CURIOSITY IN ACTION

My portfolio
Hobby projects
Automating with AI
Capturing light

Welcome to the digital space of a curios kid. Designed to showcase my portfolio, host hobby projects, automate workflows with AI, and display photos captured through my lens.

curios-dashboard.io
const kid = new CuriosKid({
mode: 'always-building',
stack: ['AI', 'GRC', 'Web', 'Photo']
});
kid.explore().then(deploy);
GRC Status 100% Compliant
Active AI Agents 5 running
๐Ÿ“ธ
Golden Hour f/2.8 ยท ISO 100
PORTFOLIO

Interactive Resume & Blog

Explore my full professional resume, experience, skills, certifications and articles on Security, GRC and photography.

CV_draft.pdf
General CV Layout Template
Open Resume →
Interactive Resume Skills Certifications

Interactive Portfolio

A digital space detailing my professional experience, core certifications, and technical skills. It features an interactive video resume and direct access to my latest resume

Launch Interactive Resume →
ESSAY
insight_draft.md
General Essay Layout Template
Read Blogs →
Security GRC Photography

Blog

Reflections on cybersecurity, GRC, and photography. Explore my professional journey, experience, and the hidden stories behind my favorite captures.

Read My Blog →
๐Ÿ—๏ธ

Engineering Pipeline Active Build

My current focus is bringing the **Interactive Portfolio & Blog** to life. Other sections, such as hobby projects, AI workflows, and photography, are under active curation and will be fully integrated very soon.

HOBBY PROJECTS DRAFT CONCEPT

GRC Concepts & Models

Conceptual studies, compliance frameworks, and study guides.

๐Ÿงฎ Dynamic Risk Matrix Tool Thumbnail

Interactive Risk Matrix

A visual matrix to assess risk levels based on likelihood and impact, with dynamic coloring.

View Demo
๐Ÿ“„ Compliance Policy Generator Thumbnail

Policy Generator

Generate policy documents in markdown with customizable sections for security standards.

Download Template
๐Ÿ› ๏ธ Evidence Collector CLI Utility Thumbnail

Evidence Collector CLI

CLI tool to gather system configuration evidence for audits, outputting JSON or CSV reports.

GitHub Repo
AI WORKFLOWS DRAFT CONCEPT

Conceptual Workflow Automation

An exploration of theoretical GRC processes like automated policy parsing and compliance structure mapping.

  • Trigger Action Architecture: Webhooks monitor email, GitHub activity, or Slack channels to launch workflows instantly.
  • LLM Intent Parsing: Incoming data is analyzed by LLM agents to determine category, sentiment, and required route.
  • Automatic Logging: Every workflow reports status to GRC databases to maintain auditable, secure activity logs.
โšก GitHub Webhook Active
๐Ÿง  GPT-4 agent.parse() Processing...
๐Ÿ—„๏ธ GRC Log Updated Done
LEARN GRC DRAFT CONCEPT

Study Reference & Frameworks

A personal repository of cheat sheets, academic frameworks, and study summaries explaining Governance, Risk, and Compliance.

SOC 2 (System and Organization Controls)

An auditing procedure designed by the AICPA that ensures service providers securely manage data to protect the interests of their clients and the privacy of their clients' partners.

  • Security (The Core): Protecting systems against unauthorized access.
  • Availability: Ensuring systems are accessible as agreed upon in SLAs.
  • Confidentiality: Restricting access to sensitive data to authorized personnel.
1 Define Trust Criteria
2 Implement Controls
3 Collect Audit Evidence

ISO/IEC 27001 Standard

The leading international standard focused on information security management systems (ISMS). It provides a systematic approach to managing sensitive company information so that it remains secure.

  • ISMS Scope: Clearly bounding what information is being protected.
  • Annex A Controls: 93 specific controls divided across 4 main themes (Organizational, People, Physical, Technological).
  • Continuous Improvement: The PDCA (Plan-Do-Check-Act) cycle for compliance management.
Org
People
Phys
Tech
ISMS

Risk Assessment & Mitigation

A continuous process to identify, analyze, evaluate, and address security risks that could impact the confidentiality, integrity, and availability of organization assets.

  • Identify Threats: Catalog vulnerabilities, server failures, or phishing vectors.
  • Calculate Risk: Risk score = Likelihood × Impact.
  • Treatment Strategies: Accept, Mitigate, Transfer, or Avoid the risk.
High
High
Crit
Med
High
Crit
Low
Med
High
โ† Likelihood / Impact โ†’
PHOTOGRAPHY DRAFT CONCEPT

Personal Photography Curation

A collection of hobbyist visual moments captured on medium format and digital film, focusing on architecture and nature.

Minimal architectural geometry under blue sky
Architecture

Geometric Shadows

Ocean waves crashing against basalt cliffs at sunset
Landscape

Basalt Coastline

Cyberpunk neon-lit streets in Tokyo during rain
Street

Neon Rain

Would like to get in touch with me?

If you are interested in knowing more or would like to contact me to discuss any potential opportunities? Let's connect.

Send an Email →