Skip to content

Pharns Genece

AI Governance Architect | Patent Holder

I govern AI agents so yours don't go rogue.

I build the governance systems that make AI agents trusted to operate — from patent-pending autonomous execution architecture to detection engineering, compliance automation, and RF threat detection. Every project here demonstrates one principle: AI without governance isn't safe to ship.

Best fit for teams that need governed AI execution, not just policy decks.

USAF Veteran (service-disabled) · Security Clearance Eligible · Security+/CySA+/PenTest+/SSCP · B.S. Cybersecurity (Mar 2026)

Hire Me → Engage AAM Cyber →

Results at a glance

7 years production security Built enterprise IT security stack from scratch at USOG — CIS v8, NIST CSF, SOC 2

15,000+ vulnerabilities remediated Identified and resolved across production systems over 7-year infrastructure tenure

<48 hours PCI-DSS endpoint hardening with audit-ready evidence pack — financial services client

14 active certifications Security+, CySA+, CSAP, PenTest+, CNSP, CNVP, Network+, SSCP (Assoc.), ITIL4, LPI, Project+ → View all

B.S. Cybersecurity (WGU, Mar 2026) CIS v8 IG1-IG2 mapped to NIST CSF and SOC 2

Career USAF veteran Mission-critical operations, service-disabled, security clearance eligible

Why I'm different

  • I implement controls, not just map them. Framework requirements become working configurations, monitoring logic, and documented evidence — not recommendations in a report.
  • I connect governance to operations. My work spans control design, technical implementation, telemetry pipelines, and audit-ready outputs. The documentation reflects what actually runs.
  • I bring edge-domain depth most candidates don't have. RF/UAS security (USPTO patents, TraceLock™), governed automation systems, and real operator experience across USAF, a $5.6M startup build, and active consulting engagements.

Production experience

USOG — Enterprise Infrastructure (7 Years) Built the IT security stack for a $5.6M drone logistics company. Implemented CIS Controls v8 (IG1-IG2) mapped to NIST CSF and SOC 2. Deployed secure email, Nextcloud, remote access, and monitoring. Remediated 15,000+ vulnerabilities over multiple years. CIS v8 NIST Production

Healthcare MSP HIPAA + SOC 2 readiness assessment. Identified 12 control gaps, delivered prioritized remediation roadmap with 90-day implementation timeline. HIPAA SOC 2 Healthcare

Financial Services SMB PCI-DSS Windows 11 endpoint hardening. 47 controls mapped to CIS benchmarks, audit-ready evidence pack delivered in <48 hours. PCI-DSS CIS Endpoint

Law Firm Security Comprehensive security assessment and remediation. M365 hardening, dark web monitoring, endpoint protection deployment. Assessment M365 Remediation

USOG: Internal infrastructure I built and maintained as CEO/Sysadmin (company winding down post-exit). Client engagements via AAM Cyber.

Aerospace & Defense Recruiters — Unique AAM/UAS Credentials

I don't just study drone security — I've designed, built, and fielded operational UAV systems.

  • CEO of $5.6M drone logistics company (USOG) — 7 years operational experience
  • USPTO patents in UAV payload and delivery architectures
  • TraceLock™ — Patent-pending RF threat detection platform (Wi-Fi/BLE/SDR/GPS/ADS-B)
  • FAA Part 107 certified | HAM/GMRS licensed | career USAF veteran

Few practitioners combine drone operations, RF/SDR expertise, and cybersecurity credentials. View full AAM credentials →

Why hire me for GRC engineering

Most GRC professionals write policies and manage spreadsheets. I architect and deploy the technical systems that satisfy those controls — then document them with audit-ready evidence.

  Endpoint Compliance

Delivered PCI-DSS Windows 11 hardening (BitLocker, GPO, EDR) with a complete evidence pack in <48 hours.

  Compliance Automation

Deployed GIAP™, an intake platform (n8n, Nextcloud) with RBAC, retention policies, and 100+ framework coverage.

  Evidence Pipelines

Built audit-grade logging systems with structured schemas and export workflows for cloud and access control data.

  Detection & Response

Operate a Security Onion + TheHive/Cortex lab to author SIEM rules, tune alerts, and write IR playbooks.

  Cloud Governance

Designing an AWS Control Pack with S3 default-deny, GuardDuty pipelines, and scoped IAM mapped to CIS/NIST.

  AI-Assisted Workflows

Use LLM tools for accelerated policy drafting, control mapping, and documentation with rigorous human review.

Bottom line: I design the framework, build the architecture, and deliver audit-ready evidence.

