I am currently a Staff Engineer at Google DeepMind, leading Gemini's adversarial security evaluations and post-training.
Full CV available on request.
Staff Software Engineer, Security (2024 - Present)
Senior Software Engineer, Security (2023 - 2024)
Software Engineer, Security (2022 - 2023)
Tech lead of Gemini Security Modeling, a team of 10+ members of technical staff working on Gemini’s resilience against prompt injection & jailbreak attacks in security-sensitive settings.
I architect Google DeepMind’s main auto red teaming framework for indirect prompt injection attacks, deploying SotA iteratively-optimizing adversarial techniques to robustly evaluate Gemini’s agentic capabilities.
I lead the work on Gemini’s security adversarial post-training that enable critical generative AI product features handling user data and permissions, including Gemini apps and Google Workspace.
Senior Infrastructure Engineer, Security (2021 - 2022)
Backend Engineer, Security (2018 - 2020)
As a senior individual contributor for the security of Monzo's banking infrastructure, I designed and built security infrastructure and applications for the AWS and Kubernetes-based platform, improving its resiliency to external and internal threats. I designed and implemented extensive automations to enforce least privilege, minimise human access to sensitive data, and enable effective auditing at all levels of the infrastructure. Additionally, I provided routine DevSecOps coverage for the platform, and contributed to its long-term security and compliance strategies.
Blog Post: How we secure Monzo’s banking platform
Blog Post: Controlling outbound traffic from Kubernetes
Security Engineer
As a senior security engineer for OVO’s energy technology subsidiary Kaluza, I worked to protect the energy retail platform. My primary focus was the infrastructure security of this cloud-native energy retail platform built on both AWS and GCP; building security tooling and defensive & detective controls for Kubernetes clusters, CI/CD pipelines, managed services. Additionally, I acted as a mentor to junior security engineers on infrastructure security and DevOps; and advised and contributed to platform-level projects from security and compliance perspectives.
Blog Post: Building a secure CI/CD pipeline for Terraform Infrastructure as Code
Blog Post: Kubernetes security monitoring on a decentralised, multi-cluster platform
Passed with Distinction
I work on a range of personal and open-source projects related to security, DevOps, or just hobby; which can be found via my GitHub profile.
I also operate a personal, cost-optimised Kubernetes cluster to host many of these projects. This personal page you are reading is in fact served from within the cluster!In addition to speaking English and Chinese (Mandarin) at a native or near-native level, I also speak German at an elementary level.