Blog

Short notes on security operations, GRC, risk communication, AI-assisted work, interface design, and the occasional system that deserved a post-mortem before launch.

This is where I keep project notes, short reflections, and the odd complaint disguised as analysis. Most posts are about how systems behave, how people work around them, and why clean documentation is cheaper than confusion.

No image

26 May 2026•Pixel UI • Portfolio • Product Design

Why My Portfolio Looks Like a Handheld Console

A design note on pixel UI, compact dashboards, personal websites, and why I avoided the standard glass-card portfolio look.

No image

26 May 2026•Risk • Communication • Stakeholders

Risk Communication for People Who Do Not Read Risk Registers for Fun

Explaining security risk to non-technical stakeholders without turning every issue into smoke, sirens, and theatre.

No image

26 May 2026•GRC • Compliance • Risk

GRC Is Paperwork Until Something Breaks

A practical note on controls, evidence, risks, exceptions, and why boring records suddenly matter during a bad week.

No image

26 May 2026•Alert Noise • Detection • Security Monitoring

Reducing Alert Noise Without Pretending Risk Disappeared

Notes on tuning, prioritisation, and the danger of making dashboards quiet by hiding the uncomfortable parts.

No image

26 May 2026•SOC • Alert Triage • Security Operations

SOC Work Is Mostly Context Management

A short note on why alert handling depends less on staring at alarms and more on building enough context to make a useful decision.