Federal-grade security engineering and AI automation — from a practitioner actively running Tenable VM, Ansible, CIS/STIG compliance, and AI chatbot deployments. Available for security advisory contracts and local business AI builds.
Security infrastructure for technical teams. AI automation for local businesses. Both built the same way — no templates, no shortcuts. · info@rootandsecure.io
Tenable deployed but findings aren't actionable. Scan coverage gaps, POAMs out of sync, audits approaching. This engagement closes those gaps — credentialed coverage validated, findings prioritized, reporting audit-ready.
Discuss engagement ▶ Currently unavailableCIS/STIG baseline delivered at scale with Ansible. Assessment, playbook development, Tenable compliance validation, and documented exceptions. Built for RHEL environments. Evidence-ready on day one.
Discuss engagement ▶ Currently unavailableEnterprise tools deployed but not operationalized. Armis, Axonius, Sentinel, DTEX — platform configuration, asset inventory integration, alerting workflows, and operator documentation. From installed to running.
Discuss engagement ▶ Currently unavailableDental practices, medical offices, and service businesses. Trained on your real content — hours, services, insurance, emergency routing. Live on your site in 2–4 weeks. Captures leads while your office is closed.
View AI services ▶Law firms, real estate agencies, and high-inquiry businesses. Qualifies leads 24/7, collects intake information, and routes hot prospects to your team before a competitor responds. Builds on your existing website.
View AI services ▶Property managers and e-commerce brands. Routes maintenance requests, answers policy questions, handles order status — all without staff involvement. Monthly optimization retainer keeps it current.
View AI services ▶CIS RHEL 9 benchmark automation — Level 1 & Level 2. Ansible-driven. Validated against Tenable VM. 213 controls. 191 implemented.
| Control | Category | Risk | Result |
|---|---|---|---|
| 1.4.2 Bootloader config | Bootloader | CRITICAL | ✓ PASSED |
| 1.6.1 Crypto policy | Crypto Policy | CRITICAL | ✓ PASSED |
| 1.6.5 Disable CBC SSH | Crypto Policy | CRITICAL | ✓ PASSED |
| 1.3.1.6 Unconfined svcs | SELinux | CRITICAL | ✗ FAILED |
| 4.2.2 Firewalld loopback | Firewall | CRITICAL | ✗ FAILED |
| 5.1.10 DisableForwarding | SSH Config | CRITICAL | ✗ FAILED |
| 5.4.2.7 System acct shells | Accounts | HIGH | ✗ FAILED |
| 6.1.3 AIDE integrity | File Integrity | HIGH | ✗ FAILED |
Federal SOC environment. Active engagements. Not a lab.
Built in federal SOC environments, not classrooms. Every control, playbook, and remediation workflow here runs in production against real government infrastructure — daily.
A decade-plus of hands-on work across RHEL 7/8/9, VMware, Azure, and hybrid cloud. 1,500+ servers hardened, CIS and STIG pipelines automated with Ansible, and vulnerability operations run across six enterprise platforms under FISMA and CISA KEV frameworks.
Root & Secure is the external face of that work — available for fractional security platform engineering, vulnerability management engagements, and compliance automation projects for organizations that need senior-level execution without a full-time hire.
Engagements are scoped to your environment, timeline, and deliverables. Start with a brief email outlining your need — we'll respond within one business day.
Send a project brief
Email info@rootandsecure.io with scope and timelineScoping call
30 minutes — define deliverables, timeline, and fitEngagement agreement
SOW issued — clear scope, rate, and start dateExecution begins
Production-ready from day one — no ramp-up theaterSend a brief description of your project, environment, and timeline. Engagements typically run 30–120 days. Remote-first, available to federal contractors and private sector organizations.
▶▶ Email info@rootandsecure.io Read Field Notes