Omar Darwish is a Staff Platform Security Engineer in San Francisco with 12 years of experience specializing in low-level systems, platform security, and infrastructure-as-code. He combines vulnerability research on console OS/firmware at PlayStation with hands-on adversary emulation and tooling experience from Okta and Spotify, bringing practical offensive and defensive perspectives. A polyglot contributor (Go, JavaScript, Java, Ruby), he has improved widely used open-source tooling—adding security-focused checks to tflint and strengthening server testing in goss—illustrating attention to IaC hygiene and test reliability. Omar’s background spans cloud automation, Terraform/Ansible-driven provisioning, and production forensic tooling, and he holds an MS in Cybersecurity from Georgia Tech. Colleagues describe him as a systems-level thinker who refactors messy infrastructure into auditable, secure automation while still shipping pragmatic developer tools.
12 years of coding experience
7 years of employment as a software developer
Bachelor of Science - BS Computer Science, Bachelor of Science - BS Computer Science at The University of Texas at Dallas
Master of Science - MS Cybersecurity, Master of Science - MS Cybersecurity at Georgia Institute of Technology
Contributions:9 commits, 9 PRs, 15 comments in 5 months
Contributions summary:Omar primarily contributed to the testing infrastructure and backend logic of the `goss` project, a server testing/validation tool. Their contributions included adding features to the Gomega matcher, addressing connection leaks, and refactoring resource configuration validation. The user also implemented new resources like "matching" and improved integration tests to enhance the project's functionality and reliability. Additionally, the user focused on code formatting and cleanup to improve the code's readability.
Contributions:9 commits, 1 PR, 5 comments in 8 days
Contributions summary:Omar's commits primarily focused on enhancing the `terraform-linters/tflint` project by implementing a module source pin check, indicating a focus on infrastructure-as-code (IaC) best practices. They added a new linter to detect modules using unpinned source references, which would improve the security and maintainability of Terraform configurations. The changes also involved refactoring and renaming of components, highlighting an understanding of code organization and the project's architecture. Additionally, they integrated the AWS security group duplicate name checker, further demonstrating an understanding of cloud security.
lintertflintpluggableterraform
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.