with maintaining and coding new features for the main www.securitywithoutborders.org website.} \\ \multicolumn{2}{c}{} \\
 
\end{tabular}

%Section: Scholarships and additional info
\section{Scholarships and Certificates}
\begin{tabular}{rl}
 \textsc{2010} & Cambridge Certificate of Proficiency in English (CPE): Grade A \\
\textsc{2009} & Cambridge English: Advanced (CAE): Grade A
\end{tabular}

%Section: Languages
\section{Languages}
\begin{tabular}{rl}
\textsc{Swedish:}& Modersmål (Mothertongue)\\
\textsc{English:}& Fluent\\
\textsc{German:}& Basic\\
\end{tabular}

% \section{Computer Skills}
% \begin{tabular}{rl}
%  Advanced Knowledge:& \textsc{Python}, Java, .NET (C\#), PHP, JavaScript, Linux, SQL, Webapp security,\\& Webscraping, HTML/CSS\\
%  Basic Knowledge:&  \textsc{Android}, C/C++, Rust, Ruby, Prolog, Haskell  \\
% \end{tabular}

% \section{Interests and Activities}
% Technology, Open-Source, Programming, Cryptography, Computer Security\\
% Video-games, Philosophy, Baking

\newpage

\section{Project Showcase}
These are some open source projects I've worked on. A more complete project list can be supplied upon request. I also have more projects on my github account, which you can find here: \href{https://github.com/Tethik}{https://github.com/Tethik}\\

\subsection{Burn After Reading}
A simple to use webservice for securely sending secrets. It works by encrypting texts in javascript, sending the key in such a way that the server should not see it. The server then stores the text in memory until either the recipient decides to "burn" the text or the time expires. I use it to send passwords and other secrets that I don't want to be kept saved in e.g. an email inbox or chat thread. Coded in javascript and python.

Demo: \href{https://burn.blacknode.se}{https://burn.blacknode.se}\\
Src: \href{https://github.com/Tethik/burn-after-reading}{https://github.com/Tethik/burn-after-reading}\\

\subsection{Tamperfree}
A tool to verify static content on tor hidden service websites. It uses selenium to emulate the tor browser bundle in order to make a verifier that looks and acts just like a normal tor user would. By doing this I hope to achieve indistinguishability from a real user, so that the server can not differentiate between the verifier and real user. Mostly a proof of concept. Coded in python.

Src: \href{https://github.com/Tethik/tamperfree}{https://github.com/Tethik/tamperfree}


\subsection{PYPI Python Packages}
Throughout 2016-2017 I published some smaller python packages in the official python package index.

\begin{itemize}
\item Badger. A simple commandline program to generate SVG badges offline.\\ \href{https://pypi.python.org/pypi/badger}{https://pypi.python.org/pypi/badger}
\item Flask-Session-Captcha. A captcha generator for the Flask framework.\\ \href{https://pypi.python.org/pypi/flask-session-captcha}{https://pypi.python.org/pypi/flask-session-captcha}
\item simplegeoip. A simple wrapper library for getting geolocation from an ip.\\ \href{https://pypi.python.org/pypi/simplegeoip}{https://pypi.python.org/pypi/simplegeoip}
\end{itemize}

\newpage
\subsection{Github Open Source Contributions}
\subfile{partials/pull_requests}

\end{document}