Application Security & SSDLC
Threat modelling, secure software delivery, OWASP, SCA/SAST rollout, vulnerability management, developer engagement, and practical security uplift across engineering teams.



Red G / DevSecOps / AppSec / Automation
Security-minded engineering, automation, and applied AI for real-world product delivery. I combine application security, automation, cloud engineering, and applied AI to build secure, useful, production-ready software faster.

I build, automate, and secure: writing software that removes manual work, then making sure what remains is hard to break.
Automation has been the thread through my career, from programming Olympiads and laser research systems to enterprise integrations, DevSecOps, application security, and AI-assisted workflows.
After software and integration roles at Hewlett Packard, I moved deep into Application Security: helping grow Swyftx security from scratch to 20+ specialists, rolling out scanning and threat assessment practices at Officeworks, and maturing secure software delivery lifecycle work at Belong.
AI is not a separate side interest for me. It is part of how I research, design, build, secure, document, and ship software — using tools like ChatGPT, Gemini, NotebookLM, Claude Desktop, Cursor, Antigravity, Flow, Pomelli, Ollama, Hermes, and local LLMs to move faster while still applying security judgement and practical delivery discipline.
I stay hands-on outside of work too, building production apps like Alfie's Almanac, automated trading systems, local LLM experiments, and creative AI workflows. The best way to know what is possible is to keep building it myself.
Expertise
I combine application security, automation, cloud engineering, and applied AI to build secure, useful, production-ready software faster.
Threat modelling, secure software delivery, OWASP, SCA/SAST rollout, vulnerability management, developer engagement, and practical security uplift across engineering teams.
Automating security and delivery workflows through CI/CD, GitHub/GitLab pipelines, Docker, policy checks, dependency scanning, and repeatable engineering processes.
Hands-on use of AI across the full product lifecycle, including research, design, coding, security review, documentation, content, automation, creative workflows, and production product delivery.
Practical cloud and container security across AWS, identity, secrets, logging, deployment hardening, infrastructure design, and production environments.
Full-stack product building from concept to production, combining frontend delivery, backend services, databases, authentication, storage, user experience, and deployment.
Security-aware delivery with consideration for privacy, risk, governance, documentation, and regulated environments.
Delivery multiplier
I use AI across the full product lifecycle, from idea exploration and research through to design, coding, testing, security review, content creation, documentation, and production delivery.
My practical AI toolkit includes ChatGPT, Gemini, NotebookLM, Claude Desktop, Cursor, Google Antigravity, Google Flow, Pomelli, Ollama, Hermes, and local model experimentation.
I use these tools not as isolated assistants, but as part of real workflows for building, validating, explaining, securing, and improving software.
A practical lifecycle I use across real product work — not isolated prompts, but connected stages from idea to production.
Explore ideas, compare approaches, summarise research, understand complex topics, and turn vague concepts into structured direction.
Shape product concepts, visual direction, storytelling, UX ideas, content structure, and creative assets.
Generate, refactor, debug, and review code while maintaining ownership of architecture and implementation decisions.
Review code, challenge assumptions, test logic, improve documentation, and compare implementation options.
Threat model features, review secrets handling, consider privacy risks, check dependency/security concerns, and strengthen delivery practices.
Move from idea to deployed product with version control, deployment workflows, and production feedback.
Iterate from feedback, refine copy, improve UX, create documentation, and build better workflows over time.
Featured proof point

Alfie's Almanac is a production web app I designed, built, and shipped myself. It demonstrates how I use AI practically across product thinking, frontend development, creative direction, content generation, iteration, and deployment. It is proof of hands-on AI-enabled product delivery, not just AI experimentation.
View live appAI is not a separate side interest for me. It is now part of how I research, design, build, secure, document, and ship software. I use tools like ChatGPT, Gemini, NotebookLM, Claude Desktop, Cursor, Antigravity, Flow, Pomelli, Ollama, Hermes, and local LLMs to move faster while still applying security, engineering judgement, and practical delivery discipline.
Selected work
A mix of automation, security thinking, product design, and hands-on build work.

A production web app I designed, built, and shipped myself. It demonstrates how I use AI practically across product thinking, frontend development, creative direction, content generation, iteration, and deployment — proof of hands-on AI-enabled product delivery, not just experimentation.

A hardened, privacy-first AI agent platform using the Nous Research Hermes agent with local Ollama models over Tailscale, dual-model review for hallucination control, Docker sandbox execution, and Discord/Telegram workflows for crypto research and community operations.

A hands-on trading automation project exploring strategy dashboards, risk controls, AI health checks, position monitoring, and evolution reels for product storytelling.


A personal finance and small-business tracking app with authenticated login and an operations dashboard — clients, projects, revenue, income vs expenses, and expense categories — delivered in a deliberately informal Australian tone so money management feels approachable rather than spreadsheet-heavy.
Contact
I am always interested in practical security, automation, AI workflow, and product engineering conversations, especially when there is something real to build.