MSc Applied Cybersecurity · Heriot-Watt University · Edinburgh, UK
I build and break things in cybersecurity — then figure out why they broke. Security Operations · OT Security · Digital Forensics · Threat Intelligence.
My background spans network engineering, five years of service within the international defense and military education sectors — as a Computer Science Instructor and Simulation Officer — and an MSc focused on digital forensics, SOC operations, and vulnerability analysis.
That combination gives me something rare at an early career stage: a real intuition for how systems fail, not just how they are designed to work.
Every project below is a real system I designed and built — not coursework, not tutorials. Each video walks through the problem, the thinking, and what it demonstrates.
Most security systems ask whether an asset was accessed. This one asks whether the right person accessed it under the right conditions. A cyber-physical prototype using RFID role enforcement, HMAC-SHA256 cryptographic log chaining, and a stealth UI — designed so a violation leaves forensic evidence without alerting the attacker.
View on GitHub →In distributed systems, silence and normal operation look identical — until you build something that can tell the difference. A heartbeat-based UDP monitoring system that detects missing telemetry, classifies anomaly types, reconstructs outage timelines forensically, and simulates SOC triage workflows from alert to structured incident report.
View on GitHub →End-to-end vulnerability assessment from exploitation to documented remediation — the way it works in a real security team. Conducted against OWASP Juice Shop using Nessus and DefectDojo, including manual XSS exploitation, CVSS v3 scoring, CWE mapping, and a workaround for tool limitations that forced a deeper understanding of how vulnerability data is actually structured.
View on GitHub →In OT environments, the highest CVSS score is not always the highest priority — patching the wrong system can cause more harm than the vulnerability itself. A prioritisation framework combining CVSS, EPSS exploit probability, and operational context to produce ranked, actionable decisions. Feeds directly into MSc dissertation research on LLM reliability in automated vulnerability assessment.
View on GitHub →
I came to cybersecurity from the ground up — building a foundation in network engineering and Linux systems administration This led to years of specialized experience within the international defense and engineering sectors, focusing on technical education and simulating how complex systems and technical architectures behave under operational stress .
That progression brought me to Heriot-Watt University, where my MSc dissertation focuses on AI in cybersecurity, specifically investigating large language models for vulnerability scoring — comparing structured prompting approaches against conversational prompting, and measured against official NVD scores and EPSS data.
I also run CreativeKyma — a cybersecurity education platform translating complex security concepts for non-technical audiences including organisations, small businesses, and children. Because security only works when people understand it.
Currently seeking entry-level roles in Security Operations or Cybersecurity where I can apply structured analysis, incident investigation, and system-level thinking in real-world environments. Open to opportunities in the UK and internationally.