Built by hand. Deployed to production.
A personal portfolio of AI systems designed, built, and deployed end to end. Every one runs in production, self-hosted, Dockerised, or shipped as a desktop app. Nothing here is a mockup or a someday plan: each card below is working code.
The skills behind the systems
Two decades of enterprise security, now pointed at AI. The same hands that ran multi-vendor firewall estates build and harden the systems above.
AI Security
RAG pipeline hardening, prompt-injection defence, agent & tool-use security, adversarial ML testing.
Firewall & Network Security
Multi-vendor migration (Palo Alto, Cisco, Fortinet, Check Point, F5), NIS2 / KRITIS, segmentation programmes.
Cloud & Zero Trust
Hybrid Azure / on-prem identity, privileged access management, zero-trust architecture.
Compliance Engineering
ISO 27001, DORA, EU AI Act risk classification, SOC 2 evidence pipelines, audit-ready control mapping.
AI Systems Engineering
Local LLM deployment, retrieval-augmented generation, LoRA fine-tuning, document automation, self-hosted.
Built with security-engineering discipline — clear boundaries, observable runtime, and audit evidence by default.
For network & security work (firewall change management, NIS2, KRITIS), see the sister portfolio: fwchange.com.













