Cedric Staub is a seasoned engineering leader with 13 years of experience, currently directing engineering at Pinterest after a formative tenure at Square. He specializes in backend systems, security, and secrets management, having contributed substantial code and features to high-profile open-source projects like gosec, certstrap, certigo, go-jose, and Keywhiz. Cedric’s work shows a consistent focus on hardening cryptographic tooling and certificate handling—adding intermediate CA support, keystore parsing, OCSP/status features, and checks for weak randomness. He combines hands-on coding with product-minded leadership, improving observability, error handling, and maintainability across distributed services. Based in the San Francisco Bay Area and educated at ETH Zurich, he blends rigorous academic roots with practical, production-grade security engineering. A detail-minded contributor, he often tackles less-visible but critical plumbing—dependency management, output formats, and protocol edge cases—that materially raises system reliability.
A utility to examine and validate certificates in a variety of formats
Role in this project:
Back-end Developer & Security Engineer
Contributions:19 releases, 248 commits, 159 PRs in 6 years 4 months
Contributions summary:Cedric primarily focused on enhancing the security and functionality of the `square/certigo` repository. Their contributions include implementing features related to JCEKS keystore parsing, which included adding a sub-package and supporting the Java Cryptography Extension Key Store format. Further contributions involve improving the reliability of the certificate utility, including adding support for printing OCSP status and implementing HTTP(S) CONNECT proxy support, and fixing several bugs that increased the stability of the overall system.
An implementation of JOSE standards (JWE, JWS, JWT) in Go
Role in this project:
Back-end Developer
Contributions:28 releases, 10 reviews, 382 commits in 8 years
Contributions summary:Cedric's commits focused on enhancing the functionality and maintainability of the `go-jose` library, specifically related to JSON Web Signature (JWS) and JSON Web Encryption (JWE) standards. They addressed code coverage gaps, refactored to remove external dependencies, improved padding handling in the cipher package, and standardized header parsing. The user also refactored internal API to improve error handling and streamline various serialization and de-serialization code paths.
golangsigningjosejson-web-tokenjwe
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.