Chris Coulson

Senior Platform Security Engineer

South Kesteven, England, United Kingdom
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Chris Coulson is a seasoned security-focused software engineer with 17 years of experience, currently shaping Ubuntu platform security at Canonical. He led architecture and implementation of TPM-protected full-disk encryption for Ubuntu Core, drove secure-boot and firmware update strategies, and contributed security fixes to high-profile projects like the UEFI shim loader. Earlier work includes creating Oxide, a Chromium-based QML webview for the Ubuntu Phone, and long-running maintenance of Firefox/Thunderbird integrations for the desktop. His background in aerospace and automotive electronics gives him uncommon system-level insight into hardware, cryptographic modules (TPM), and embedded validation. An active open-source contributor, he blends low-level kernel and firmware work with higher-level service security (snapd, PolicyKit) to deliver auditable, platform-wide protections. Based in South Kesteven, England, he combines rigorous engineering with a pragmatic focus on deployable, maintainable security features.
code17 years of coding experience
job19 years of employment as a software developer
bookBEng (Hons), Electronics and Communications Engineering, 1st, BEng (Hons), Electronics and Communications Engineering, 1st at Nottingham Trent University
github-logo-circle

Github Skills (19)

bootloader10
uefi10
authorizations10
c-language10
authentication10
user-authentication10
c1110
security10
c1710
go10
authorization10
tpm10
cprogramming-language10
debug9
debugging9

Programming languages (9)

TypeScriptShellC++CRustJavaScriptGoAssembly

Github contributions (5)

github-logo-circle
rhboot/shim

Jun 2019 - May 2022

UEFI shim loader
Role in this project:
userSecurity Engineer
Contributions:8 reviews, 23 commits, 15 PRs in 2 years 11 months
Contributions summary:Chris primarily focused on enhancing the security aspects of the UEFI shim loader. Their contributions involved fixing potential vulnerabilities related to the TPM (Trusted Platform Module), addressing buffer overflows, and implementing SBAT (Software Bill of Materials) verification to strengthen the security posture. Furthermore, the user refactored code related to allowlists and denylists, renaming them to improve clarity and maintainability while improving code quality.
uefiloadershimtpm
canonical/snapd

Mar 2018 - Jun 2021

The snapd and snap tools enable systems to work with .snap files.
Role in this project:
userSecurity Engineer
Contributions:38 reviews, 9 commits, 4 PRs in 3 years 2 months
Contributions summary:Chris made multiple commits focused on securing the `snapd` and related components, particularly around authentication and authorization using PolicyKit (polkit). Their work includes passing caller User ID (UID) to PolicyKit, adding comments for clarity, and hardening access control within the system. Several commits address issues related to the interaction between `snapd` and the underlying security infrastructure, ensuring proper handling of user permissions and access rights. Additionally, the user made commits related to the boot process and secure boot configuration.
snapdsnap
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Chris Coulson - Senior Platform Security Engineer