James Hodgkinson

Key Proficiencies

Extensive programming experience across numerous platforms including Rust, Python, Powershell and other languages
Splunk platform design, implementation, maintenance and usage
Maintainer of many open-source Rust and Python projects including Kanidm, an open-source identity provider platform
Strong focus on process and systems improvement, reducing toil and enabling people to get things done
Configuration management experience with Hashicorp Terraform, Ansible, Puppet and System Centre Configuration Manager
Platform design, security architecture and deployment on AWS and Azure
Provision of high quality documentation for all systems
Security investigation and documentation
Proficient in the Kepner-Tregoe Problem and Incident analysis, decision making and management processes
Network and Security planning, documentation, deployment and maintenance
Significant experience with firewall and networking platforms - Cisco/Palo/Checkpoint/Others

July 2025 - Present

Identification and validation of Security use cases for Foundation AI\'s LLMs.
Ongoing development of platforms for research projects to assist with data ingestion and analysis.
Delivery and ongoing improvement of the PEAK Threat Hunting Metrics workshop, helping security leaders communicate their programs\' value.

April 2023 - July 2025

Long-form research projects investigating ideas with a goal to improve the state of the art for Security blue-team activities.
Public speaking, media and community engagements across multiple continents, with both public and private sector groups.
Authoring articles to communicate research findings and inform the community.
System design and implementation to assist with team research projects, such as:
Scraping and indexing significant portions of social networks for data analysis.
Analyzing the contents of every extension on the Chrome Extension store.
Building and instrumenting an AI chat platform to identify how to defend it.

March 2021 - April 2023

Using Splunk Enterprise Security and other related tools to detect, investigate and assist with response to alerts and incidents in Splunk\'s corporate and managed customer environments.
Built and assisted with improvement of tooling to speed investigation of alerts, including client-side scripting, dashboards and network services.
Rewrote the results-processing module in the Splunk Python SDK to reduce response time by 100x and network traffic by half.

June 2019 - March 2021

Splunk Administrator and evangelist, completed migration of on-premise platform to AWS+S3 SmartStore powered platform.
Automation of key tasks including software updates, user management, security response tasks and testing of integrations with third-party platforms.
Leveraging Terraform and Puppet to deploy platforms and maintain state across a diverse services platform, including an uplift of DNS hosting to AWS from a legacy on-premises design.
Python/Powershell/Java code review and development.
Undertook significant rework of documentation and process, with a focus on repeatability and enabling new staff to onboard faster.

October 2018 - June 2019

Splunk platform redesign and implementation, administration and staff training.
Development of response automation and platform introspection systems.
F5 system maintenance and infrastructure projects including SSL Inspection zone design, build and testing and migration of DNS services and monitoring to an F5-based system.
Lead analyst for security incidents.
Incident Response policy and playbook development.

October 2017 - January 2018

January 2015 - October 2017, January 2018 - October 2018

Escalation point for security team, infrastructure design and maintenance.
Wide exposure to vendor technologies in design, deployment and operations:
F5 LTM/APM/ASM
Palo Alto, Checkpoint Gaia/VSX, Cisco ASA Firewall, Email/Web Security Appliances
FireEye MVX suite and endpoint security
Sophos Anti Virus and Unified Threat Management
Splunk evangelist, training staff and integrating above technologies for SIEM and Operations.
Worked as part of the Commonwealth Games Network Security readiness and response team.
Significant security re-architecture.

August 2011 - January 2015

First point of contact for network related enquiries, changes and fault diagnosis.
Designed and deployed Splunk environment and tooling to improve operational visibility.
Involved in improvements to proactively monitor and maintain operation of large statewide emergency services networks.
Install, maintain and train staff in usage of the Riverbed Cascade product suite.
Extensive experience with Satellite communications deployment and troubleshooting.
Deployed RANCID configuration backup and management tool for Cisco devices.
Integrated into Security, Data Centre and Systems Management teams to provide support for general tasks.

February 2009 - February 2010, October 2010 - August 2011

Liaise with customers and stakeholders to investigate, troubleshoot and manage incidents.
Communicate with and document for customers\' usage of numerous business systems.
Identify, define and solve technical and operational problems.
Solve problems with network aware software and hardware.

February 2010 - October 2010

Develop and implement plans, strategies, policies and procedures for the provision of Information and Communication Technology services to meet customer needs.
Assist in providing effective ICT service delivery within a large environment, in particular the ITIL processes and functions related to Incident and Problem Management.
Develop and demonstrate a high level understanding of the enabling technologies, principles and practices that support business processes in an effective ICT Service Management environment.

General Practice Queensland - Technical Assistant (July 2007 - January 2008)
Telstra Broadband Help Desk - Help Desk Team Member (January 2007 - July 2007)
Stellar Call Centres - Service Coach / Collections Officer (August 2004 - August 2006)
Macgregor State High School - IT Support Technician (Jan 2002 - Mar 2004)
Property Council of Australia - Database Administrator (May 2001 - Oct 2001)
Queensland Fire and Rescue Authority - Database Consultant (Aug 2000 - Feb 2001)