Skip to content
View srkyn's full-sized avatar

Block or report srkyn

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
srkyn/README.md

David Sarkisyan cybersecurity profile banner

David Sarkisyan

New York City cybersecurity analyst focused on security tools, detections, identity cleanup, endpoint review, and field notes. Built in Brooklyn.

STIGPilot tests lapse CI splunk-detection-content validation relic CI browser-bailiff CI undertaker CI

About

I work across security operations, IAM, endpoint security, vulnerability management, network defense, compliance evidence workflows, and Splunk-driven investigation.

My projects focus on operational risk that is easy to overlook: STIG changes that need triage, stale Entra ID devices, leftover Active Directory objects, scheduled jobs nobody reviews, browser extensions with broad access, detections that need tuning context, AI workflow control gaps, and network controls that need monitoring and documentation.

Current Per Scholas lab work adds Cisco Packet Tracer network-defense practice across traffic flow, secure remote access, wireless hardening, ACLs, authentication, DNS, logs, and endpoint fundamentals.

I keep the work practical: clear scope, readable output, reproducible checks, and public notes that avoid private data.

Featured Work

Project Focus Artifact
STIGPilot DISA STIG change triage, remediation backlog generation, evidence checklist planning, and ticket-ready exports Chrome demo
lapse Entra ID stale-device review using device timestamps and sign-in evidence Demo / Release
Splunk Detection Content SPL detections mapped to MITRE ATT&CK with analyst pivots and tuning notes Validation
relic Active Directory hygiene review for stale users, service accounts, and computer objects Demo / Release
Undertaker Read-only scheduled task auditor for cron, systemd timers, and Windows Scheduled Tasks Demo / Release
Browser Bailiff Browser extension permission, host access, age, and review-reason auditor Demo / Release
Authorized AI/LMS Security Assessment Authorized AI assistant assessment with a private 24-page report, 16 validated findings, OWASP LLM-aligned control review, remediation guidance, and a sanitized public case study LinkedIn copy
OPNsense + Proxmox Security Control Plane Firewall intent, DNSSEC, Quad9 DNS-over-TLS, DNS bypass blocking, CrowdSec, Proxmox LXCs, VictoriaLogs, NetAlertX, OpenCanary, Uptime Kuma Proxmox writeup / Design rationale

Contact

Portfolio: srkyn.com

LinkedIn: linkedin.com/in/srkyn

David Sarkisyan · Cybersecurity Analyst · New York City · Built in Brooklyn

Pinned Loading

  1. undertaker undertaker Public

    Defensive audit tool for stale or high-privilege scheduled tasks across Windows, Linux cron, and systemd.

    Python

  2. home-network-security home-network-security Public

    Sanitized OPNsense + Proxmox home security case study: firewall policy, DNS security, CrowdSec, logs, asset awareness, canary alerts, and safe operations.

  3. browser-bailiff browser-bailiff Public

    Read-only browser extension risk auditor for Chrome, Edge, and Firefox permissions, age, and host access.

    Python

  4. lapse lapse Public

    Entra ID device hygiene tool using Graph sign-in evidence to reduce stale-device false positives.

    Python

  5. relic relic Public

    Active Directory hygiene auditor for stale objects, risky group remnants, non-expiring passwords, and aging service accounts.

    Python