Skip to content

PHARNS GENECE

Security Engineer | GRC, Cloud Security & Detection Engineering

📧 careers@pharns.com · 🌐 portfolio.pharns.com · 💼 linkedin.com/in/pharns · 📍 Remote (US/EU/International)

Professional Summary

Security Engineer with 7 years of production infrastructure security experience and a career of mission-critical operations (USAF). I design and implement cloud guardrails, detection pipelines, and audit-ready control frameworks—bridging governance requirements with real-world engineering execution.

Core Competencies: CIS Controls v8 · NIST CSF · PCI-DSS v4.0 · SOC 2 · HIPAA · ISO 27001 · AWS Security · SIEM/Detection Engineering · RF/SDR Security · Python Automation

Professional Experience

AAM Cyber, LLC — Security Engineer & Founder

2024 – Present · Remote

Security consulting practice delivering compliance automation and GRC engineering for SMBs across regulated industries.

  • Healthcare MSP: Conducted HIPAA + SOC 2 readiness assessment; identified 12 control gaps and delivered prioritized 90-day remediation roadmap
  • Financial Services: Delivered PCI-DSS Windows 11 endpoint hardening with 47 controls mapped to CIS benchmarks; audit-ready evidence pack in <48 hours
  • Law Firm: Comprehensive security assessment including M365 hardening, dark web monitoring deployment, and high-volume vulnerability remediation
  • Built GIAP™: Production GRC automation platform (CISO Assistant + n8n + Nextcloud) with HMAC-secured webhook integrations

USOG — CEO & Systems Administrator

2018 – 2025 · Drone Logistics & Operations

Led $5.6M revenue drone logistics company (18 employees) while serving as hands-on systems administrator. Built entire IT security infrastructure from scratch.

  • Implemented CIS Controls v8 (IG1-IG2) mapped to NIST CSF and SOC 2 trust criteria across all business systems
  • Remediated 15,000+ vulnerabilities identified through continuous scanning over multi-year infrastructure lifecycle
  • Deployed enterprise security stack: Self-hosted email, Nextcloud file storage, VPN remote access, backup systems, dark web monitoring, endpoint protection
  • Maintained audit-ready posture with documented evidence collection, access controls, and compliance configurations
  • Architected, deployed, hardened, and maintained all systems—no delegation; real-world GRC implementation at scale
  • Led end-to-end security architecture across endpoints, cloud services, and internal infrastructure with zero dedicated security staff

United States Air Force — Aeromedical Evacuation Technician

1990 – 2007 · Military Career

Flight nurse with mission-critical operations experience in high-pressure environments.

  • Executed life-safety medical operations with strict protocols, documentation, and compliance requirements
  • Maintained security clearance throughout service (eligible for reinstatement)
  • Developed disciplined execution and audit culture applicable to cybersecurity operations
  • Service-disabled veteran status

MiraCosta College — Adjunct Educator

UAS/Drone Technology

Taught drone technology courses demonstrating technical communication skills and aviation systems expertise.

Technical Skills

Category Technologies & Frameworks
GRC Frameworks NIST CSF · CIS Controls v8 · PCI-DSS v4.0 · SOC 2 · HIPAA · ISO 27001 · FedRAMP (foundational)
Cloud Security AWS (IAM, S3, GuardDuty, CloudTrail, Security Hub) · Policy-as-Code · Terraform
Detection & IR Security Onion · Wazuh · TheHive/Cortex · Sigma Rules · Suricata · Zeek · Alert Tuning
Automation Python · n8n · CISO Assistant · Evidence Pipelines · Shell Scripting
RF/Wireless RTL-SDR · HackRF · Kismet · Bluetooth/BLE · Wi-Fi · ADS-B · GPS
Infrastructure Proxmox · Nextcloud · Nginx · Docker · Linux Administration

Certifications

Active (12): Security+ · Network+ · A+ · Project+ · ISC² CC · SSCP (Assoc.) · ITIL 4 · LPI Linux Essentials · CSIS · CIOS · CySA+ · CSAP

Pending (Feb 2026): PenTest+

Planned (Q1 2026): AWS Cloud Practitioner · CCSP

Licenses: FAA Part 107 · HAM Radio · GMRS

Education

Bachelor of Science, Cybersecurity & Information Assurance Western Governors University · Expected February 2026

  • Capstone: TraceLock™ — Patent-pending RF threat detection system

Key Projects

TraceLock™ — RF Threat Detection Platform (Patent Pending) Multi-domain wireless monitoring (Wi-Fi, Bluetooth, SDR, GPS, ADS-B). 25 Python modules, ~12,500 LOC.

GIAP™ — Governance Intake Automation Platform End-to-end GRC automation with n8n orchestration. Production MVP with 4 operational workflows.

Detection & IR Lab Security Onion SIEM, TheHive/Cortex. 12 custom Sigma rules (~20% FP reduction), 8 IR playbooks.

AgenticOS (Open Source) Deterministic AI orchestration with audit-grade logging. 6,361 lines Python. github.com/Pharns/AgenticOS

Additional Information
Citizenship US Citizen
Clearance Eligible (USAF veteran, service-disabled)
Availability February 2026
Work Style Remote-first · Async collaboration · US/EU/LatAm time zones
International Open to global opportunities; visa sponsorship required for relocation
Patents USPTO grants in UAV payload and delivery systems
To save as PDF: Press Ctrl+P (Cmd+P on Mac) → Save as PDF [← Back to Resume](resume.md){ .md-button } [Contact Me](contact.md){ .md-button .md-button--primary }