Grant Murphy is a principal-level application security engineer from Queensland with 15+ years securing enterprise and cloud platforms across AWS, Azure, GCP and Kubernetes. He specialises in secure software development, threat modelling, and security automation, with hands-on coding in Go, Python and Rust and a track record of embedding “security by design” into SDLCs. Grant has built and scaled AppSec programs at companies including Elastic, IBM and HPE, and ran vulnerability management and security review processes for complex cloud products. An active open-source contributor, he authored and continues to improve gosec, a widely adopted static analysis tool for Go, and has participated in high-impact initiatives like OpenStack and the OpenSSF. Known for combining pragmatic engineering with program-level strategy, he often surfaces subtle implementation risks through tooling and automation that materially reduce organizational risk.
14 years of coding experience
18 years of employment as a software developer
Engineering, Software Engineering, Engineering, Software Engineering at Griffith University
Contributions:8 reviews, 189 commits, 203 PRs in 3 years 10 months
Contributions summary:Grant focused on enhancing the security of the `gosec` project, a Go security checker. Their contributions primarily involved fixing code-related issues like typos and refactoring existing functionality to improve security. They also introduced new features such as a quiet mode and improved the existing helper functions. Furthermore, the user addressed and fixed go vet failures in SQL rules and added a new rule to check file permissions.
Contributions:5 commits, 1 push in 9 years 7 months
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.