Testimonial background
Sea landscape background

Red G / DevSecOps / AppSec / Automation

I build software, automate delivery, and strengthen security.

I combine application security, DevSecOps, product engineering, and applied AI to help teams ship dependable software with less manual work.

AppSecDevSecOpsApplied AIAutomationCloud securityProduct delivery
View projects
Profile photo

About me

I build, automate, and secure: writing software that removes manual work, then making sure what remains is hard to break.

Automation has been the thread through my career, from programming Olympiads and laser research systems to enterprise integrations, DevSecOps, application security, and AI-assisted workflows.

After software and integration roles at Hewlett Packard, I moved deep into Application Security: helping grow Swyftx security from scratch to 20+ specialists, rolling out scanning and threat assessment practices at Officeworks, and maturing secure software delivery lifecycle work at Belong.

AI is not a separate side interest for me. It is part of how I research, design, build, secure, document, and ship software. I use tools like ChatGPT, Gemini, NotebookLM, Claude Desktop, Cursor, Antigravity, Flow, Pomelli, Ollama, Hermes, and local LLMs to move faster while still applying security judgement and practical delivery discipline.

I stay hands-on outside of work too, building production apps like Alfie's Almanac, automated trading systems, local LLM experiments, and creative AI workflows. The best way to know what is possible is to keep building it myself.

  • Location:QLD, Australia
  • Interests:Coding, Surfing
  • Study:Computer Science / Physics

Career history

For my full employment history, roles, certifications, and professional recommendations, visit my LinkedIn profile.

View experience on LinkedIn

Selected work

Projects I have built

Production products and experiments across security, automation, local AI, and software delivery.

Featured
Alfie's Almanac screenshot 1

Alfie's Almanac

A production surf-planning app that I designed, built, secured, and deployed. It combines location data, weather and marine conditions, original map artwork, and AI-assisted development in a complete consumer product.

Hermes Stack screenshot 1

Hermes Stack

A private AI agent setup using Hermes and local Ollama models over Tailscale. It includes sandboxed execution, independent model review, and Discord and Telegram interfaces for research and community workflows.

Strategy Factory screenshot 1

Strategy Factory

An experimental trading platform for testing strategies, monitoring positions, reviewing risk, and tracking system health.

Yeah Nah Dosh Muncher screenshot 1
Yeah Nah Dosh Muncher screenshot 2

Yeah Nah Dosh Muncher

A personal and small-business finance app for tracking clients, projects, revenue, expenses, and spending categories. Its informal Australian voice is designed to make routine money management feel less intimidating.

Services

Practical help with software, websites and AI

Short, focused engagements with a clear scope and practical results. My standard rate is $200 AUD per hour, excluding GST. Larger website projects are scoped and priced before work begins.

Application Security ReviewFind the risks before they become customer problems.2–4 hours ($400–$800 AUD ex GST)Details
Security ReviewPractical Fixes
  • What I review: Your code and setup, including sign-in, customer data, secrets, dependencies and deployment.
  • What you get: A clear, prioritised list of findings, practical recommendations and a walkthrough of the results.
Secure Your App CoachingLearn how to review and harden your own application.4–8 hours ($800–$1,600 AUD ex GST)Details
Hands-on CoachingApp Security
  • How it works: I work through your application with you, explain what I am checking and help address the most important issues.
  • What you get: Guided practice, help with review tools and a straightforward checklist for future releases. Sessions can be spread across several days.
Website Build or RefreshLaunch a new website or improve the one you already have.Updates from $400 (new websites from $2,000 AUD ex GST)Details
New WebsitesSite Updates
  • What I can help with: Page structure, design clean-up, mobile usability, performance, contact forms and essential security.
  • What you get: A clear, mobile-friendly website, launch support and a simple handover. I confirm the scope and price before starting.
Practical AI CoachingUse AI to save time on work you already do.2–4 hours ($400–$800 AUD ex GST)Details
Hands-on CoachingUseful Automation
  • How it works: I look at your regular work, find where AI could genuinely help and set up a practical way to use it.
  • What you get: Hands-on coaching, reusable prompts and workflow notes, plus advice on privacy and checking the output.

Skills

What I work with

Security, automation, cloud, AI, and product engineering skills developed through professional delivery and independent projects.

Application Security & SSDLC

Threat modelling, secure software delivery, OWASP, SCA/SAST rollout, vulnerability management, developer engagement, and practical security uplift across engineering teams.

