George Akai

George Akai

Cybersecurity Analyst · Software Developer · AI Solutions Developer

AI Solutions  ·  Cybersecurity  ·  Full-Stack Engineering  ·  Certifications

B.S. Computer Information Systems & Cybersecurity  ·  California State University, Chico  ·  2026

This page documents applied AI, cybersecurity, and software engineering work — from production-deployed full-stack applications and hands-on InfoSec operations to competitive cybersecurity and AI development on AWS. Credentials include CompTIA Security+ (ce), Qualys VMDR, and multiple AWS security and AI certifications. Entries are ordered by impact within each section.

Home Lab Setup

Tools and platforms I use in a local lab for blue-team practice, network visibility, forensics, and vulnerability assessment. Layout below is a simple dashboard-style overview.

Wazuh dashboard: CIS Microsoft Windows 11 Enterprise configuration assessment on a lab agent.

Wazuh

SIEM

SIFT Workstation desktop: terminal listing home directory with pcap and forensic reference PDFs.

SIFT Workstation

Network forensics

SOF-ELK dashboard: network forensics and log visualization.

SOFELK

Network forensics / visualization

Suricata IDS/IPS: network traffic alerts and rule triggers.

Suricata

IDS / IPS

Digital forensics tools

Host & disk analysis

  • Registry Explorer
  • JLEC
  • LEC
  • KAPE
  • Arsenal Image Mounter

OpenVAS

Vulnerability scanner

Featured work

Selected work across AI, cybersecurity, and full-stack development, ordered by relevance and impact.

The Humboldt Helpers

Abstract. Researchers faced inefficient navigation and "clickrage" on dense university web pages. We built a Streamlit-based assistant using RAG on AWS to deliver contextual answers and safer model behavior.

StreamlitCSSAWS BedrockS3Knowledge BaseRAGSemantic chunkingTitan V2ClaudeNLPPromptingGuardrailsGitHub
Forensics Agent — AI-assisted digital forensics platform

Forensics Agent

Abstract. Analysts lose time manually extracting and correlating artifacts from forensic acquisitions. This Capstone project delivers a full-stack platform that automates artifact extraction, stores parsed data in AWS S3, and deploys an AI agent with RAG to generate investigation timelines, detailed reports, and context-aware answers to analyst queries.

Django RESTReactViteAWS S3AWS BedrockAI AgentRAGJWT
Kenrish Collection full-stack IMS

Kenrish Collection: Full-Stack IMS (React + Django)

Abstract. Boutique retail businesses need a single platform to track inventory, record sales, and answer customer questions without manual spreadsheets. Kenrish Collection is a responsive full-stack IMS that gives store administrators real-time visibility into stock, pricing, and financials. It also includes a RAG chatbot powered by OpenRouter models to answer customer questions about products and services.

ReactDjango RESTPythonJWTRAGOpenRouterNLPRenderDark Mode
National Cyber League

National Cyber League

Abstract. Competitive cybersecurity challenges required rapid application of offensive and analytical skills across domains from OSINT to password recovery, strengthening practical red-team thinking.

OSINTCryptoNetwork analysisEnumerationPassword cracking
Google Cybersecurity

Google Cybersecurity (certificate program)

Abstract. The program established core analyst competencies (frameworks, SOC-style workflows, traffic and vulnerability tooling, and automation) aligned with operational security roles.

LinuxSQLWiresharkSuricataPythonNISTSOC
Information Security Analyst Assistant

Information Security Analyst Assistant — Chico State

Abstract. Enterprise security operations require coordinated vulnerability management, access control, compliance communications, and proactive threat monitoring. I supported the full InfoSec operations cycle across the campus — from Qualys VMDR reporting and RBAC access reviews to DMARC compliance and CISA advisory monitoring — improving vulnerability remediation efficiency by 15%.

Qualys VMDRRBACCMDBCISA / CVEsDMARCAdobe SignCSU LearnExcel
KnowledgeBase

Information Security: KnowledgeBase Article Write & Review

Abstract. Departments needed clear guidance to complete the Sensitive Data Inventory Survey and protect classified data. A published KnowledgeBase article standardized instructions and reinforced policy alignment.

KnowledgeBaseComplianceCSU policy

Role: Author / technical writer · Timeline: 2025 (annual survey cycle) · Context: Chico State ISEC

While working in the Information Security Department, I was assigned to create a KnowledgeBase article that would guide Chico State departments in preparing for the annual Sensitive Data Inventory Survey. I authored the article, which was published in the ISEC documentation on the school’s support page, ensuring that departments had clear instructions and resources to complete the survey effectively. The article emphasized the importance of protecting Level 1 data (CSU’s classification for highly sensitive information) and promoted compliance awareness by explaining how the survey supported adherence to CSU policy. In doing so, I contributed to broader security initiatives by providing clear documentation and communication that reinforced the university’s commitment to data protection and compliance.

