Joss Sparkes is a security-focused software engineer with 8 years' experience specializing in application security and software testing, based in the Greater Leeds Area. He blends hands-on DevOps and security engineering, contributing to open-source projects like OWASP's wrongsecrets to demonstrate secure secret handling and improve CI/CD and container tooling. Joss has a practical knack for hardening test suites and infrastructure—recent work includes refining tests, adapting code for style compliance, and adding realistic challenges like bash history exercises. Colleagues know him for spotting subtle attack surfaces and turning security lessons into reproducible developer tooling. He combines a tester’s attention to detail with an engineer’s drive to automate repeatable, auditable security practices.
Vulnerable app with examples showing how to not use secrets
Role in this project:
Security Engineer & DevOps Engineer
Contributions:39 reviews, 68 commits, 9 PRs in 2 months
Contributions summary:Joss's primary focus was on enhancing the security of the `wrongsecrets` application and improving the related infrastructure. They made several code changes to adapt the application to allow answers with or without single quotes, to conform to Maven checkstyle, and to refine tests. The user added a bash history challenge, along with its initial code, to the repository and included related tests. They also worked on docker-related scripts and made modifications to the CI/CD process.
The repo that powers my personal blog http://jsparkes.com
Contributions:16 PRs, 86 pushes, 25 branches in 4 years 5 months
powersmy-personal-blog
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.