Feb 2025 – May 2025 · 3 mos

Sep 2023 – Present · 2 yrs 8 mos · Remote

• Working accross Digital NSW I liaised with Directors across Service NSW, Mobile App, and Digital Identity - delivering DevSecOps, NSW Artificial Intelligence Assessment Framework, ISMS, Risk Management, Vulnerability Remediation, Threat Modelling, and Secure-by-design Architecture.

Mar 2023 – Jun 2023 · 3 mos · Australian Capital Territory, Australia · Hybrid

• They are now known as Terria, go check them out! https://terria.io

Jan 2022 – Sep 2022 · 8 mos · Moruya, New South Wales, Australia · Hybrid

Oct 2021 – Dec 2021 · 2 mos · Remote

Mar 2021 – Jul 2021 · 4 mos · Remote

Oct 2020 – Mar 2021 · 5 mos · Remote

Aug 2020 – Sep 2020 · 1 mo · Sydney, New South Wales, Australia · Remote

• Consultant Engagement via Mantel Group brand CMD

Jul 2020 – Aug 2020 · 1 mo · Sydney, New South Wales, Australia · Remote

• Consultant Engagement via Mantel Group brand CMD

Oct 2019 – Jul 2020 · 9 mos · Melbourne, Victoria, Australia · On-site

• Consultant Engagement via Mantel Group brand Kasna
• As a security partner to SRE and Developer Experience delivery squads;
• Developed, evaluated, and critiqued design and integration models which facilitate scalability, extensibility and reusable solutions.
• Developed and applied patterns for elegant solutions to meet to customer, regulatory and shareholder expectations
• Design and articulate security controls to protect against identified attack vectors
• Directly worked on;
• Kubernetes (GCP)
• Gatekeeper Admission Controller (OPA/Rego)
• Binary Authorisation
• Anthos
• Google Cloud Build
• Splunk
• Github for Business
• Dynatrace
• Terraform
• Conftest
• Golang
• Twistlock / Prisma
• Checkmarx

Sep 2019 – Sep 2019 · 0 mo · Sydney, New South Wales, Australia · On-site

• Consultant Engagement via Mantel Group brand CMD
• Prior to Fox Sports launch of Kayo Sports and Binge, the streaming service (Streamotion) was in development - It was my task to perform Kubernetes and AWS vulnerability assessment, application penetration testing and fuzzing, threat modelling workshops, and assist in hiring AppSec talent.

Aug 2019 – Sep 2019 · 1 mo · Melbourne, Victoria, Australia · On-site

• Team lead for Infrastructure, Design, and Implementation of a new PCI DSS compliant AWS environment.
• Worked with internal SecurePay stakeholders, parent company AustPost stakeholder, and sibling subsidiary Digital iD requirements
• Leveraging a validated solution accelerator for PCI DSS account and network design
• Establishing security principles for future work
• Prioritise for self-service catalogue of approved solutions with governance baked-in
• Segregation of data access, processing, and persistence
• Provisions for parent company access of governance tasks while keeping full sovereignty over all data by the owner organisation
• Sharing with parent organisation of governance related metrics, logs, and events for monitoring, incident response, audit, and non-repudiation controls
• Supporting all existing services, capabilities, and technologies where appropriate and feasible

May 2019 – Aug 2019 · 3 mos · Melbourne, Victoria, Australia · On-site

• Worked directly with 18 delivery teams to educate, develop, and implement;
• Snyk; Source Composition Analysis
• Checkmarx; Static Application Security Testing
• Nucleus Security; Enterprise Vulnerability Management
• This involved integration into the SDLC at various stages with workshops and pair programming with developers using Ruby, Python, .NET, Java, Kotlin, Node.js, and various Javascript frameworks.
• Developed AWS serverless solutions for Application Security utilisation and reporting;
• Lambda
• CodeBuild
• CodeDeploy
• Service Catalog
• CloudWatch Events (real-time monitoring, alerting, remediation)
• BitBucket
• Gitlab
• Integration of various third parties to Nucleus, including;
• Snyk
• Checkmarx
• Rapid7
• Tenable
• Palo Alto
• AWS GuardDuty
• AWS SecurityHub
• AWS Config

