Melbourne, Victoria, Australia
A seasoned cybersecurity leader and Principal Innovation Engineer within the Google Threat Intelligence Group, specializing in the intersection of advanced offensive security, adversary tradecraft, and Agentic AI and Generative AI. With over four years of experience at Google/Mandiant, the focus has remained on architecting next-generation security platforms that automate complex threat diagnostics and enhance intelligence workflows. Strategic Innovation & AI Integration Driving the "Innovation Cell" at Google, leadership has been provided for the end-to-end development of strategic Proof of Concepts (PoCs) utilising Agentic LLMs. Key accomplishments include: * AI-Assisted Threat Diagnostics: Engineered a Gemini-powered Diagnostics Agent integrated with core orchestration platforms to streamline complex security workflows. * Scalable Architecture: Designed hybrid BigQuery and Vertex AI Vector Search architectures for multi-terabyte security log analysis, enabling sophisticated Retrieval-Augmented Generation (RAG) capabilities. * Data Governance & Ethics: Developed foundational frameworks for LLM-powered Data Leak Analysis, ensuring legal compliance and ethical handling of malicious data across diverse formats. * Adversary Emulation: Led the pilot of the Adversary Emulation Platform (AEP), featuring robust API support and multi-user access controls. Offensive Security & Community Impact Extensive expertise in red team operations, malware repurposing, and exploit development is backed by a Master of Cyber Security (Advanced Tradecraft) from UNSW and top-tier certifications (GREM, GRTP, GDAT, GXPN). A proven track record exists for building high-performing red teams and delivering specialized training on Windows Internals and adversary simulations. As an active contributor to the global security community, insights are regularly shared through open-source projects and presentations at premier conferences, including Black Hat and DEF CON. Core Competencies: * Advanced Tradecraft: Red Team Tactics, Malware Analysis, Exploit Development, Cyber Deception. * Platform Engineering: GenAI Integration, Agentic AI, RAG Architectures, Vector Search. * Security Leadership: Innovation Cell Management, Technical Strategy, Legal/Compliance Frameworks for Security AI.
As a Principal Innovation Engineer within the Google Threat Intelligence Group's Innovation Cell, I have led the development and deployment of strategic, next-generation security platforms and Proof of Concepts (PoCs), demonstrating deep expertise in advanced security platform engineering and Generative AI (GenAI) integration. My key deliverables include the Adversary Emulation Platform (AEP) pilot, featuring robust API support and multi-user access control, and the functional PoC for an AI-Assisted Threat Diagnostics (ATD) Tool powered by a Gemini-based Diagnostics Agent. This tool, integrated with four core security orchestration platforms, significantly streamlines threat diagnostic workflows. I also developed the Analytic Quality Assurance AI Tool (AQA Agent) PoC to automate quality-of-service reviews for intelligence reports. Furthermore, I architected critical foundational components for future GenAI initiatives. This includes formally proposing and developing solutions for a Hybrid BigQuery and Vertex AI Vector Search architecture, designed for highly governed, multi-terabyte-scale security log analysis to enable superior Retrieval-Augmented Generation (RAG) capabilities using Gemini. I also designed the initial software and foundational legal framework for a purpose-built LLM-powered Data Leak Analysis Platform PoC, which addresses complex requirements for data governance, legal compliance, and ethical data handling in the rapid, secure analysis of malicious data leaks across diverse data types. My work consistently focused on technical innovation, functionality, scalability, and establishing the core technical foundations for multiple strategic internal security tools.
As a Senior Staff Software Developer at Google/Mandiant, my responsibilities encompass designing and developing innovative Cyber Deception products and technologies. I also actively contribute to the development, operation, and improvement of adversary tradecraft projects and products for threat intelligence services. Additionally, my expertise extends to developing and delivering both offensive and defensive trainings, covering topics such as Windows Internals, Red Team operations, Adversary Simulations, and Malware Repurposing, further showcasing my comprehensive skill set in the cybersecurity d
As a Staff Software Engineer at Google/Mandiant, my responsibilities encompass designing and developing innovative Cyber Deception products and technologies. I also actively contribute to the development, operation, and improvement of adversary tradecraft projects and products for threat intelligence services. Additionally, my expertise extends to developing and delivering both offensive and defensive trainings, covering topics such as Windows Internals, Red Team operations, Adversary Simulations, and Malware Repurposing, further showcasing my comprehensive skill set in the cybersecurity domain.
As a Principal Software Engineer at Google/Mandiant, my responsibilities encompass designing and developing innovative Cyber Deception products and technologies. I also actively contribute to the development, operation, and improvement of adversary tradecraft projects and products for threat intelligence services. Additionally, my expertise extends to developing and delivering both offensive and defensive trainings, covering topics such as Windows Internals, Red Team operations, Adversary Simulations, and Malware Repurposing, further showcasing my comprehensive skill set in the cybersecurity domain.
In my role as Manager of the Red Team at The Missing Link, I led the adversary simulation services and teams, ensuring the delivery of high-quality cybersecurity solutions. I provided expert consultancy on offensive and defensive security measures to enhance the overall protection of our clients. Furthermore, I was responsible for developing custom security testing tools for the community, customers, and engagements, showcasing my ability to create tailored solutions for a variety of cybersecurity challenges.
Providing security consultancy and adversary simulations to larger organisations. Developing and running adversary simulations.
As Manager of the Red Team at National Australia Bank, I managed and mentored a team of experts, providing thought leadership and technical expertise to both the Cyber Defence and the industry. My role involved liaising with regulators and stakeholders to identify and scope exercises, focusing on areas of business concern, new threat intelligence, business processes/systems, and adversaries/techniques. I managed delivery of Red Team exercises, including scoping, test planning, risk management, test execution, reporting, tracking remediation, and running Blue Team debriefs. I worked to develop and grow the team's capability to target people, processes, and technology using logical, physical, and social attacks. My responsibilities also included communicating findings from Red Team exercises to Blue Teams, executive leadership, and relevant committees. Additionally, I managed and led the delivery of other Red Team activities, provided regular reporting on key operational and delivery measures, and performed other related activities as required by management.