Multi-Cloud IAM Security Engineer | Non-Human Identity Specialist | Core OSS Contributor
I design and secure IAM architectures across distributed environments, enforcing strict least privilege for both human and machine identities.
Proud member of the AWS Community Builders and The Identity Underground.
I contribute security fixes to enterprise identity infrastructure and cloud governance frameworks.
-
Keycloak (33k+ ★) Hardened OIDC compliance to guarantee stable federation with upstream IdPs, and enhanced OID4VCI flows for secure, decentralized enterprise architectures.
-
Authentik (24k+ ★) Patched a critical OAuth2 decoding flaw to eliminate false-positive application lockouts, delivering a fix critical enough for an immediate backport to the stable enterprise release.
-
Better Auth (27k+ ★) Delivered core security patches that eliminated severe OTP bypass vulnerabilities and enforced strict cryptographic validations to prevent active session hijacking.
-
Cloud Custodian (5.9k+ ★) Fixed a critical AWS IAM monitoring blind spot, restoring accurate AccessDenied telemetry required for multi-account enterprise compliance audits.
-
Boundary – AWS JIT Access Broker
Building a Just-in-Time access vending engine that reduces provisioning time from days to seconds while automatically generating artifacts required for SOC2 audits. -
IAM Logic Fuzzer
Security testing tool designed to surface hidden privilege escalation paths in IAM policies while helping validate compliance with CIS AWS benchmarks
Identity: OIDC, SAML, SCIM
Policy & IaC: Policy-as-Code, Drift Detection
Kubernetes: RBAC, workload identity (mTLS)
Secrets: Vault-based lifecycle rotation
📧 Contact: oluwatobimustapha539@gmail.com