Practical application security for software teams.

Providing practical application security guidance, hands-on remediation support, and technical leadership for engineering teams. My work covers secure code review, reviews of AI-enabled systems, threat modelling, vulnerability remediation, CI/CD security automation, and secure design support, with a focus on making AppSec effective, repeatable, and easy for development teams to adopt.

Supported engineering teams with hands-on application security testing, secure code review, practical remediation guidance, threat modelling, AI-assisted vulnerability analysis, and automated security checks across the software development lifecycle.

Delivering focused application security health checks for software teams. Each engagement uses AI-assisted secure code review to target the high-risk areas where serious issues usually live, then produces a clear, actionable written report and a one-to-one debrief that gives teams either reassurance or a concrete remediation plan.

Led application security improvement across an enterprise SaaS environment, including technical testing, security review, generative AI security review, AI-generated code assessment, AI safety guardrails, and risk guidance for engineering teams.

Participated in private security testing engagements across web applications, mobile applications, and infrastructure alongside full-time employment, reporting vulnerabilities through structured responsible disclosure processes.

Helped improve application security across a large global engineering environment, supporting teams with secure design decisions, practical AppSec guidance, threat modelling, and DevSecOps-focused ways of working.

Supported application security improvement across a global financial services environment, covering secure code review, web application penetration testing, vulnerability scanning, platform assurance, security reporting, and AppSec tooling evaluation.

Progressed through operational, analytical, and systems-focused roles before moving into Business Systems Management in 2015. Led support, improvement, and integration of internal business systems across finance, operations, and wider enterprise processes.