Ian Gallagher

Senior Application Security Engineer

New Zealand
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Ian Gallagher is a Senior Application Security Engineer with 16+ years of hands-on experience in offensive security, large-scale infrastructure hardening, and enterprise security engineering. He founded the long-running hacker community Neg9, where he’s organized CTFs and DEF CON competition infrastructure, demonstrating a deep commitment to community mentorship and practical skill-building. Ian has led red team operations and technical strategy at Dropbox and now leads offensive work for Arc XP at The Washington Post, blending penetration testing, vulnerability research, and production systems security for cloud platforms. He’s comfortable across Linux/BSD stacks and has improved real-world open-source security tooling—e.g., hardening the popular EyeWitness project to prevent XSS and malicious signature injection. Known for quickly learning complex systems, he pairs technical findings with clear mitigation guidance and process improvements to reduce organizational risk. Outside work he volunteers technical support for first responders and emergency communications, applying his security and systems expertise to community resilience.
code16 years of coding experience
job19 years of employment as a software developer
bookAS, Computer Science, Psychology, AS, Computer Science, Psychology at North Seattle College
stackoverflow-logo

Stackoverflow

Stats
815reputation
460kreached
3answers
0questions
Badges
security
top-5%
certificate
top-5%
github-logo-circle

Github Skills (24)

javascript10
integrate10
python10
firefox-webextension10
browser-extension10
firefox-addon10
webscraping10
integrations10
security10
system-integration10
xss10
encoding10
webextension10
vulnerability9
web-application-security9

Programming languages (16)

C#C++CSSRustTeXGoHTMLTypeScript

Github contributions (5)

github-logo-circle
codebutler/firesheep

Oct 2010 - Mar 2011

A Firefox extension that demonstrates HTTP session hijacking attacks.
Role in this project:
userFull-stack Developer
Contributions:16 commits in 5 months
Contributions summary:Ian primarily contributed to the development of handlers for various websites, including Amazon, Google, and Yelp, within the context of a Firefox extension for HTTP session hijacking. They implemented code to identify and extract user information (e.g., usernames and avatars) from the target websites. The user also added support for new sites, such as Flickr and CNET, expanding the extension's capabilities.
firefoxhttp-sessionfirefox-extensionhijackingfirefox-addon
RedSiege/EyeWitness

Feb 2014 - Mar 2014

Role in this project:
userSecurity Engineer
Contributions:5 commits in 9 days
Contributions summary:Ian focused on improving the security of the EyeWitness tool. Their contributions included adding HTML entity encoding to prevent XSS vulnerabilities in the web request information and default credentials displayed in the report. They also addressed the potential for malicious code injection from the signatures file by encoding credentials. Furthermore, the user improved the handling of HTTPS hosts discovered through Nmap scans.
headersecurityscreenshotscredentialsdefault-credentials
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Ian Gallagher - Senior Application Security Engineer