Selected Projects

Problem

Security detections were authored and maintained directly within the SIEM, resulting in tightly coupled, stateful configuration that was difficult to review, test, or scale. Detection logic lacked version control, clear ownership, and consistent deployment workflows, increasing the risk of regressions and limiting collaborative development. With duplication and overlapping alerts a particular issue.

Impact

Introduced version control, code review, and repeatable deployment to detection engineering workflows. Reduced operational risk by making detection changes auditable, reproducible, and easier to reason about. Established a foundation for scaling detection development across teams while maintaining consistency and governance.

Problem

As detections transitioned to code, validating their correctness at scale became a bottleneck. Manually authoring test cases for each detection was time-consuming and inconsistent, while traditional static validation failed to capture behavioural edge cases inherent to security logic.

Impact

Enabled scalable, repeatable testing of detection logic without requiring bespoke test authoring for each rule. Improved confidence in detection changes by catching logical errors and regressions earlier in the development lifecycle. Demonstrated practical application of AI engineering techniques in production systems with strong constraints on output reliability.

Problem

Third-party operational data was being delivered into Azure Data Lake in inconsistent formats and needed to be reliably migrated into Google Cloud to support downstream analytics and reporting. Existing processes were manual, fragile, and did not scale as data volume and source diversity increased.

Impact

Enabled a scalable and reliable data pipeline feeding Google BigQuery and downstream analytics workloads. Reduced operational risk by replacing ad-hoc data transfers with a monitored, testable service. The connector became a core part of the organisation’s data ingestion strategy and was extended to support multiple third-party providers beyond the initial use case.

Problem

Demonstrate AI capabilities in automation to third-party through an engaging, gamified example

Impact

Award-winning finish. Strengthened AI engineering skills, exposed to model training, automated workflows, and API integrations. Provided a fully interactive, scalable system including recommendations.

Problem

Demonstrate AI-assisted code review and enhancement in an interactive IDE environment.

Impact

Enabled fully interactive code reviews with real-time AI feedback, improving development efficiency and code quality. Provided a scalable system with multi-project and organizational support, modular AI integration, and export capabilities in multiple formats.

Problem

A third-party subsidiary operating as a functional extension of the organisation relied on live streaming platforms that exposed employees to malicious actors, including explicit and abusive behaviour. The parent organisation lacked sufficient control and visibility over inbound traffic, relying on external platform safeguards that were reactive, opaque, and insufficient for employee protection.

Impact

Significantly improved employee safeguarding by enabling proactive identification and blocking of malicious actors, including repeat offenders. Provided the security team with actionable, request-level data to support investigations and policy refinement rather than relying on incomplete third-party signals. Established a reusable security pattern for exerting control over external platforms operated by subsidiaries while preserving operational autonomy.