Applied professionallySecurity reviewedDeveloper enablementRisk reduction
Threat ModellingOWASP ASVSSCASASTSSDLCVulnerability ManagementSecure Code ReviewDeveloper Enablement

DevSecOps & Automation

Automating security and delivery workflows through CI/CD, GitHub/GitLab pipelines, Docker, policy checks, dependency scanning, and repeatable engineering processes.

Applied professionallyAutomated with itBuilt with itUsed in real workflows
GitHub ActionsGitLab CI/CDDockerDependabotSnykPipeline SecurityAutomationPolicy Gates

Applied AI Engineering

Using AI for research, design, coding, security review, documentation, automation, and product delivery, with independent review and clear security boundaries.

Built with itShipped to productionAutomated with itUsed in real workflows
ChatGPTGeminiNotebookLMClaude DesktopCursorAntigravityFlowPomelliOllamaHermesLocal LLMsAI Review Loops

Cloud & Container Security

Practical cloud and container security across AWS, identity, secrets, logging, deployment hardening, infrastructure design, and production environments.

Applied professionallySecurity reviewedShipped to productionUsed in real workflows
AWSIAMDockerContainersSecrets ManagementLoggingDeployment SecurityInfrastructure Hardening

Product Engineering

Full-stack product building from concept to production, combining frontend delivery, backend services, databases, authentication, storage, user experience, and deployment.

Built with itShipped to productionAutomated with itUsed in real workflows
Next.jsReactTypeScriptNode.jsPostgreSQLSupabaseVercelGitHubAPI DesignProduct Delivery

Governance, Privacy & Compliance

Security-aware delivery with consideration for privacy, risk, governance, documentation, and regulated environments.

Applied professionallySecurity reviewedRisk reductionUsed in real workflows
Privacy ActISMISO 27001NISTSecurity DocumentationRisk ManagementSBOMSupplier Review

Applied AI

How I use AI

I use AI throughout software delivery, including research, design, implementation, testing, security review, and documentation. I also run local models when privacy or greater control matters.

The value is not the number of tools I use. It is how I combine them with engineering judgement, independent review, and clear security boundaries.

AI workflow loop

A connected process that takes work from an early idea through review, security, and release.

1

Research

Explore ideas, compare approaches, summarise research, understand complex topics, and turn vague concepts into structured direction.

ChatGPTGeminiNotebookLMClaude
2

Build

Generate, refactor, debug, and review code while maintaining ownership of architecture and implementation decisions.

CursorAntigravityChatGPTClaude
3

Secure

Threat model features, review secrets handling, consider privacy risks, check dependency/security concerns, and strengthen delivery practices.

ChatGPTClaudeSecurity tooling
4

Ship

Move from idea to deployed product with version control, deployment workflows, and production feedback.

GitHubVercelDockerCI/CD workflows

AI supports the work. Responsibility for the architecture, security decisions, and finished product remains with me.

Recommendations

What colleagues say

Red G and I worked together in Swyftx security. For our entire time together, he was always supremely adaptable, eager to learn, kind hearted, and passionate about making Swyftx great. He has strong technical skills, stretching across a broad range of topics. He was most recently in an Application Security role, in which he was supporting a number of our engineering squads. I will be eagerly following where your career will take you!

-- Head of Security at Swyftx

I thoroughly enjoyed working with Red G during his time at Swyftx. Given his previous experience at Microfocus with Fortify, I found Red G to have a good knowledge of the AppSec space and was engaged & inquisitive to learn more on Snyk’s approach. During the roll out Snyk, our Customer Success Team who assisted during implementation, found Red G to be a great communicator and his proactive nature resulted in a huge amount of progress in a short period of time. I wish Red G all the best and look forward to seeing what his next move is.

-- Senior Account Executive at Snyk

Red G is a fantastic teammate to work alongside. He is diligent, thorough, knowledgeable, and considerate of the needs of others. He brings humour and a unique perspective and I have enjoyed all the time spent working with him.

-- Peer at Swyftx

Red G is a very thorough individual, Always ensuring that tasks are completed to ensure that customers of our team are aware of what we expect of them as well as what they should expect from us. Red G is incredibly knowledgeable across many disciplines and applies his knowledge learned elsewhere to all aspects of his work.

-- Lead Solution Architect at Micro Focus

Contact

Have something useful to build or improve?

I am available for fixed-scope security work, automation, product engineering, and selected contract opportunities.