Skip to content
View jkienen's full-sized avatar
7 followers · 6 following

Block or report jkienen

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
jkienen/README.md

Yin Yang
Is the state of darkness — the moment of collapse and dissolution. It is when cycles, or states break down and return to their raw, unformed potential.

Atlas . Aurora . Fauno . Hero . Texugo . Vilgax		 Is the purification of that previous state — the force that takes what dissolved and reshapes it into something new, clearer, and more refined than before.

Atlas . Aurora . Fauno . Hero . Texugo . Vilgax

About

Security Engineer & Automation Specialist with 5+ years of experience building and operating enterprise cybersecurity environments. Specialist in CrowdStrike (CCFA), EDR, IDP, SIEM, SOAR, PAM, and Vulnerability Management.

I design architectures and automation pipelines that eliminate manual work and accelerate incident response. My background in Data Science and software development enables me to turn security signals into intelligent workflows and fast, data-driven decisions for Blue Team, Red Team, and SOC operations.

 

CrowdStrike Falcon (EDR) · Security Automation · SIEM/SOAR · Vulnerability Management · Incident Response
Featured projects What it delivers
Crowdstrike Batch Execution Runs a custom command across every server in seconds via one CrowdStrike RTR batch session, exported as a periodic CSV report.
Crowdstrike Detection Cmdline History SOAR workflow that auto-emails a compromised host's command-line history on every High/Critical or OverWatch detection, with full process lineage.
Crowdstrike Prevention Health Sensor Fleet-wide sensor health audit built on Zero Trust Assessment, surfacing RFM and degraded protections in a per-OS OK/ATTENTION report.
Crowdstrike USB Device Control Usage Audits the Device Control USB allowlist against real usage, flagging each exception as active or dormant so stale ones can be safely revoked.
Crowdstrike Wazuh Integration Ingests CrowdStrike Falcon alerts into Wazuh every 5 minutes, classified by product (IDP, EDR, XDR) and severity. No SIEM connector required.
Data Lake Layers Template Organizes a Data Lake's processing layers (Raw → Silver → Gold) and the indicators and automations generated from them.
Full Stack Task Manager Full-stack task manager (FastAPI + SQLite + Next.js), fully containerized with Docker Compose and covered by automated API tests.

Pinned Loading

  1. jkienen jkienen Public

    Security Engineer — Endpoint Protection & Automation | Data Science for Security | CompTIA Security+ · CrowdStrike CCFA · Cyber & Governance MBA

  2. Challenge-TaskManager Challenge-TaskManager Public

    Containerized full-stack task manager. FastAPI + SQLite API, Next.js frontend, automated tests, up with a single Docker Compose command.

    TypeScript

  3. CS-Detection-Cmdline-History CS-Detection-Cmdline-History Public

    Auto-email a compromised host's command-line history on every High/Critical or OverWatch detection. Full process lineage delivered to analysts, no manual LogScale query needed.

  4. CS-Device-Control-Usage CS-Device-Control-Usage Public

    Audit your CrowdStrike USB allowlist against real usage. Flags every Device Control exception as active or dormant, so stale entries can be safely revoked.

    Python

  5. CS-Prevention-Health-Sensor CS-Prevention-Health-Sensor Public

    Find CrowdStrike endpoints that look protected but aren't. Fleet-wide OK/ATTENTION report on sensor health, RFM, and degraded protections.

    Python

  6. CS-Wazuh-Integration CS-Wazuh-Integration Public

    Ingest CrowdStrike Falcon alerts into Wazuh every 5 minutes. IDP, EDR, and XDR detections, classified by product and severity. No SIEM connector required.

    Python