Built and led the regional AI Security consulting practice inside AWS Professional Services. 150+ enterprise pre-sales engagements across financial services, government, resources, telecom, and professional services (Tier-1 Australian banks, mining majors, and the NZ government). Co-built the APJ AI Security specialist team (11 specialists across AU, NZ, Singapore, India, Korea, Japan) and defined the regional AI/ML security review methodology and GTM packaging that ANZ sales used to land enterprise engagements.
–
AWS Threat Composer · AI threat-modeling framework
Co-authored the AI / agentic-application reference threat model (STRIDE + MAESTRO methodology). The go-to artifact for AWS and Amazon security teams. Productised as part of AWS Threat Composer, AWS Labs' open-source threat-modeling ecosystem.
–
AWS Control Tower · Proactive Controls
Project-led the engineering rollout of native Proactive Controls in AWS Control Tower (policy-as-code preventive guardrails via CloudFormation Hooks). GA across regions since 2024; blocks non-compliant resources at deployment time across the AWS customer fleet.
–
Multi-modal content moderation for ANZ enterprise GenAI platforms
Built and shipped the AWS multi-modal content-moderation offering adopted by Tier-1 Australian banks and other regulated customers as the guardrail layer that cleared their first internal GenAI deployments under APRA CPS 234. Modular toxicity guardrails with first-class exception handling, fine-tuned across media, telecom, and FSI deployments.
–
◇◇◇
02 Open source
model-scanner · open source
Apache 2.0 Claude Code skill. Runs four independent scanners on ML model files, scores risk 0–100, maps findings to OWASP LLM Top 10 and Australian ISM-2072 (the first government framework to mandate non-executable model formats).
Apache 2.0 AI safety benchmark. Tests how frontier models handle tricky gray-zone requests, the kind that sit between "obviously safe" and "obviously refuse." CLI for running benchmarks, web dashboard for exploring results.
OAuth 2.1 authorization plus an MCP server on Vercel with real-time analytics and threat detection. Reference implementation for securing the Model Context Protocol ecosystem.
AGPL AI-agent red-team simulator and incident-response tabletop engine. Multi-agent swarm intelligence: clones your team into agents, drops a threat actor into Slack and email, and runs the breach 100 times under regulatory time-bounds (GDPR 72h, insurance 48h). You get a distribution of how your org actually behaves under pressure. Not what the binder says.
Security checks for the Ralph coding-agent loop. Scan before commit, fix iteratively, escalate when stuck. A practical example of the AI-for-security direction: using AI to do the security work that used to be manual.
Led the APAC VPN Security team (30 engineers) supporting Tier-1 telecom and enterprise customers. Built Python and Shell automation that cut MTTR on customer escalations and was adopted across the global TAC.
