Senior Detection & Response Engineer
Experienced cybersecurity professional specialising in detection engineering, incident response, and threat simulation — building high-fidelity detections backed by real adversary behaviour.
Get in touchI'm a senior cybersecurity professional with a decade of experience across detection engineering, incident response, and security operations. I've built and led detection capabilities at scale — from NAB and Ernst & Young through to government engagements with the Department of Defence and Department of Education.
My approach is evidence-driven: I simulate real adversary behaviour to generate telemetry, map findings to MITRE ATT&CK, and build detections that hold up against evasion. I've led cyber deception programs, SIEM platform builds, cloud security uplift, and full incident response lifecycles.
I hold certifications including SC-200, eJPTv2, and Security+.
Detection rules built on real adversary TTPs — leveraging MITRE ATT&CK, risk-based analytics, and Detection-as-Code principles across Splunk ES, Microsoft Sentinel, and EDR platforms.
Design and deployment of honeypots and honeytoken accounts to act as decoys for threat actors, providing high-confidence alerting on lateral movement and credential abuse.
End-to-end SIEM platform builds and uplift — log onboarding, parsing, normalisation, detection rule migration, and coverage gap analysis across Splunk ES and Microsoft Sentinel.
End-to-end IR lifecycle management — from triage and investigation through to containment, recovery, and post-incident review — with playbooks built to last.
Strategic advisory on SIEM uplift, SOC capability uplift, cloud security posture, compliance (E8, APRA CPS 234, NIST CSF), and security awareness programs.
Tenable-based scanning, risk-prioritised remediation methodology, and SLA frameworks to systematically reduce exposure across your environment.
Interested in working together? Send me a message.