About
Building the controls and systems that detect intruders — detection engineering, incident response, and cyber deception across banking, funds management, and a range of government departments.
The approach is threat-led: model the threats, write detections as code, test and tune them, and keep the SIEM efficient.
Splunk ES · Sentinel · KQL · SPL · CrowdStrike · Defender · Python · PowerShell · Azure · Essential 8
Services
- Detection EngineeringATT&CK-mapped · Splunk ES · Sentinel · EDR
- SIEM Upliftonboarding · migration · coverage analysis
- AI Securityprompt monitoring · shadow AI · assistant assessments
- Incident Responsetriage → containment → recovery → review
- Security ConsultingE8 · APRA CPS 234 · NIST CSF
- Cyber Deceptionhoneypots · honeytokens · canaries
Contact
Currently contracting in detection & response —
and open to consulting engagements and advisory.