┌─────────────────────────────────────────────────────────────────┐
  │   COMPLIANCE ENGINEERING · AI GOVERNANCE · BUILDING IN PUBLIC   │
  │   Making AI systems auditable, one control at a time.           │
  └─────────────────────────────────────────────────────────────────┘

I am a security professional transitioning into AI security and compliance engineering — working at the intersection of AI governance, cloud compliance, control framework mapping, and security automation.

Currently pursuing an AI Security Engineer role while simultaneously building an independent AI governance toolkit and compliance consulting firm called Securtopia LLC. I have two years embedded in a Fortune 50 Security Organization conducting SOC 2 control implementation review, and I am now applying that foundation to the emerging field of AI governance using the ISO 42001 framework.

This GitHub is where I build in public — documenting how cloud infrastructure maps to compliance frameworks, one control at a time.

Most compliance engineers can tell you what a control requires. Fewer can build the tool that checks it automatically. That gap is what this portfolio is closing.

focus:        AI Governance · Cloud Compliance · Security Automation · Control Framework Mapping
frameworks:   ISO 42001 · ISO 27017 · ISO 27018 · SOC 2 · NIST AI RMF · NIST 800-53 · CMMC · FedRAMP 
platforms:    AWS · Python · Terraform · GitHub Actions
active repo:  AI Governance Toolkit
status:       Three projects live — multi-framework checker, AI intake automation

→ AI Governance Toolkit
Three Python tools for automating AI governance assessments based on ISO 42001, 27017 and 27018. Includes an multi framework control checker and an AI tool intake automation system with risk scoring and JSON audit log.

Every credential maps to something I'm already applying in practice.

  ✅2025  CompTIA Security+              ← earned

  ◐ 2026  CISA ─────────────── June      ← in progress · exam scheduled
     2026  CCNA ─────────────── Aug      ← network infrastructure
     2026  CCNP ─────────────── Nov      ← network infrastructure enterprise

     2027  AWS SAA ──────────── Jan      ← cloud architecture
     2027  C3PAO ────────────── Mar      ← cmmc audit preparation
     2027  AWS Security ─────── Apr      ← cloud security depth

     2028  CCSP ─────────────── Jan      ← cloud security governance

I came into compliance engineering through enterprise security sales — two years of technical conversations with CISOs and security architects at a Fortune 50 company, diagnosing infrastructure gaps across identity, access, and network security.

I then completed a compliance engineering stretch assignment inside the Security and Trust Organization conducting SOC 2 gap assessments for Duo Security and Cisco Cloud Security Controls. That experience plus independent study of ISO 42001 AI governance frameworks led directly to building the AI Governance Toolkit you see pinned below.

Most compliance engineers have never spoken to a CISO. I have had hundreds of those conversations. That background is why I understand why controls exist — not just how to implement them.

Currently enrolled in Computer Science at Georgia State University (starting Fall 2026) and building Securtopia LLC as an independent AI governance and compliance consulting firm.

I document the journey across two series:

📺 The Lab — hands-on cloud compliance, NIST control mapping, AWS security, and GitHub walkthroughs.

📺 The Bridge — career transition, certifications, day-in-the-life, and the mindset behind building a compliance engineering career.

💰 Slow Money — financial strategy and wealth building for the long game.

Everything in this portfolio is built from public frameworks — NIST, CIS, AWS documentation, and vendor compliance reports. I don't publish internal tooling, proprietary processes, or anything that isn't mine to share.