
Alfie's Almanac
A production surf-planning app that I designed, built, secured, and deployed. It combines location data, weather and marine conditions, original map artwork, and AI-assisted development in a complete consumer product.


Red G / DevSecOps / AppSec / Automation
I combine application security, DevSecOps, product engineering, and applied AI to help teams ship dependable software with less manual work.

I build, automate, and secure: writing software that removes manual work, then making sure what remains is hard to break.
Automation has been the thread through my career, from programming Olympiads and laser research systems to enterprise integrations, DevSecOps, application security, and AI-assisted workflows.
After software and integration roles at Hewlett Packard, I moved deep into Application Security: helping grow Swyftx security from scratch to 20+ specialists, rolling out scanning and threat assessment practices at Officeworks, and maturing secure software delivery lifecycle work at Belong.
AI is not a separate side interest for me. It is part of how I research, design, build, secure, document, and ship software. I use tools like ChatGPT, Gemini, NotebookLM, Claude Desktop, Cursor, Antigravity, Flow, Pomelli, Ollama, Hermes, and local LLMs to move faster while still applying security judgement and practical delivery discipline.
I stay hands-on outside of work too, building production apps like Alfie's Almanac, automated trading systems, local LLM experiments, and creative AI workflows. The best way to know what is possible is to keep building it myself.
For my full employment history, roles, certifications, and professional recommendations, visit my LinkedIn profile.
View experience on LinkedInSelected work
Production products and experiments across security, automation, local AI, and software delivery.

A production surf-planning app that I designed, built, secured, and deployed. It combines location data, weather and marine conditions, original map artwork, and AI-assisted development in a complete consumer product.

A private AI agent setup using Hermes and local Ollama models over Tailscale. It includes sandboxed execution, independent model review, and Discord and Telegram interfaces for research and community workflows.

An experimental trading platform for testing strategies, monitoring positions, reviewing risk, and tracking system health.


A personal and small-business finance app for tracking clients, projects, revenue, expenses, and spending categories. Its informal Australian voice is designed to make routine money management feel less intimidating.
Services
I offer focused security engagements with a clear scope, capped estimate, and practical deliverables. My standard rate is $200 AUD per hour, excluding GST.
Methodology: I use carefully controlled AI-assisted analysis alongside manual application security review, using tools such as Cursor, Claude Desktop / Code, ChatGPT, and Antigravity. Work can be completed within your existing development environment or in an isolated environment, depending on your privacy and security requirements.
A focused assessment of open-source dependencies and the cloud and delivery controls around them.
Estimated investment
15–20 hours ($3,000 – $4,000 AUD ex GST)
Collaborative implementation of automated dependency controls in your GitHub Actions pipelines.
Estimated investment
8–10 hours ($1,600 – $2,000 AUD ex GST)
Skills
Security, automation, cloud, AI, and product engineering skills developed through professional delivery and independent projects.
Threat modelling, secure software delivery, OWASP, SCA/SAST rollout, vulnerability management, developer engagement, and practical security uplift across engineering teams.
Automating security and delivery workflows through CI/CD, GitHub/GitLab pipelines, Docker, policy checks, dependency scanning, and repeatable engineering processes.
Using AI for research, design, coding, security review, documentation, automation, and product delivery, with independent review and clear security boundaries.
Practical cloud and container security across AWS, identity, secrets, logging, deployment hardening, infrastructure design, and production environments.
Full-stack product building from concept to production, combining frontend delivery, backend services, databases, authentication, storage, user experience, and deployment.
Security-aware delivery with consideration for privacy, risk, governance, documentation, and regulated environments.
Applied AI
I use AI throughout software delivery, including research, design, implementation, testing, security review, and documentation. I also run local models when privacy or greater control matters.
The value is not the number of tools I use. It is how I combine them with engineering judgement, independent review, and clear security boundaries.
A connected process that takes work from an early idea through review, security, and release.
Explore ideas, compare approaches, summarise research, understand complex topics, and turn vague concepts into structured direction.
Generate, refactor, debug, and review code while maintaining ownership of architecture and implementation decisions.
Threat model features, review secrets handling, consider privacy risks, check dependency/security concerns, and strengthen delivery practices.
Move from idea to deployed product with version control, deployment workflows, and production feedback.
AI supports the work. Responsibility for the architecture, security decisions, and finished product remains with me.
Recommendations
Contact
I am available for fixed-scope security work, automation, product engineering, and selected contract opportunities.