Raphaël Jamet is a staff security engineer with a decade of experience building preventive application security at scale, currently driving security at igonogo after senior roles at PayFit and Aircall. He spent five years at Google hardening client-side defenses—particularly DOM-based XSS—by blending static analysis, secure libraries, and developer-facing tooling, and has deep experience influencing product lifecycle and developer experience. His open-source contributions include security-focused changes to AngularJS and improvements to Google’s Tink crypto library, demonstrating hands-on expertise across front-end, cryptography, and build tooling. With a PhD on secure protocols for constrained wireless networks and an M2R in security and cryptography, he combines formal research rigor with practical engineering. Colleagues know him for reducing whole classes of bugs through process and libraries rather than fire-fighting individual incidents. He is based in Grenoble and brings a rare mix of applied crypto, front-end XSS mitigation, and developer-centric security engineering.
10 years of coding experience
7 years of employment as a software developer
M2R Info, Sécurité et Cryptographie, M2R Info, Sécurité et Cryptographie at Université Grenoble Alpes
Contributions:17 commits, 10 PRs, 98 comments in 1 year 8 months
Contributions summary:Raphaël primarily contributed to security enhancements within the AngularJS framework, specifically concerning template requests and the Secure Contextual Escaping (SCE) service. Their work included modifying the `$templateRequest` service to improve caching and trust mechanisms, alongside fixing a bug related to empty templates. Furthermore, they implemented critical changes to protect against potential cross-site scripting (XSS) vulnerabilities, focusing on securing `link[href]` and `base[href]` attributes and refining SCE context requirements for various HTML elements. They also updated documentation to reflect the changes in the `$templateRequest` service.
Contributions summary:Raphaël primarily contributed to the development of rules for a NodeJS toolchain within the Bazel build system. Their work focused on creating utilities and engines to match code patterns for linting and preventing certain code constructs. These contributions include the addition of a `ConformancePatternRule` to Tsetse, including the engine for finding banned property writes, and the introduction of an engine to identify non-constant property writes. Furthermore, the user worked on improving existing test infrastructure, suggesting testing their suggested fixes.
bazeljavascriptstarlarknodejsrules-nodejs
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Raphaël Jamet - Staff Security Engineer at igonogo