Jul 2019 – Jun 2024 · 4 yrs 11 mos · Australia

• Trivial Security and "Early Warning Service" Cyber Threat Intelligence (CTI) alerting platform which correlates penetration testing or attack surface scanner discovered assets with thousands of intelligence sources, both paid integrations and monitored by the TrivialSec team.
• Our AI/ML was trained on public domain registration information and metadata which spanned every registered domain for the entire internet within minutes of being registered (before owners would have any website content being served), Our data collection was authorised by the domain registrars via CZDS an ICANN program.
• The accuracy and timeliness of our source data allowed an unprecedented prediction of future bad actor malicious activity online - giving our first believers intelligence they could not find anywhere else in the market.

May 2019 – Oct 2020 · 1 yr 5 mos · Greater Melbourne Area · Remote

• AWS Premier Partner - 2019/20 winner APN #1 Consulting Partner - AWS Security Competency
• People Guide (mentoring program).
• As the Practice Lead at Mantel Group, I spearheaded the development and execution of a comprehensive security strategy across multiple brands. In this role, I led the Community of Practice (CoP) for security, facilitating DevSecOps, cyber, and data talks. I was responsible for incident response, addressing security advisories, and managing privacy and data breach incidents. My work included conducting risk assessments and threat modeling for cloud service providers and SaaS vendors, along with vulnerability assessments using SAST, DAST, and SCA techniques.
• For several clients with AI/ML needs, I was resourced to deliver Apache Airflow, Hadoop, Spark, Keras, Tensorflow, and various other skills I developed in past roles - to assist the Data Science team whenever the need arose.
• Our team defined new architectures in line with regulatory compliance standards, gaining endorsement from multiple stakeholders. My efforts extended to implementing security controls through policy-as-code, operational security monitoring, and threat hunting practices. I also ensured that IAM, Federation, and SSO/SAML were properly integrated and managed, and I drove the adoption of developer-friendly security tooling in CI/CD pipelines.
• Throughout my tenure, I applied both qualitative and quantitative analysis to software selection, leading implementations, audits, and reporting for various compliance standards, including HIPAA, NIST, APRA, ASIC, PCI, ISO, OAIC, ACSC, and IRAP. My work spanned across numerous technologies such as Kubernetes, Docker, gVisor, and a wide array of programming languages and databases. I successfully collaborated with organizations like nib group, Data Action, Australia Post, Tyro, and ANZ Bank, among others, ensuring robust security practices were in place to protect their critical systems.

Jan 2019 – Apr 2019 · 3 mos · Adelaide, South Australia, Australia · On-site

• In preparation for a Managed Open Banking API product, I was responsible for APRA approved AWS uplift and producing risk assessments of 42 AWS services.
• Monitoring, Alerting, and auto-remediation of security events
• SecurityHub vulnerability management workflow runbooks
• Logging centralisation and data security protections
• Security insights and SIEM operations leveraging S3, Athena, Glue, EMR, and Datalake
• Risk assessments required appropriate data classification and handling to be established, threat modelling, and APRA approved assessment process established.
• The assessments involved an evidence-based approach at three levels; Vendor, Service, Implementation. Due-diligence and probity are critical, and the exercise consists of addressing risk domains as defined by Cloud Security Alliance (CSA) and establishing an inherent risk assessment prior to the adoption of the service. To reduce the inherent risk there are security controls defined in 5 main categories; Preventative, Detective, Corrective, Deterrent, Compensating. With these controls the organisation has a feasible residual risk rating and expectation for implementation and future treatment plan dependant of adopted recommendations.

Nov 2018 – Jan 2019 · 2 mos · Sydney, New South Wales, Australia · On-site

• Worked with internal stakeholders, parent company stakeholder, and sibling subsidiary requirements
• Leveraging a validated solution accelerator for PCI DSS account and network design
• Establishing security principles for future work
• Segregation of data access, processing, and persistence
• Developed, evaluated, and critiqued design and integration models which facilitate scalability, extensibility and reusable solutions.
• Developed and applied patterns for elegant solutions to meet to customer, regulatory and shareholder expectations
• Design and articulate security controls to protect against identified attack vectors
• Patch Management and patch compliance visibility
• Improved IAM / RBAC to support a range of predefined job functions
• Monitoring, Alerting, and auto-remediation of security events using AWS native solutions
• Container scanning and improved container repository workflows
• Improvements to security testing; SCA, SAST, DAST, Threat Surface
• AWS vulnerability assessment

