Stephen Touset

Security Engineer at Square

San Francisco, California, United States
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Stephen Touset is a Security Engineer in San Francisco with 18 years of hands-on experience spanning systems administration, secure software development, and infrastructure engineering. He combines deep Unix/Linux expertise (Debian, iptables, Apache, PostgreSQL, OpenLDAP, Samba) with broad programming fluency in C/C++, C#, Java, Perl, Ruby, Ada and modern security-focused engineering. At Square and OneLogin he has focused on hardening privileged workflows and SSO, including notable open-source contributions such as enhancing ruby-saml for canonicalization compliance and building sudo_pair integrations that require human approval of privileged sessions. Comfortable moving between low-level systems work and application-layer security, he brings a pragmatic, build-it-yourself mentality rooted in decades of production operations and release engineering. An understated strength is his history of improving legacy systems and test suites to meet modern security and interoperability standards.
code18 years of coding experience
job16 years of employment as a software developer
bookB.S., Math, Computer Science, B.S., Math, Computer Science at Kennesaw State University
stackoverflow-logo

Stackoverflow

Stats
2,572reputation
321kreached
10answers
11questions
Badges
instance-variables
top-5%
encryption
top-5%
hash
top-5%
github-logo-circle

Github Skills (27)

saml10
user-authentication10
authentication10
ruby10
security10
sudo10
xml10
nokogiri10
rust10
testing9
system-programming9
instance-variables9
encryption9
hash9
pam8

Programming languages (13)

C#C++RustCScalaGoHTMLTypeScript

Github contributions (5)

github-logo-circle
square/sudo_pair

Nov 2016 - Nov 2022

Plugin for sudo that requires another human to approve and monitor privileged sudo sessions
Role in this project:
userBack-end Developer & Security Engineer
Contributions:3 reviews, 352 commits, 129 PRs in 6 years 1 month
Contributions summary:Stephen's initial contributions focused on integrating the `sudo_pair` plugin with the `sudo` system, implementing core functionality to require approval for privileged sessions. Their work involved defining the plugin's API interface and creating the core components for the plugin. Subsequent commits added security features by adding new methods to deny and approve sessions as well as the addition of several security-focused checks.
pammonitoryubikeypairingapprove
SAML-Toolkits/ruby-saml

Oct 2012 - Aug 2013

SAML SSO for Ruby
Role in this project:
userBack-end Developer
Contributions:30 commits in 9 months
Contributions summary:Stephen primarily focused on enhancing the `ruby-saml` library by adding support for different canonicalization algorithms and refactoring the code to use the Nokogiri XML parser. The contributions also involved addressing SAML specification compliance, specifically removing timezone information from the xs:dateTime format. Furthermore, the user implemented version bumps and minor adjustments to the test suite.
railssaml-ssorubysamlsso
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Stephen Touset - Security Engineer at Square