About
I'm a security researcher and engineer focused on finding and fixing vulnerabilities in AI systems before they can be exploited in the wild. My work sits at the intersection of adversarial machine learning, large language model security, and practical red teaming.
As a Founding Engineer at Mindgard, I've been building the company's AI security platform from day one — designing automated red teaming pipelines, developing guardrail evasion techniques, and creating adversarial attack tooling. This work has led to the discovery of over 70 vulnerabilities in production AI systems from organisations including Microsoft, NVIDIA, and Meta, resulting in multiple responsible disclosures and published research.
In parallel, I'm pursuing a PhD in Secure Machine Learning at Lancaster University, where I research adversarial vulnerabilities in training data and ML model pipelines within the Experimental Distributed Systems lab. My published research covers LLM guardrail bypass techniques, model extraction attacks against ChatGPT, and compiler-based defences against side-channel attacks — with over 60 citations across three peer-reviewed papers.
Before that, I completed an integrated master's in Computer Science at Lancaster with First Class Honours and an academic scholarship. Outside of AI security, I'm interested in RF engineering and open source hardware — my most recent side project, RFx, is an open source radio frequency discovery device with integrated AI processing.
Experience
Mindgard
Building the AI security platform from day one — automated red teaming, guardrail evasion research, and adversarial attack tooling used to discover 70+ vulnerabilities in production AI systems from Microsoft, NVIDIA, Meta, and others.
Lancaster University
Researching adversarial vulnerabilities in training data and ML model pipelines within the Experimental Distributed Systems lab.
Lancaster University
Four-year integrated master's with academic scholarship. Elected student representative.
Research
Bypassing Prompt Injection and Jailbreak Detection in LLM Guardrails
Demonstrates two approaches for bypassing LLM guardrail systems via character injection and adversarial ML evasion techniques. Tested against six prominent systems including Microsoft Azure Prompt Shield and Meta Prompt Guard, achieving up to 100% evasion success in some cases.
Read on arXivModel Leeching: An Extraction Attack Targeting LLMs
Introduces a novel extraction technique that distills task-specific knowledge from large language models into compact models. Achieved 73% exact match similarity with ChatGPT-3.5-Turbo at only $50 in API cost, with an 11% boost in adversarial attack transferability.
Read on arXivCompilation as a Defense: Enhancing DL Model Attack Robustness via Tensor Optimization
Proposes using model compilation and tensor optimization as a lightweight defense against side-channel attacks in adversarial ML — reducing attack effectiveness by up to 43% without costly model re-engineering.
Read on arXivResponsible Disclosures
Vulnerabilities discovered in production AI guardrail systems through security research at Mindgard.