Oct 2018 – Nov 2018 · 1 mo · Melbourne, Victoria, Australia · On-site

• To support the data science and machine learning teams it was my role to provide AWS solutions to deploy new production capabilities and support data team workflows.
• Deployed Jupyter Notebooks with SSO
• Established a DAG capability using Apache Airflow
• Containerised POC workloads re-platformed to Apache Airflow
• Contributed new Python for new Export-Load-Transform (ELT) workloads
• Sagemaker Machine Learning model deployment

Jul 2018 – Oct 2018 · 3 mos · Newcastle, New South Wales, Australia · Hybrid

• Risk assessments of various AWS offerings planned for adoption required appropriate data classification and handling to be established, threat modelling, and APRA approved assessment process established.
• The assessments involved an evidence-based approach at three levels; Vendor, Service, Implementation. Due-diligence and probity are critical, and the exercise consists of addressing risk domains as defined by Cloud Security Alliance (CSA) and establishing an inherent risk assessment prior to the adoption of the service. To reduce the inherent risk there are security controls defined in 5 main categories; Preventative, Detective, Corrective, Deterrent, Compensating. With these controls the organisation has a feasible residual risk rating and expectation for implementation and future treatment plan dependant of adopted recommendations.

May 2018 – Jul 2018 · 2 mos · Brisbane, Queensland, Australia · Remote

• Cloud Service Provider and SaaS Vendor evidence-based risk assessments and Threat Modelling
• Security Controls design, implementation, and validation of control effectiveness
• Security Incident response and addressing security advisories
• Design and implement operational security monitoring, alerting
• Define and implement IAM, Federation, and SSO/SAML

Mar 2018 – May 2018 · 2 mos · Sydney, New South Wales, Australia · On-site

• AWS Database Migration Service (DMS) from On-premise Mysql to Aurora Postgres
• Lambda (Serverless more broadly) usage workshops for PCI DSS compliance
• Risk assessments of various AWS offerings planned for adoption;
• These required appropriate data classification and handling to be established, threat modelling, and APRA approved assessment process established.
• The assessments involved an evidence-based approach at three levels; Vendor, Service, Implementation. Due-diligence and probity are critical, and the exercise consists of addressing risk domains as defined by Cloud Security Alliance (CSA) and establishing an inherent risk assessment prior to the adoption of the service. To reduce the inherent risk there are security controls defined in 5 main categories; Preventative, Detective, Corrective, Deterrent, Compensating. With these controls the organisation has a feasible residual risk rating and expectation for implementation and future treatment plan dependant of adopted recommendations.

Jan 2018 – Mar 2018 · 2 mos · Canberra, Australian Capital Territory, Australia · Hybrid

• AWS S3 Datalake implementation;
• Considerations for restricted intellectual property data protections and public access
• Data ingestion from Salesforce using Hadoop and Spark on AWS Elastic Map Reduce (EMR)
• Arbitrary ingestion patterns supporting formats including csv, json, and flat files
• Supporting landing zone raw data formats transformation to parquet
• Transient EMR cluster provisioning
• Apache Hive using EMR and Glue Data catalog
• PySpark Glue jobs
• Athena connections to Tableu
• Data visualisations to demonstrate business value to non-technical stakeholders
• Frequent workshops demonstrating new capabilities

Jan 2018 – Jan 2018 · 0 mo · Canberra, Australian Capital Territory, Australia · Remote

• Identity System Design
• IAM and Access Management
• ABAC Authentication
• Geo-location Authorisation
• Multifactor Authentication enrollment
• Okta Administration

Nov 2017 – May 2019 · 1 yr 6 mos · Victoria, Australia · Remote

• Implemented developer oriented security solutions for APRA regulated customers.
• Threat Modelling, Risk Assessments, Data Classification, IRAP/ISM, ISO27k, PCI DSS, NIST, GDPR.
• Maintained operational applications and IaC for managed services using python, ansible, bash, and multiple CI/CD tools.
• For several clients with AI/ML needs, I was resourced to deliver Apache Airflow, Hadoop, Spark, Keras, Tensorflow, and various other skills I developed in past roles - to assist the Data Science team whenever the need arose.
• Solution Designed and Implemented numerous data oriented projects comprised of ETL, Datalake, IaC for ML workloads, etc. Using ecosystems such as SAS, Snowflake, Salesforce, Tableau, Hadoop + Spark + Hive, and AWS-native options.

