DOSSIER 001 · SUBJECT: J. MIDDLER
File released for public review · Rev. 2026.07
Subject
Justin Middler
Cyber Security Professional · Indigenous Australian · Canberra, ACT · Australian Public Service since 2012
- Practice
- Software Engineering // Cyber Security
- Career
- Almost 15 years · APS since 2012
- Prior
- Microsoft · Software Engineer, Core Azure control plane (C# / .NET)
- Frameworks
- ACSC ISM · Essential 8 · IRAP · PSPF · NIST · OWASP Top 10
- Certifications
- Microsoft AZ-900 · CompTIA Security+ · Acunetix WVS
- Stack
- C# / .NET · PowerShell · TypeScript · Python · Java · Go · Swift · JavaScript · Docker · Kubernetes · SQL
- Status
- Operational. Open to selective engagements.
Mission Record
Cloud Security Engineer
· 2024 to 2026
Led cloud-security uplift across Microsoft Azure, including the adoption of Palo Alto Prisma Cloud and Cortex Cloud. Engineered detection rules, playbooks, threat-hunting queries, custom analytics, compliance monitoring, and vulnerability-management workflows. Built C# and PowerShell pipelines that processed hundreds of thousands of security records into Power BI reporting for executives, aligned to the ISM, Essential Eight, and Azure security guidance.
Cyber Security Engineer
· 09/2022 to 2024
Provided senior technical direction across security engineering, incident response, cloud security, and automation. Led the migration from a legacy on-premises SIEM to Microsoft Sentinel and helped establish a cloud-native Security Operations capability. Implemented incident-response case management and SOAR, built threat-intelligence ingestion and executive reporting, and engineered detections across Sentinel, Defender XDR, and Defender for Endpoint.
Software Engineer · Azure Control Plane
Microsoft · Earlier career
Contributed C# and .NET production engineering to Microsoft Azure control-plane services supporting infrastructure used by hundreds of millions of people. The work developed direct experience in hyperscale cloud engineering, secure software development, and resilient platform design.
Cyber Security Architect
· 01/2021 to 08/2022
Provided security advice for major proposed federal projects, including threat modelling, secure SDLC, secure code review, OWASP Top 10 controls, ISM, and PSPF. Delivered a secure container proof of concept and led architecture for AKS, OpenShift, and Tanzu. Guided teams on three-tier application architecture, software-defined networking, Azure, and Kubernetes.
Cyber Security Officer
· 09/2019 to 01/2021
Advised internal stakeholders across cloud, hybrid, and on-premises workloads. Briefed the CISO and ITSA on findings, contributed to cyber-security policy and strategy, mentored APS staff, and coordinated with vendors, penetration testers, and IRAP assessors.
Managing Director
DEUCEM Pty Ltd · 02/2019 to 12/2019
Led an Indigenous Australian startup specialising in software development, mobile applications, machine learning, and cyber security.
Security Software Engineer
NJOY Security · 08/2018 to 01/2019
Delivered front-end and back-end development, security automation, Azure automation, and IRAP and PSPF consulting. Helped prepare successful PROTECTED IRAP assessments for Google and Salesforce.
Chatbot Software Developer
· 09/2017 to 08/2018
Led design and implementation of the department's first AI help-desk chatbot using C#, Web API 2, Microsoft Bot Framework, Azure, microservices, and event-driven architecture. The service reduced first-level call-centre demand while meeting or exceeding its first-contact service target.
DevOps Engineer
· 03/2017 to 08/2018
Implemented build and release templates in TFS and Azure DevOps, plus end-to-end deployment automation using custom PowerShell DSC. Provisioned Windows Server environments and used Dynatrace dashboards and alerting to identify issues before production impact.
Automation Testing Software Engineer
· 09/2016 to 08/2018
Established a stable, centralised Selenium automation framework using Page Object Model practices. Provisioned test infrastructure and Microsoft Test Manager agents to deliver parallel automated testing through department-wide CI/CD pipelines.
Notable Impact
Led the technical uplift from a legacy on-premises SIEM to Microsoft Sentinel and helped establish a cloud-native Security Operations capability.
Implemented incident-response case management and SOAR, strengthening operational governance, automation, and response maturity.
Engineered detections and hunting capability across Sentinel, Defender XDR, Defender for Endpoint, Prisma Cloud, and Cortex Cloud, improving fidelity across cloud, identity, and endpoint.
Built C# and PowerShell automation to ingest, enrich, and analyse hundreds of thousands of cloud-security and compliance records for operational and executive reporting.
Provided technical leadership through ATO activities, Australian Government control mapping, and practical risk and compliance advice across Azure and AWS.
Delivered a secure container proof of concept and led architecture for production-capable AKS, OpenShift, and Tanzu platforms.
Helped prepare successful PROTECTED IRAP assessments for Google and Salesforce while working at NJOY Security.
Led the department's first AI help-desk chatbot and established reusable DevOps and automated-testing capability across the engineering practice.
Field Artifacts
BlakCert
Agentic-first, API-first, MCP-native enterprise certificate lifecycle platform for discovery, issuance, rotation, and expiry governance.
BlakFile
Secure, AI-native, multi-tenant enterprise file sharing and governance platform with tenant isolation and auditable access.
DingoDocs
Open-source, self-hosted penetration testing engagement and reporting platform for scoping, findings, and client-ready reports.
Tawny-SOC
AI-focused SOC/SIEM workspace that ingests Tawny alerts and telemetry, enriches with Sigma-style detections and threat intel, and drives triage, cases, hunting, and Kelpie handoff.
Kelpie
Self-hosted incident response and case management for small SOC teams: cases, timelines, and collaborative triage.
GRiCk
Self-hosted Governance, Risk, and Intelligent Controls Kit to accelerate ATO workflows: policy lifecycle, control mapping, vendor assurance, evidence collection, and risk decisions.
Heeler
Lightweight, secure, auditable NTP server written in Rust.
Kiln
Build already-installed Ubuntu VM appliances straight from Docker Compose applications.
Bunya
Diagram-driven Azure infrastructure as code, with a rules engine that knows when the picture is wrong.
depscan
Cloud-agnostic endpoint telemetry framework with a static Go agent, plugin inventory (software, packages, certs), JSONL output, and Sentinel forwarding via DCRs.
AthenemyLMS
Self-hostable LMS for course authoring, branded workspaces, payments, certificates, APIs, and automation hooks.
Tawny
Self-hosted lightweight EDR with a Zig agent, .NET backend, detection rules, and Sentinel/Wazuh forwarding.
OakAttest
Open-source IRAP assessment workspace for scoping, evidence, ISM applicability, findings, and SSP exports.
awesome-Australian-compliance
Agent skills and markdown references for Essential Eight, ISM, IRAP, PSPF, privacy, NDB, and compliance work.
IOC-Dispatch
API-first IOC submission router with provider routing, audit logs, and safe browser-automation fallbacks.
Address & Disposition
Acknowledgement of CountryI acknowledge the Traditional Custodians of the lands on which this work is carried out, and pay respect to Elders past, present, and emerging. Sovereignty was never ceded.