New York City cybersecurity analyst focused on security tools, detections, identity cleanup, endpoint review, and field notes. Built in Brooklyn.
I work across security operations, IAM, endpoint security, vulnerability management, network defense, compliance evidence workflows, and Splunk-driven investigation.
My projects focus on operational risk that is easy to overlook: STIG changes that need triage, stale Entra ID devices, leftover Active Directory objects, scheduled jobs nobody reviews, browser extensions with broad access, detections that need tuning context, AI workflow control gaps, and network controls that need monitoring and documentation.
Current Per Scholas lab work adds Cisco Packet Tracer network-defense practice across traffic flow, secure remote access, wireless hardening, ACLs, authentication, DNS, logs, and endpoint fundamentals.
I am an active member of the OWASP and ISC2 communities while building practical defensive-security work.
I keep the work practical: clear scope, readable output, reproducible checks, and public notes that avoid private data.
| Project | Focus | Artifact |
|---|---|---|
| STIGPilot | DISA STIG change triage, remediation backlog generation, evidence checklist planning, and ticket-ready exports | Chrome demo |
| lapse | Entra ID stale-device review using device timestamps and sign-in evidence | Demo / Release |
| IdentityRiskGraph | Identity-first detection engineering for CloudTrail IAM events, nested access paths, MITRE-mapped findings, and reviewable risk context | CloudTrail detector / Dashboard workflow |
| Splunk Detection Content | SPL detections mapped to MITRE ATT&CK with analyst pivots, tuning notes, and triage playbooks | Playbooks / Validation |
| relic | Active Directory hygiene review for stale users, service accounts, and computer objects | Demo / Release |
| Undertaker | Read-only scheduled task auditor for cron, systemd timers, and Windows Scheduled Tasks | Demo / Release |
| Browser Bailiff | Browser extension permission, host access, age, and review-reason auditor | Demo / Release |
| Authorized AI/LMS Security Assessment | Sanitized case study from an authorized AI assistant assessment, focused on access boundaries, control review, remediation paths, and redaction discipline | Control matrix / Redaction standard |
| OPNsense + Proxmox Security Control Plane | Firewall intent, DNSSEC, Quad9 DNS-over-TLS, DNS bypass blocking, CrowdSec, Proxmox LXCs, VictoriaLogs, NetAlertX, OpenCanary, Uptime Kuma | Proxmox writeup / Design rationale |
Website: srkyn.com
Email: contact [at] srkyn.com
LinkedIn: linkedin.com/in/srkyn
David Sarkisyan · Cybersecurity Analyst · New York City · Built in Brooklyn