Profile
Currently working as a technical team lead of detection and intelligence at a not-for-profit threat intel provider. I specialise in the automation, reporting, and dissemination of high quality advice pertaining to cyber security, HR and integrity, and general observability monitoring for our membership of roughly 100 organisations of all sizes. I have a desire to move away from writing advisories and into implementing the recommendations of those advisories through a SIEM or Incident Responder leadership role.
Technical Skills
I've programmed in so many languages and under so many paradigms I'm sure I can figure out whatever is thrown at me. I have performed internal penetration tests with self-written payloads, and I have committed C#.NET MVC+SQL code to add a new WCAG-compliant field to a dropdown list -- a huge variety of work. 8+ years of consulting has offered experience with a broad set of workflows, including hugely automated systems controlled by tools like Terraform/Ansible/Puppet managing platforms such as OpenShift, Kubernetes, Nutanix, ESXi, Azure/AWS, and plenty more.
Management Skills
I am an experienced manager with a strong history of leadership outcomes.
- Successfully established a brand-new greenfield Security Operations Center (SOC) team and served as one of three technical managers overseeing approximately 40 staff members during their transition to a 24x7 operational model.
- Led a team of eight consultants, each managing their own clients and workloads, achieving consistent success through collaborative leadership and strategic guidance. Maintained exceptional team retention rates, particularly notable in the highly competitive private sector.
- Excel in bridging the gap between highly technical concepts and diverse audiences, with a proven ability to communicate effectively with senior executives, technical teams, and the general public.
Education
University of Canberra
Graduate Certificate of Government Informatics
Monash University
Bachelor of Information Technology and Systems (Computer Science)
Caulfield, Victoria
2011-2014
Experience
Detection and Intelligence Lead, CI-ISAC Australia
(2025 - Current)
Building capability, automating everything, and writing the most actionable intelligence advisories around.
- Drastically improved the quality of our written advisories by adding extremely actionable recommendations specifically targeting SIEM and SOAR engineers.
- Automated literally dozens of intelligence checks, building one of the most comprehensive vulnerability and threat monitoring platforms in the world, outperforming many paid counterparts.
- Presented at several major public-facing conferences, including for Cyber Champions Australia.
Managing Consultant - North Australia, Tesserent (formerly Rivium), Canberra
(2016 - 2024)
Performing highly technical security and integrity consulting, and managing a team who do the same.
- Grew with small, elite, private 6-staff company through growth and acquisition to now 500+ headcount listed on the ASX.
- Architected, implemented and configured many large-scale SIEM deployments during many multi-year consulting roles.
- Built a system to monitor behaviour of students during exams and successfully detect cheating without invading their privacy.
- Built large-scale HR integrity investigation assistant framework to algorithmically detect anomalous user behaviour on a network and step a human agent through investigation and remediation.
- Built an automation suite for Splunk to enable high quality monitoring for a volatile and secure set of projects. Including One-click multi-site indexer cluster deployment, integration with an existing search head cluster with full RBAC, including full usage logging and reporting for billing back to the project's business owner; all the way down to ISM/PSPF-compliant data archival at the project's spindown.
- Delivered extremely thorough Application Performance Metrics to the function level so end users can identify which section of code on which application in which environment on which server is causing performance problems in a live production environment. This was a particularly outstanding result for our client and we have since extended this monitoring into a new fully CI/CD containerised environment.
Cyber Security Analyst, Federal Government Department, Canberra
(2014 - 2016)
Straight out of university, pulled into hacking.
- Set up a system for detecting financial fraud of a federal government grants system.
- At first assisted with, then ultimately performed many system penetration tests, then writing tools to both help perform, and detect them.
- Set up a fully automated Malware Analysis station. When a "suspicious" email hits our mail filters it is forwarded, scanned, and then reported on automatically. Doing this work I also got my hands dirty dealing with very bespoke requests in a massive bureaucracy, such as getting an air-gapped internet connection wired to the basement to perform the analysis safely and the general trust to allow this mail filter behaviour.
- Automated/scripted masses of BaU work for the sec ops team, saving around 1-2FTE/week.
- Pentests also resulted in me helping fix a lot of bugs in internal frameworks, mostly a lot of SQL injection mitigation. Importantly, this also involved demonstrating to developers what I could do with injection which helped them understand the importance of fixing it.
Older Experience
On-site Technician and Consultant, Geeks2U, Melbourne & Canberra
(2014 - 2017)
Basically call-out computer fixer guy. Was a lot of fun.
- Successfully recovered data lost in an electrical storm for large engineering firm
- Learned and performed (simple) component-level motherboard repair on consoles and laptops
- Constantly explaining complex issues and resolutions in simple terms
- I did this part-time while working (full-time) for the government to keep up-to-date with the malware normal people get hit with (and money).
Tech Expert, Telstra, Melbourne
(2012 - 2014)
Working in a Telstra store as the tech guy.
- First bit of experience working for a huge company.
- Hacked 'demo' firmware on last-gen floor-model mobile phones to convert them into loan-devices for people getting their phones replaced under warranty.
Repair Technician, Self-employed, Melbourne
(2010 - 2012)
Self-employed iPhone repairs during my teen years, made good money.
- Didn't want to work at Maccas so I started repairing phones.
- Advertised through Gumtree, earned enough to buy a car which at 17 was my goal.
- Sold company, assets, and client list to Easy-Bargain Co (the company that supplied me with my parts).
Online Presence
My presence isn't huge as a lot of my work has been performed under NDA or is otherwise fedgov/secure, but I have done bits and pieces including some I am proud of.
Here are some links to get you started:
Currently living in Canberra, happy to move for the right work. Currently holding a valid federal government security clearance at a high level.