Skip to content
View yeg003's full-sized avatar

Block or report yeg003

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
yeg003/README.md

IT and Cybersecurity Project Portfolio

I’m a Cybersecurity Engineer specializing in Vulnerability Management, GRC engineering, and Agentic AI automation.
I build AI-powered systems that accelerate security workflows — from vulnerability triage to incident reporting — while applying strong LLM safety controls to ensure secure, reliable outcomes.

My work focuses on combining Agentic AI + security engineering to solve real-world problems:

  • Vulnerability Management automation using Python, agentic workflows, and enriched risk scoring (ACR, KEV, exploitability, exposure).
  • Secure Agentic AI systems with defenses against prompt injection, data exfiltration, unsafe tool execution, and model abuse, aligned with the OWASP Top 10 for LLMs.
  • GRC engineering & compliance automation, supporting frameworks like NIST 800-53, NIST AI RMF, ISO 27001, SOC 2, HIPAA, PCI-DSS, and CMMC.
  • Security automation & orchestration using Python, Bash, cloud-native tools, and vulnerability scanners.

I also work hands-on with:

  • VM tools: Tenable, Defender for Endpoint
  • Cloud platforms: AWS, Azure, GCP

My goal is to bridge traditional cybersecurity with next-generation Agentic AI, enabling security teams to reduce noise, remediate faster, and scale defenses without adding headcount.

Always building. Always improving. Always learning.

Agentic AI Engineer Projects

Vulnerability Management

Cloud Security

Threat Hunting and Security Operations

GRC

Pinned Loading

  1. STIG-remediation-scripts STIG-remediation-scripts Public

    This repository contains PowerShell scripts and documentation used to remediate and verify compliance with DISA Security Technical Implementation Guides (STIGs) across Windows systems. Each script …

    PowerShell

  2. vulnerability-management-program vulnerability-management-program Public

    PowerShell 1

  3. threat-hunting-vm-exposure threat-hunting-vm-exposure Public

    This project simulates a real-world threat hunting scenario using Microsoft Defender for Endpoint and Kusto Query Language (KQL). The objective is to identify VMs unintentionally exposed to the int…

    1

  4. threat-hunting-data-exfiltration-from-pipd-employee threat-hunting-data-exfiltration-from-pipd-employee Public

    This project simulates an insider threat investigation involving a disgruntled employee suspected of data theft.

    1