Assessment
- Intake forms
- Gap assessment
- Control scoring
- Current-state analysis
- Report generation
Portfolio Security · GRC · Engineering
ISO 27001 Lead Auditor Cybersecurity/GRC Practitioner Consultant Builder of FANG
I work at the intersection of information security, governance, risk, compliance, and software engineering. I build practical systems that help organizations assess, structure, and improve their security and ISO 27001 readiness.
01 About
I am an ISO 27001 Lead Auditor and cybersecurity/GRC practitioner with a software engineering background, focused on ISMS implementation, audit readiness, and security automation.
My work combines technical engineering with governance and compliance thinking. I am currently building FANG, an ISO 27001 ISMS accelerating engine designed to support assessment, implementation, and auditing workflows.
Security decisions grounded in verifiable controls and documentation.
Systems designed for real workflows, not compliance theatre.
Clear analysis, traceable reasoning, and usable outputs.
02 Flagship project
ISO 27001 ISMS Accelerating Engine
FANG is a proof-of-work platform exploring how structured control logic, evidence processing, and language models can support ISO 27001 work across three connected stages.
Evolving prototype / MVP03 Capabilities
Governance, technical foundations, and engineering skills brought together around practical security outcomes.
04 Credentials
Exemplar Global · 2026 — information security management systems, audit principles, evidence evaluation, and conformity assessment.
Abed Hamdan (Unix Guy) · 2026 — practical work across ISO 27001, policy writing, risk assessment, and security auditing.
Cisco Networking Academy Ethical Hacker · 2025, and TryHackMe Jr. Penetration Tester · 2025.
Virtual University · 2024–2028 · In progress — software design, systems thinking, programming, and engineering practice.
05 Proof of work
A grounded view of what I am building and where I am developing hands-on experience.
An ISO 27001 ISMS accelerating engine connecting assessment, implementation support, evidence review, and structured reporting workflows.
Explore FANGA developing cybersecurity and GRC-focused personal brand for sharing practical guidance and building consulting capability.
Visit TCWExperience with basic security assessment, configuration review, hardening, audit observations, and actionable security reporting.
LinkedIn and educational content around ISO 27001, GRC, cybersecurity, IT risk, and responsible automation.
View LinkedIn06 Resume
For a concise overview of my education, certifications, skills, and experience, view the three-page PDF in your browser or download a copy when you choose.
07 Contact
Open to cybersecurity, GRC, ISO 27001, IT audit, and security automation opportunities.