Alex Overend

Overend.dev

Senior Full-Stack Engineer | Systems Architect | Security Practitioner. 10+ Years Experience Designing Secure, Automated, & Scalable Ecosystems.

Contact Me

About Me

I am a product-focused Senior Engineer with a decade of experience bridging the gap between complex system architecture and measurable business utility. My background is rooted in 'engineering autonomy' building systems that are secure by design, self-healing, and operationally efficient.

I specialize in full-cycle development: taking ownership from the architectural blueprint and threat modeling phase through to production deployment and CI/CD automation. Whether I am mitigating a live security incident, designing a multi-tenant SaaS architecture, or building educational tooling, my goal is always the same: clean code, secure systems, and repeatable processes.

A Decade of Delivering Results

Featured Incident Response: Enterprise Ransomware Mitigation

Interim Head of IT Security (Contract)

The Incident: A major construction client suffered a targeted ransomware attack across their internal infrastructure, threatening critical operational data and project timelines.

The Engineering Response:

  • Containment & Forensics: Isolated affected subnets to prevent lateral movement and conducted rapid forensic analysis to identify the RDP misconfiguration entry point.
  • Restoration & Hardening: Orchestrated a clean-slate restoration from cold backups, rebuilt the network with 'Zero Trust' segmentation, and deployed endpoint monitoring.
  • Outcome: Restored 100% of operational capacity within 48 hours with zero data loss, implementing a new automated backup protocol that remains in use today.

How I Deliver Value

Architectural Design & Threat Modeling

I don't just write code; I design systems. Before a single line is written, I map out data flows, potential bottlenecks, and security vulnerabilities. I believe that spending time on the blueprint saves weeks of refactoring later.

Agile Implementation & Automation

I build with an 'Automation First' mindset. From test suites to deployment pipelines, I automate repetitive tasks to reduce human error. I work in iterative sprints, ensuring visible progress and rapid feedback loops.

Knowledge Transfer & Documentation

Software doesn't live in a vacuum. I build internal tooling (like CLI utilities and documentation hubs) to ensure the team understands the system. I believe a Senior Engineer's job is not just to build, but to elevate the technical capacity of the entire team.

Project Case Studies

Tyre-Kicker: Client-Side Security Analysis

JavaScript React Chrome Extension API DOM Security

The Challenge: Modern client-side applications often leak secrets or expose misconfigurations that standard server-side scanners miss. I needed a lightweight, non-intrusive way to audit frontend risks during manual testing without relying on heavy proxy setups.

The Solution: I engineered a browser extension that acts as a resident security analyst.

  • Shadow DOM Injection: Built a React-based UI that injects into the host page via Shadow DOM, ensuring complete isolation from the target site's CSS and scripts.
  • Runtime Analysis: The tool hooks into the browser's JavaScript runtime to inspect global variables and local storage for exposed API keys, PII, and debugging artifacts.
  • Outcome: Bridges the gap between automated scanning and manual penetration testing, allowing for real-time security visibility during standard browsing.

MockWizard: Event-Driven Automation Pipeline

Ruby on Rails Python Flask PostgreSQL Cloudflare API

Scaling a complex e-commerce operation required processing thousands of unique media assets daily. I architected a distributed automation system using a Ruby on Rails core as the state manager, dispatching jobs to ephemeral Python microservices via Redis queues. I integrated Generative AI APIs to programmatically generate and validate assets, reducing a 40-hour manual workflow to a 15-minute automated background process.

WispGPT: Developer Experience (DX) Tooling

Python AI CLI Cloudflare Workers

To reduce context switching during code reviews, I engineered an open-source CLI tool that integrates LLMs directly into the developer workflow. Built as a modular Python application packaged via Pip, it parses git diff outputs and generates architectural summaries in plain English. I also deployed a documentation hub using Cloudflare Workers to support the user community.

Google RNG Override

JavaScript React Chrome Extension API

A technical research project demonstrating advanced DOM manipulation and browser security concepts. I developed a React-based Chrome Extension that injects a Shadow DOM UI into the search results page. The extension hooks into the JavaScript runtime to intercept and control the RNG (Random Number Generation) output for testing purposes, demonstrating how client-side logic can be safely modified without polluting the global scope.

SafeProperty: Multi-Tenant SaaS Platform

Ruby on Rails JavaScript PostgreSQL

I led the full-stack development of a secure, multi-tenant property management system for a construction enterprise. Built on Ruby on Rails with a normalized PostgreSQL schema, the system features strict Role-Based Access Control (RBAC) to ensure data segregation between public users, clients, and administrators. The architecture was optimized for performance in high-latency network environments.