Skip to content
View CodisTech's full-sized avatar
0 followers · 1 following

Block or report CodisTech

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
CodisTech/README.md

John Codis

Cybersecurity Engineer | CISSP | CCSP | Building security infrastructure and compliance automation

15+ years designing, implementing, and securing enterprise systems — from aircraft carrier combat systems to production cloud infrastructure. Currently building CyberReadyLabs, a cybersecurity consulting firm delivering fractional CISO services and security assessments for small and mid-sized businesses.

What I Build

Security Monitoring and Detection

  • Deployed enterprise Wazuh SIEM across a segmented network — triaged 2,337 vulnerabilities including 8 critical findings
  • Implemented centralized logging, file integrity monitoring, and active response with NIST 800-53 control mapping
  • Repo: homelab-configs/wazuh

Policy-as-Code and Compliance Automation

  • Built compliance policies as code using OPA (Rego), Chef InSpec, and HashiCorp Sentinel
  • Automated CIS benchmark validation, container security enforcement, and continuous compliance reporting
  • Repo: policy-as-code

Hardened Infrastructure

  • Production infrastructure with defense-in-depth: Traefik reverse proxy, CrowdSec threat detection, Authentik SSO, network segmentation across isolated VLANs
  • GitOps workflow with automated dependency updates (Renovate), container monitoring (Diun), and version-controlled configurations
  • Repo: homelab-configs

Workflow Automation

  • n8n automation platform for security operations, content publishing, and business process orchestration
  • Integrated with Telegram for approval workflows and real-time alerting

Technical Stack

Security: Wazuh SIEM | CrowdSec | Authentik SSO/MFA | pfSense/OPNsense | Pi-hole DNS Filtering

Infrastructure: Proxmox VE | Docker | Traefik | Cloudflare | Unraid

Compliance: NIST 800-53 | NIST CSF | RMF | ISO 27001 | SOC 2 | PCI-DSS

Automation: n8n | Renovate | Diun | GitOps workflows

Policy-as-Code: Open Policy Agent (Rego) | Chef InSpec | HashiCorp Sentinel

Certifications

  • CISSP — Certified Information Systems Security Professional (ISC2)
  • CCSP — Certified Cloud Security Professional (ISC2)
  • CC — Certified in Cybersecurity (ISC2)
  • Lean Six Sigma Green Belt

Education

  • M.Eng., Cybersecurity Policy and Compliance — George Washington University (4.0 GPA, 2026)
  • U.S. Navy — 15+ years, Senior Electronics Technician, Department Information Systems Security Officer (DISSO) aboard USS Nimitz (CVN-68)

Currently Working On

  • Launching CyberReadyLabs — fractional CISO services and the CyberReady Snapshot security assessment
  • Policy-as-Code framework for automated compliance validation
  • MITRE ATT&CK detection coverage mapping for Wazuh
  • M.Eng. capstone research in cybersecurity policy

Connect

Pinned Loading

  1. homelab-configs homelab-configs Public

    Production security infrastructure with Wazuh SIEM, defense-in-depth architecture, and NIST 800-53 mapping across 20+ self-hosted services

    JavaScript 1