DOSSIER 001 · SUBJECT: J. MIDDLER

File released for public review · Rev. 2026.07

P. 01 OF 01
CTRL № 2026-07-JM
§1

Subject

Justin Middler

Cyber Security Professional · Indigenous Australian · Canberra, ACT · Australian Public Service since 2012

Practice
Software Engineering // Cyber Security
Career
Almost 15 years · APS since 2012
Prior
Microsoft · Software Engineer, Core Azure control plane (C# / .NET)
Frameworks
ACSC ISM · Essential 8 · IRAP · PSPF · NIST · OWASP Top 10
Certifications
Microsoft AZ-900 · CompTIA Security+ · Acunetix WVS
Stack
C# / .NET · PowerShell · TypeScript · Python · Java · Go · Swift · JavaScript · Docker · Kubernetes · SQL
Status
Operational. Open to selective engagements.
Declassified · Public Release
§2

Mission Record

Cloud Security Engineer

 · 2024 to 2026

Led cloud-security uplift across Microsoft Azure, including the adoption of Palo Alto Prisma Cloud and Cortex Cloud. Engineered detection rules, playbooks, threat-hunting queries, custom analytics, compliance monitoring, and vulnerability-management workflows. Built C# and PowerShell pipelines that processed hundreds of thousands of security records into Power BI reporting for executives, aligned to the ISM, Essential Eight, and Azure security guidance.

Prisma · CortexAzureC# · PowerShellPower BICloud posture

Cyber Security Engineer

 · 09/2022 to 2024

Provided senior technical direction across security engineering, incident response, cloud security, and automation. Led the migration from a legacy on-premises SIEM to Microsoft Sentinel and helped establish a cloud-native Security Operations capability. Implemented incident-response case management and SOAR, built threat-intelligence ingestion and executive reporting, and engineered detections across Sentinel, Defender XDR, and Defender for Endpoint.

SentinelDefender XDRSOARIncident responseDetection engineering

Software Engineer · Azure Control Plane

Microsoft · Earlier career

Contributed C# and .NET production engineering to Microsoft Azure control-plane services supporting infrastructure used by hundreds of millions of people. The work developed direct experience in hyperscale cloud engineering, secure software development, and resilient platform design.

C# / .NETAzureControl planeHyperscale

Cyber Security Architect

 · 01/2021 to 08/2022

Provided security advice for major proposed federal projects, including threat modelling, secure SDLC, secure code review, OWASP Top 10 controls, ISM, and PSPF. Delivered a secure container proof of concept and led architecture for AKS, OpenShift, and Tanzu. Guided teams on three-tier application architecture, software-defined networking, Azure, and Kubernetes.

SDLCThreat ModellingContainers · K8sSDNOWASP

Cyber Security Officer

 · 09/2019 to 01/2021

Advised internal stakeholders across cloud, hybrid, and on-premises workloads. Briefed the CISO and ITSA on findings, contributed to cyber-security policy and strategy, mentored APS staff, and coordinated with vendors, penetration testers, and IRAP assessors.

Security architectureIRAPRisk advicePolicy

Managing Director

DEUCEM Pty Ltd · 02/2019 to 12/2019

Led an Indigenous Australian startup specialising in software development, mobile applications, machine learning, and cyber security.

LeadershipSoftware deliveryMobileML / AI

Security Software Engineer

NJOY Security · 08/2018 to 01/2019

Delivered front-end and back-end development, security automation, Azure automation, and IRAP and PSPF consulting. Helped prepare successful PROTECTED IRAP assessments for Google and Salesforce.

Security automationAzureIRAP · PSPFFull stack

Chatbot Software Developer

 · 09/2017 to 08/2018

Led design and implementation of the department's first AI help-desk chatbot using C#, Web API 2, Microsoft Bot Framework, Azure, microservices, and event-driven architecture. The service reduced first-level call-centre demand while meeting or exceeding its first-contact service target.

C# · Web APIBot FrameworkAzureMicroservices

DevOps Engineer

 · 03/2017 to 08/2018

Implemented build and release templates in TFS and Azure DevOps, plus end-to-end deployment automation using custom PowerShell DSC. Provisioned Windows Server environments and used Dynatrace dashboards and alerting to identify issues before production impact.

Azure DevOps · TFSPowerShell DSCDynatraceCI/CD

Automation Testing Software Engineer

 · 09/2016 to 08/2018

Established a stable, centralised Selenium automation framework using Page Object Model practices. Provisioned test infrastructure and Microsoft Test Manager agents to deliver parallel automated testing through department-wide CI/CD pipelines.