Nov 2017 – Jan 2018 · 2 mos · Newcastle, New South Wales, Australia · Hybrid

• AWS solution architecture design
• Contributed security improvements to Ruby and Python repositories
• ISO27k audit finding triage and remediation efforts
• Varios ISO SAQ (self-assessment questionnaire) for maturity and audit readiness
• Produce Dataflow diagrams and a CCW (compensating controls workbook) for PCI DSS
• Risk assessments of various third parties: Atlassian, Microsoft, Mimecast, and many others.
• These required appropriate data classification and handling to be established, threat modelling, and APRA approved assessment process established.
• The assessments involved an evidence-based approach at three levels; Vendor, Service, Implementation. Due-diligence and probity are critical, and the exercise consists of addressing risk domains as defined by Cloud Security Alliance (CSA) and establishing an inherent risk assessment prior to the adoption of the service. To reduce the inherent risk there are security controls defined in 5 main categories; Preventative, Detective, Corrective, Deterrent, Compensating. With these controls the organisation has a feasible residual risk rating and expectation for implementation and future treatment plan dependant of adopted recommendations.

May 2017 – Nov 2017 · 6 mos · Melbourne, Victoria, Australia · On-site

Jun 2016 – May 2017 · 11 mos · Melbourne, Victoria, Australia · On-site

• At Ladoo, I played a pivotal role in the development of the Brolly product, which integrates with Twitter's firehose and other social media event streams. My achievements included migrating infrastructure from Vagrant to Docker, refactoring the application from PHP5 to PHP7 with the Symfony Framework, and upgrading from Backbone.js and Gulp to React and Webpack. I managed the Elasticsearch cluster migration to AWS and implemented 3D interactivity using SVG, D3, and Three.js.
• Additionally, I led AI/ML initiatives, including LLM, NLP, and sentiment analysis, and transformed our data lake to meet the stringent requirements of regulated government and educational institutions.
• My work supported high-profile customers such as the Bureau of Meteorology and various universities, ensuring seamless integration and effective data management for critical government and enterprise programs.

Apr 2014 – Jun 2016 · 2 yrs 2 mos · Greater Melbourne Area · On-site

• As the first technical hire at Punters Paradise (later renamed to Punters), I was responsible for a broad range of technical duties, including working with AWS services such as CloudFormation, EC2, Elasticache, DynamoDB, S3, CloudFront, and SNS. I developed in PHP7, MySQL, JavaScript, and Python, and utilized tools like Pandas for data science and reporting.
• My role involved integrating iOS and Android APIs, managing big data ETLs, and designing adaptive autoscale algorithms. A key achievement was leading the development of a real-time odds trading system and wagering bet placement products.
• I contributed a large portion to the implementation of AI/ML including k-means clustering, logistic and binary regression, and RNN decision trees, to predict sporting event outcomes. This advanced predictive capability was leveraged by partner sports betting organizations to optimize pricing odds, significantly enhancing their betting strategies.

Apr 2013 – Mar 2014 · 11 mos · Greater Sydney Area · On-site

May 2012 – Apr 2013 · 11 mos · North Sydney, New South Wales, Australia · On-site

May 2011 – May 2012 · 1 yr · Sydney, New South Wales, Australia · On-site

May 2010 – May 2011 · 1 yr · Sydney, New South Wales, Australia · On-site

Jun 2008 – May 2010 · 1 yr 11 mos · Sydney, New South Wales, Australia · On-site

Nov 2007 – Jun 2008 · 7 mos · Sydney, New South Wales, Australia

Jan 2007 – Nov 2007 · 10 mos · Sydney, New South Wales, Australia

Jan 2005 – Jan 2007 · 2 yrs · Greater Sydney Area

Dec 2004 – Jan 2005 · 1 mo · Greater Sydney Area

Jan 2003 – Dec 2004 · 1 yr 11 mos · Sydney, New South Wales, Australia