timeline

Building core platform infrastructure for a multi-tenant agentic SOC product — agent harness, data service layer, observability, and enterprise auth.

• Agent harness — Building the cybersecurity agent harness: permissions, skills, context management, and tool orchestration that coordinate the agent's reasoning with the data service layer. Handles LLM provider onboarding, quota, and rate limiting.
• Data service layer — Built the vendor-agnostic data layer that is the agent's hands and eyes: alert ingestion across 20+ integrations (CrowdStrike, Splunk, Palo Alto), entity enrichment, log search, and response actions across the full investigation lifecycle. Customer-extensible via MCP, with per-integration failure handling, retry, and rate limiting.
• Integration observability — Integrations are the critical path of every investigation, yet failures used to collapse into opaque errors. Surfaced first-class exceptions and a standardised error taxonomy shared across all integrations, so customers see exactly why something failed and oncall, notifications, and alerting run off one consistent signal.
• Platform observability — OpenSearch and Grafana-on-Prometheus give internal teams a live read across the whole system, spanning LLM and investigation failures, API latency, and resource health, with alerts escalating to oncall through Teams and Zenduty. On top, layered customer-facing analytics on Apache Doris for per-customer insight into investigations, agents, and integrations.
• Agent observability — Instrumented the agent with Langfuse exporting traces to ClickHouse (analytics migrating to Apache Doris); built dashboards for cost, token usage, and prompt analytics.
• Enterprise auth & access control — Shipped SAML SSO, email OTP login, hierarchical RBAC with customisable roles, AuditLogs with sensitive-data redaction, and real-time i18n middleware (AWS Translate).
• Database reliability — Cut Postgres CPU load by 30% and improved p95/p99 latency ~20x by diagnosing a misordered composite index through production query-plan analysis.
• User comms & case management — Built case management across Teams, Jira, and Slack: auditable ticket-based cases, reminders, escalations, action triggers, and inline user context gathering.

Backend GenAI and large-scale automation across the enterprise.

• Built a GenAI based document processing platform (classification, extraction, translation) - designed to onboard 100+ businesses. Core innovation: a meta-prompting system that consumes historic input/output pairs for a document type and auto-generates a structured extraction skill - converting vague, vendor-written rules across 45K+ document types into precise, example-grounded prompts without manual template work. Built in early 2023, before prompt programming had a name.
• Built a Retrieval-Augmented Generation (RAG) automation for transaction stop-payment dispute processing using knowledge graph - improving accuracy and reducing resolution time.
• Built 5+ enterprise-grade AI/RPA solutions - reduced manual effort and saved $1M+ in operational cost. Recognised with Spotlight Award 2024.
• Led the Records Retention Bot processing 3M+ files across 100+ Shared Drives and SharePoint sites - automated retrieval, archiving, and deletion via SharePoint APIs and Documentum.

Applied research lab building self-programming machines - natural language → custom software via a flow-based DSL, drawing on the DreamCoder line of work on wake-sleep bootstrapped library learning.

• Flatland augmentations - Flatland is the team's toy DSL and benchmark for synthesising 2D line-drawing programs: a system that learns to draw straight lines and circles, then after each round of training on augmentations of its own programs, learns squares and rectangles, then richer compositions. Built the augmentation generator that produced the training corpora each round bootstrapped on.
• Platform connectors - first-class integrations for Notion, Google Sheets, Gmail - the surfaces end-users wired their natural-language programs to.
• HuggingFace integration - added the HuggingFace model registry to the platform so fine-tuned LMs could be swapped into the program-synthesis pipeline.

Built and deployed math OCR models for an EdTech platform.

• Developed MathOCR and GeometryOCR for converting printed/handwritten math images to LaTeX; built a 10M+ image dataset using NumPy, Matplotlib, and OpenCV with custom augmentation pipelines.
• Optimised models with TensorRT and deployed via Triton Server - sustained 5000 req/min on 1× NVIDIA T4.
• Wired Prometheus + Grafana for inference metrics and alerting.
• Used GCP and AWS for cloud storage, model training, deployment, and inference at scale.