Skip to content
View CodisTech's full-sized avatar

Block or report CodisTech

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
CodisTech/README.md

John N. Codis Jr.

Fractional CISO · GRC Engineering · Applied AI for Security CISSP · CCSP · Navy veteran · Based in Ann Arbor, MI

Founder of CyberReadyLabs, a fractional CISO practice helping small and mid-sized businesses get assessment, compliance, and policy automation done without a full-time security team. 15+ years across cybersecurity governance, federal compliance, and security operations — bridging policy and engineering with hands-on infrastructure, detection, and applied AI.


Focus Areas

Applied AI & LLM Engineering

Production LLM applications for security operations and document workflows — Anthropic Claude API integration, prompt engineering, multi-stage pipelines with grounded verification, and vision/multimodal extraction. → francis — self-verifying AI security digest

Security Operations & Automation

SIEM-centered detection and security automation — Wazuh tuning, custom Python reconciliation tooling, vulnerability and patch workflows, alert pipelines. → cve-patch-watch — stale-vs-real CVE reconciler

Policy-as-Code & Compliance Automation

Compliance and security policy expressed as versioned, tested code — OPA/Rego policy domains and InSpec/Cinc hardening profiles, mapped to NIST CSF 2.0 and CIS Controls v8, with scan results scored and piped into a Wazuh SIEM for continuous compliance monitoring. Public demo below; a proprietary version powers CyberReadyLabs client engagements. → policy-as-code-demo — OPA/Rego + InSpec, framework-mapped, CI-tested

Security Architecture & Infrastructure

Self-built multi-node Proxmox lab with segmented VLANs, OPNsense, Wazuh SIEM, Authentik zero-trust access, Traefik + Cloudflare Tunnels, k3s, CrowdSec — the platform underneath the AI and detection work. → security-architecture — zero-trust design, firewall model, DR/resilience, decision records → homelab — architecture overview


Frameworks & Standards

NIST CSF 2.0 · NIST 800-53 / RMF · CIS Controls v8 · CMMC 2.0 · CSA CCM · ISO 27001 · SOC 2 · HIPAA · FedRAMP


Education

  • M.Eng., Cybersecurity Policy & Compliance — George Washington University (in progress, Dec 2026)
  • A.S., Electronics & IT — U.S. Navy Center for Surface Combat Systems Dahlgren
  • M.Div. + B.A. — Hellenic College / Holy Cross School of Theology

Connect

Pinned Loading

  1. francis francis Public

    Self-verifying daily security digest — n8n + Anthropic Claude: two-stage grounded synthesis + verification over Wazuh SIEM data.

    Python

  2. cve-patch-watch cve-patch-watch Public

    Reconciles SIEM CVE findings against the distro CVE database — pages only when a patch actually becomes available.

    Python

  3. homelab homelab Public

    Production-grade zero-trust homelab — architecture overview (k3s, OPNsense HA, ZFS, Wazuh SIEM, GitOps, Vault).

  4. policy-as-code-demo policy-as-code-demo Public

    Compliance & security policy as versioned, testable code — OPA/Rego + InSpec/Cinc, automated scanning shipped to SIEM, mapped to NIST CSF 2.0 & CIS Controls v8.

    Open Policy Agent

  5. security-architecture security-architecture Public

    Zero-trust, defense-in-depth homelab network architecture — VLAN segmentation, OPNsense CARP HA, DR/break-glass runbooks, and ADRs, mapped to NIST CSF 2.0 & CIS Controls v8.

    Mermaid