GIAP™ — Governed Intake and Analysis Platform ⭐ Production GRC platform with live demo. CISO Assistant + n8n + Nextcloud + SuiteCRM. 100+ frameworks, HMAC-authenticated webhooks, end-to-end intake automation. GRC Automation Live Demo View Case Study · Try Live Demo

PCI-DSS Windows 11 Hardening Complete endpoint hardening with GPO, firewall rules, service lockdown, and evidence pack. Delivered for financial services client in <48 hours. Compliance Hardening Client Work View Case Study

AWS Cloud Control Pack S3 default-deny storage, GuardDuty findings export, scoped IAM with CIS/NIST mapping. Cloud Controls Architecture View Case Study

TraceLock™ — RF Threat Detection Patent-pending 6-domain wireless monitoring (Wi-Fi/BLE/SDR/GPS/ADS-B). Evidence-grade logging architecture and detection engineering. Detection RF/SDR Python View Project

Secure Intake Portal Nextcloud + n8n + SuiteCRM with RBAC, audit trails, and consent management. Multi-tier access controls. Infrastructure RBAC Deployed View Case Study

Agentic Infrastructure Audit — Foundational Architecture Governed two-machine AI agent environment with fixed-schema audits, drift detection, and security hardening for reproducible outputs across production sessions. Agentic AI Governance Detection View Case Study

PropTech RF Governance & Scope Control Governance-focused RF assessment of BLE and Wi-Fi activity in smart-building deployments. (PropTech = Property Technology: smart locks, IoT sensors, building automation.) Emphasizes scope discipline to prevent false positives and protect regulated work-from-home posture. GRC Privacy RF View Case Study

Detection engineering & offensive security

Current capability: Active detection/IR lab with Security Onion, TheHive/Cortex, custom SIEM rules, and authored detections. TraceLock™ RF/SDR telemetry demonstrates detection engineering fundamentals across 6 wireless domains.

Growth trajectory: CySA+, CSAP, and PenTest+ earned 2026. Full purple team positioning complete. Building penetration testing portfolio through lab work and vulnerability assessments.

Why this matters: GRC engineers who understand offensive techniques write better controls. Detection experience informs what to log and monitor.

View Detection Projects · View Pentest Work

AI-augmented security engineering

Security operations are documentation-heavy: control matrices, policy drafts, evidence collection, runbooks. I use governed automation to reduce that burden — faster delivery, same rigor.

Outcome How
Faster cross-framework control mapping LLM-assisted mapping with structured prompts and human validation
Consistent, auditable evidence Reproducible documentation output from structured schemas
Reduced manual SIEM authoring effort LLM-assisted detection content with analyst review gate
Repeatable compliance delivery at scale GIAP™ workflow automation — intake → framework → evidence

Production systems: GIAP™ (live GRC automation platform — try the demo), TraceLock™ (RF threat detection with AI-assisted tuning and false-positive reduction), governed two-machine AI agent environment with fixed-schema audit outputs and drift detection.

Skills: Prompt Engineering · Multi-Agent Orchestration · Structured Output Design · n8n Workflow Automation · MCP Protocol · AI-Assisted Detection Tuning

Credentials & frameworks

Education B.S. Cybersecurity & Information Assurance (WGU) — Mar 2026

14 Active Certifications Security+, CySA+, CSAP, PenTest+, CNSP, CNVP, Network+, A+, ITIL4, SSCP (Assoc.), LPI, Project+, CSIS, CIOS

Newly Earned 2026 CySA+, CSAP, PenTest+, CNSP, CNVP

Planned Q2/Q3 2026 AWS Cloud Practitioner, ISC² CCSP

Framework experience: NIST CSF (PR.AC, PR.DS, DE.CM, RS.AN) · CIS Controls v8 · PCI-DSS v4.0 · SOC 2 · ISO 27001 (foundational)

Licenses: FAA Part 107 · HAM/GMRS · Veteran: USAF, service-disabled

View Full GRC Skill Matrix

What clients say

"Pharns delivered a complete compliance package with documentation quality that rivals consultants with twice his experience. His ability to implement technical controls while maintaining audit-ready evidence is rare."

Compliance stakeholder, Healthcare MSP engagement, 2024 (via AAM Cyber, LLC)

Additional references available upon request.

Let's Talk

AAM cybersecurity specialization

I don't just secure drones — I've designed, built, and fielded UAV systems.

Advanced Air Mobility (AAM) security requires practitioners who understand the engineering, not just the vulnerabilities. I bring hands-on experience across the full lifecycle:

Capability Evidence
UAV Engineering Designed, built, and fielded operational UAV systems
USPTO Patents Granted patents in UAV payload and delivery architectures
RF Threat Detection TraceLock™ 6-domain correlation (Wi-Fi/BLE/SDR/GPS/ADS-B) — rogue APs, trackers, drone proximity
Aviation Credentials FAA Part 107 certified drone pilot
SDR/Wireless HackRF, RTL-SDR — spectrum analysis and signal intelligence
Consulting AAM Cyber, LLC — cyber-physical security services
Military Aviation USAF aeromedical operations background

View Innovation Projects

View All Projects Contact