Calvin Li

Lead Software Engineer, Application Security

San Francisco, California, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Calvin Li is a Lead Software Engineer in Application Security with 12 years of experience, based in San Francisco and leading security engineering work at Yelp since 2017. He blends hands-on backend and DevOps skills with pragmatic application security practices—contributing to PaaSTA for secret management and hardening testing pipelines. Calvin is an active open-source contributor, improving widely used projects like Yelp’s detect-secrets to better catch AWS keys and enhancing the Reddit Enhancement Suite for cross-browser compatibility. He focuses on practical, production-ready fixes (timeouts, iptables, CORS/cookie handling) that reduce risk and operational friction. Notably, he explicitly prefers non-fintech/FAANG/crypto/AI roles, signaling a deliberate cultural and domain fit for prospective teams. A UC Berkeley alumnus, he pairs strong engineering fundamentals with a security-first mindset and real-world infrastructure experience.
code12 years of coding experience
bookBachelor's Degree, Bachelor's Degree at University of California, Berkeley
github-logo-circle

Github Skills (28)

compatible10
kubernetes10
javascript10
docker10
python10
firefox-webextension10
browser-extension10
testing10
it-security10
firefox-addon10
chrome-extension10
dockers10
browser-support10
security10
regular-expression10

Programming languages (4)

TypeScriptMakefileJavaScriptPython

Github contributions (5)

github-logo-circle
Yelp/detect-secrets

Dec 2018 - Feb 2022

An enterprise friendly way of detecting and preventing secrets in code.
Role in this project:
userSecurity Engineer
Contributions:55 reviews, 10 commits, 8 PRs in 3 years 2 months
Contributions summary:Calvin contributed to the development of security-related features within the `detect-secrets` repository. Their work included adding a plugin to detect AWS key IDs, enhancing the base plugin class with a whitelist regex check, and removing unnecessary checks from other plugins. Furthermore, the user also made a minor typo fix within a base plugin file. The user's contributions directly improve the tool's ability to identify and prevent secrets in code, specifically targeting AWS keys.
secrets-detectionsecuritysecretsyelpdetecting
Yelp/paasta

Dec 2018 - Jan 2023

An open, distributed platform as a service
Role in this project:
userBackend & DevOps Engineer
Contributions:8 reviews, 7 commits, 18 PRs in 4 years 1 month
Contributions summary:Calvin contributed to the PaaSTA platform by addressing security-related issues, including modifying timeouts for security checks and preventing the emission of Sensu events. They enhanced the secret management functionality by adding a "paasta secret run" subcommand and clarifying instructions for secret input. Furthermore, the user fixed iptables tests to be compatible with the Jammy OS environment, indicating experience with infrastructure and testing within the PaaSTA ecosystem.
mesosdockerplatform-as-a-servicedistributed-systemsmicroservices
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Calvin Li - Lead Software Engineer, Application Security