Selenium · POMMTMParallel testingTest engineering

§3

Notable Impact

  • Led the technical uplift from a legacy on-premises SIEM to Microsoft Sentinel and helped establish a cloud-native Security Operations capability.

  • Implemented incident-response case management and SOAR, strengthening operational governance, automation, and response maturity.

  • Engineered detections and hunting capability across Sentinel, Defender XDR, Defender for Endpoint, Prisma Cloud, and Cortex Cloud, improving fidelity across cloud, identity, and endpoint.

  • Built C# and PowerShell automation to ingest, enrich, and analyse hundreds of thousands of cloud-security and compliance records for operational and executive reporting.

  • Provided technical leadership through ATO activities, Australian Government control mapping, and practical risk and compliance advice across Azure and AWS.

  • Delivered a secure container proof of concept and led architecture for production-capable AKS, OpenShift, and Tanzu platforms.

  • Helped prepare successful PROTECTED IRAP assessments for Google and Salesforce while working at NJOY Security.

  • Led the department's first AI help-desk chatbot and established reusable DevOps and automated-testing capability across the engineering practice.

Outcomes · Available on Request
§4

Field Artifacts

BlakCert

Agentic-first, API-first, MCP-native enterprise certificate lifecycle platform for discovery, issuance, rotation, and expiry governance.

TypeScriptUPD 2026.07

BlakFile

Secure, AI-native, multi-tenant enterprise file sharing and governance platform with tenant isolation and auditable access.

TypeScriptUPD 2026.07

DingoDocs

Open-source, self-hosted penetration testing engagement and reporting platform for scoping, findings, and client-ready reports.

TypeScriptUPD 2026.07

Tawny-SOC

AI-focused SOC/SIEM workspace that ingests Tawny alerts and telemetry, enriches with Sigma-style detections and threat intel, and drives triage, cases, hunting, and Kelpie handoff.

TypeScriptUPD 2026.07

Kelpie

Self-hosted incident response and case management for small SOC teams: cases, timelines, and collaborative triage.

TypeScriptUPD 2026.07

GRiCk

Self-hosted Governance, Risk, and Intelligent Controls Kit to accelerate ATO workflows: policy lifecycle, control mapping, vendor assurance, evidence collection, and risk decisions.

TypeScriptUPD 2026.07

Heeler

Lightweight, secure, auditable NTP server written in Rust.

RustUPD 2026.07

Kiln

Build already-installed Ubuntu VM appliances straight from Docker Compose applications.

GoUPD 2026.07

Bunya

Diagram-driven Azure infrastructure as code, with a rules engine that knows when the picture is wrong.

TypeScriptUPD 2026.06

depscan

Cloud-agnostic endpoint telemetry framework with a static Go agent, plugin inventory (software, packages, certs), JSONL output, and Sentinel forwarding via DCRs.

Go / PowerShellUPD 2026.06

AthenemyLMS

Self-hostable LMS for course authoring, branded workspaces, payments, certificates, APIs, and automation hooks.

TypeScriptUPD 2026.05

Tawny

Self-hosted lightweight EDR with a Zig agent, .NET backend, detection rules, and Sentinel/Wazuh forwarding.

C# / Zig / TSUPD 2026.05

OakAttest

Open-source IRAP assessment workspace for scoping, evidence, ISM applicability, findings, and SSP exports.

TypeScriptUPD 2026.05

awesome-Australian-compliance

Agent skills and markdown references for Essential Eight, ISM, IRAP, PSPF, privacy, NDB, and compliance work.

Markdown / ShellUPD 2026.05

IOC-Dispatch

API-first IOC submission router with provider routing, audit logs, and safe browser-automation fallbacks.

TypeScriptUPD 2026.05

Review Complete · J.M.
§5

Address & Disposition

EngagementSelective. Australian Federal context preferred. Cyber and platform work prioritised.

Form 7B · Inbound contact request. Routed through external custodian. No email address exposed.

Acknowledgement of CountryI acknowledge the Traditional Custodians of the lands on which this work is carried out, and pay respect to Elders past, present, and emerging. Sovereignty was never ceded.

// END OF DOSSIER //
Authenticated · J. Middler
FILE CTRL № 2026-07-JM
REV 2026.07 · STATIC EXPORT