I work at the intersection of technology, security governance and cybersecurity.
My background is in project and delivery work in complex, regulated IT/OT-adjacent environments. In recent years, I have focused on deepening my technical understanding through structured hands-on lab work, with a particular interest in how security, compliance, infrastructure and operational realities connect.
I am especially interested in how systems work, how controls can be made practical, and how governance can move from static documentation into structures that are traceable, reusable and useful over time.
-
Security governance
ISO 27000 principles, risk, accountability, control structures, traceability and evidence. -
GRC automation and evidence models
Exploring how compliance work can become more structured, repeatable and technically verifiable. -
Cybersecurity practice
Hardening, segmentation, configuration review, monitoring and analysis of real-world weaknesses. -
Self-hosted infrastructure and automation
Local control, containerization, lab environments, deployment patterns and operational visibility. -
Versioning and workflows
Git-based documentation, structured change control, reusable templates and CI/CD-oriented ways of working. -
Linux and networks
System understanding, troubleshooting, secure configuration and infrastructure fundamentals.
This GitHub profile contains lab projects, documentation structures and prototypes that I use to develop and test practical approaches to security, governance and infrastructure.
The purpose is not software engineering for its own sake. The purpose is to understand how technical systems, security controls, documentation, evidence and operational workflows can be connected in ways that make governance more practical and resilient.
Typical themes include:
- infrastructure labs
- security documentation
- control and evidence structures
- self-hosted systems
- automation experiments
- monitoring and configuration workflows
- governance-first security thinking