Security Architect & GRC Engineer
I build the controls I document — cloud guardrails, endpoint hardening, evidence pipelines, and detection workflows that stand up in real operations and audits.
📧 career@pharns.com · 🌐 portfolio.pharns.com · 💼 LinkedIn
USAF Veteran (Service-Disabled) · USPTO Patent Holder · 14 Active Certifications
- I implement controls, not just map them. Framework requirements become working configurations, monitoring logic, and documented evidence — not recommendations in a report.
- I connect governance to operations. Design through implementation through audit-ready outputs — the documentation reflects what actually runs.
- Unusual edge-domain depth. RF/UAS security (USPTO patents, TraceLock™), governed automation systems, and real operator experience across USAF, a $5.6M startup build, and active consulting.
Production GRC automation platform — end-to-end intake workflow with n8n orchestration and CISO Assistant.
- Stack: Client portal + n8n + Nextcloud + SuiteCRM + DocuSeal + CISO Assistant (100+ frameworks)
- Impact: ~70% reduction in audit prep time; HMAC-authenticated webhooks; live demo running
- Status: Production MVP — 9 workflows operational
- View Project → · Try Live Demo →
Patent-pending RF surveillance detection across 6 wireless domains simultaneously with forensic-grade logging.
- Codebase: 25 Python modules · 81 shell scripts · ~12,500 LOC
- Domains: Wi-Fi · BLE · SDR · GPS · ADS-B · ISM
- Status: WGU BSCSIA Capstone · Patent Pending
- View Project →
S3 default-deny · GuardDuty findings export · Scoped IAM mapped to CIS/NIST
- Status: Architecture complete, implementation in progress
- View Project →
Security Onion SIEM with TheHive/Cortex case management, custom detection rules, and IR playbooks.
- Detection Content: Sigma-style rules · Alert tuning · False positive reduction
- View Project →
Deterministic AI agent orchestration with explainable routing and audit-grade logging.
- Codebase: 6,361 lines Python · 72 health checks · 4 provider integrations
- View Project →
| Metric | Value |
|---|---|
| Production infrastructure security | 7 years (USOG, 2017–2024) |
| Vulnerabilities remediated | 15,000+ |
| PCI-DSS endpoint hardening | <48 hours with full evidence pack |
| Framework implementation | CIS v8 → NIST CSF → SOC 2 across regulated environments |
| Client compliance delivered | HIPAA · PCI-DSS · SOC 2 (healthcare, financial services, legal) |
| Active certifications | 14 |
Few practitioners combine these:
- USPTO-granted patents in UAV payload and delivery architectures
- TraceLock™ — patent-pending 6-domain RF detection platform
- FAA Part 107 certified · HAM/GMRS licensed
- SDR/wireless expertise — RTL-SDR, HackRF, Kismet, spectrum analysis
- USAF career veteran — mission-critical operations background
- CEO of $5.6M drone logistics company — 7 years hands-on UAV engineering
| Domain | Skills |
|---|---|
| GRC & Frameworks | CIS Controls v8 · NIST CSF · PCI-DSS v4.0 · SOC 2 · ISO 27001 · HIPAA |
| Cloud Security | AWS IAM · S3 · GuardDuty · CloudTrail · Policy-as-Code |
| Detection Engineering | Security Onion · TheHive/Cortex · Sigma · SIEM tuning · RF threat detection |
| Automation | Python · n8n · CISO Assistant · Evidence pipelines · Webhook security |
| RF/Wireless | RTL-SDR · HackRF · Kismet · BLE · ADS-B · SDR signal analysis |
Security+ · CySA+ · CSAP · PenTest+ · CNSP · CNVP · Network+ · A+ · ITIL 4 · ISC² SSCP (Assoc.) · LPI · Project+ · CSIS · CIOS
AWS Cloud Practitioner · ISC² CCSP
B.S. Cybersecurity & Information Assurance — Western Governors University, March 2026 Capstone: TraceLock™
| Category | Details |
|---|---|
| Target Roles | Security Architect · GRC Engineer · Cloud Security Engineer · Detection Engineer |
| Availability | Available now |
| Work Style | Remote-first · Async-ready · Distributed team experience |
| Location | US-based · Remote US/EU/International welcome |
| Engagement | W-2 · Contract · Consulting — 1099 available for international |
Best fit for teams that need implementation, not just policy decks.
| Channel | Link |
|---|---|
| career@pharns.com | |
| Portfolio | portfolio.pharns.com |
| linkedin.com/in/pharns | |
| Certifications | Credly |
Security architect/operator who turns governance into implemented controls, telemetry, and evidence. US Citizen · USAF veteran · Open to remote roles worldwide.