John Gross

Tucson, Arizona, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
John Gross is a seasoned security-focused back-end engineer and former university systems administrator with 17 years of hands-on experience building and hardening TLS/cryptography integrations across major open-source projects. Based in Tucson, he has contributed security and correctness fixes to cornerstone projects such as CPython, Go, OpenSSL, BoringSSL, Node.js, curl, and Envoy, demonstrating deep expertise in SSL/TLS, certificate handling, and crypto bindings. His work ranges from low-level ASN.1 and OpenSSL plumbing to protocol-level fixes that close real vulnerabilities and improve interoperability with BoringSSL/OpenSSL variants. A pragmatic operator by training—having run university infrastructure for nearly two decades—he pairs operational insight with rigorous code hygiene and test improvements. He also quietly improves developer tooling and diagnostics (Chrome DevTools Security Panel, test infra) to make security-visible to engineers. Colleagues rely on him for subtle cryptographic correctness fixes that are easy to miss but critical in production.
code17 years of coding experience
job17 years of employment as a software developer
bookU of A
github-logo-circle

Github Skills (85)

python10
testing10
ws-security10
c1110
security10
c1710
javas10
mtls10
encoding10
x509certificate210
clang10
wpa-supplicant10
javascript10
compiler-errors10
validation10

Programming languages (25)

C#CCMakeMakefileGoHTMLTypeScriptShell

Github contributions (5)

github-logo-circle
google/boringssl

Nov 2014 - Jan 2023

Mirror of BoringSSL
Role in this project:
userBack-end Developer
Contributions:7 releases, 127 commits, 7 PRs in 8 years 4 months
Contributions summary:John primarily contributed to the BoringSSL repository by addressing issues related to the handling and processing of SSL/TLS certificates and related functionalities. Their contributions involved code modifications to ensure correct handling of various cases, especially in the context of DTLS and TLS 1.3 protocol versions. They also implemented key management and signing algorithms, and fixed a few subtle parsing issues.
boringssl
aws/aws-lc

May 2021 - Jan 2023

AWS-LC is a general-purpose cryptographic library maintained by the AWS Cryptography team for AWS and their customers. It іs based on code from the Google BoringSSL project and the OpenSSL project.
Role in this project:
userBack-end Developer & Security Engineer
Contributions:202 commits in 1 year 8 months
Contributions summary:John's contributions primarily focused on implementing and testing cryptographic functionalities within the AWS-LC library. They modified existing test cases to ensure code correctness and the use of approved ciphers, including the inclusion of testing for edge cases. Additionally, the user enhanced the functionality of the cryptographic library by adding functions and API calls related to areas like HMAC, and X.509 certificate management. These changes reflect an effort to enhance the robustness and functional breadth of the library.
cryptographycryptographiccustomerspurposeaws
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
John Gross