VP, Security & Compliance | CISSP | CHFI | G2700
I run security and compliance programs for wellness SaaS companies. Currently focused on AI governance (ISO 42001, EU AI Act), multi-framework GRC (ISO 27001, HITRUST, SOC 2), and building security programs that actually work with small teams and limited budgets.
Background in digital forensics and incident response (Deloitte, Booz Allen, DoD). I've gone from pulling hard drives to presenting risk to ELT. Most of my career has been about translating security and compliance requirements into things engineering teams can actually implement.
These repos are tools I've built to solve real problems - security operations integrations, automation for incident response platforms, and infrastructure utilities. I'm not a software engineer. I'm a security practitioner who writes code when it's the fastest way to fix something.
- Streamlit-DockerPi - Docker environment for Python/Streamlit projects
- Auto_Importer - Automated import from SentinelOne into TheHive SIRP
- Auto_Close - Case closure automation for TheHive based on SentinelOne resolutions
- blog-resources - Supporting materials and references
- get-shit-done (fork) - Meta-prompting and spec-driven development system for Claude Code
- grepai (fork) - Semantic search and call graphs for AI agents, runs 100% local
- AI governance and risk management (ISO 42001, EU AI Act, NIST AI RMF)
- Health technology security and privacy (HIPAA, HITRUST)
- GRC program design for growth-stage companies
- Security automation and tooling
- Incident response program development