Computer deployment — Windows 11 rollout

Computer Deployment Technician — Chico State IT

Abstract. A campus-wide PC-as-a-Service rollout required imaging, configuring, and deploying 300+ Windows 11 machines across labs and offices on a tight timeline. I managed the full workflow from ticket tracking through end-user onboarding and e-waste retirement — completing the rollout two weeks ahead of schedule.

Windows 11MDTTeam DynamixEndpoint ManagementIT Support
Chess app

Chess Javascript App

Abstract. The project compared Django-centric request handling to more client-heavy stacks by implementing a playable chess board with synchronized front-end interaction and authenticated user flows.

DjangoSQLiteBootstrapJSjQueryGitHub
Kenrish Node

Kenrish Collection Website: Node.js Early Version

Abstract. A small business required broader visibility and a responsive storefront. An early Node/Express implementation delivered mobile-first layout, modern UI patterns, and encrypted credentials for accounts.

Node.jsExpressHTMLCSSBootstrap

Research & applied AI projects

Includes ongoing work in AI-assisted forensics and the Humboldt Helpers project (also listed above under Featured work: The Humboldt Helpers).

The Forensics Agent Capstone project is documented in full under Featured work above.

Cybersecurity experience

Complete problem statements, methodologies, and outcomes for the National Cyber League, Google Cybersecurity Certificate program, and the Information Security Analyst Assistant role are documented in Featured work above.

Credential highlight

CompTIA Security+ (Continuing Education) complements this experience by validating baseline mastery of threats, vulnerabilities, identity and access, architecture, operations, and governance, aligned with entry-level security analyst and SOC-adjacent roles. The official certificate PDF is linked in Certifications below.

Software engineering & full-stack development

Full project narratives for Kenrish Collection (React + Django IMS), Kenrish Collection (Node.js early version), and the Chess Javascript App appear in Featured work above.

Publications & writing

The KnowledgeBase article for the Sensitive Data Inventory Survey (authored for Chico State Information Security, published in ISEC documentation) is presented in full in Featured work above under Information Security: KnowledgeBase Article Write & Review.

Certifications

Featured credential

CompTIA Security+ (ce)

CompTIA Security+ is a vendor-neutral, ISO/ANSI-accredited certification that confirms foundational cybersecurity skills across threats, attacks, and vulnerabilities; architecture and design; implementation; operations and incident response; and governance, risk, and compliance. The Continuing Education (ce) program maintains the credential through ongoing professional development, supporting readiness for analyst-facing roles and reinforcing the hands-on experience documented elsewhere in this portfolio (competition, coursework, and institutional security work).

View certificate (PDF) Issued by CompTIA · 2026 · Continuing Education (ce) · PDF hosted in this portfolio

What I Learned

  1. Security foundations
    • The CIA Triad (Confidentiality, Integrity, Availability) as the anchor for every security decision.
    • How risk, threats, vulnerabilities, and impact interact in real environments.
  2. Identity & access management
    • Strong authentication models: MFA, SSO, federation, biometrics, and smart cards.
    • Authorization frameworks: RBAC, ABAC, MAC, DAC.
    • Why least privilege and privilege auditing prevent lateral movement.
  3. Network security
    • Secure network design: DMZs, VLANs, jump servers, VPNs, zero trust.
    • Defensive tools: firewalls, NIDS/NIPS, proxies, UTMs, WAFs.
    • Attack patterns: MITM, DDoS, replay, spoofing, scanning, beaconing.
  4. Threats, attacks & vulnerabilities
    • Malware families: ransomware, trojans, rootkits, fileless malware.
    • Social engineering: phishing, vishing, pretexting, tailgating.
    • Application vulnerabilities: SQLi, XSS, CSRF, insecure deserialization.
  5. Secure architecture & design
    • Hardening systems: patching, secure baselines, configuration management.
    • Virtualization & cloud security: IaaS/PaaS/SaaS, shared responsibility, container security.
    • Cryptography basics: hashing, encryption, TLS, PKI, certificates.
  6. Incident response & forensics
    • The IR lifecycle: Preparation → Identification → Containment → Eradication → Recovery → Lessons Learned.
    • Evidence handling: chain of custody, volatile vs non-volatile data, forensic imaging.
    • Log analysis fundamentals: auth.log, network logs, SIEM correlation.
  7. Governance, risk & compliance
    • Policies: acceptable use, data classification, change management, onboarding/offboarding.
    • Frameworks: NIST, ISO 27001, CIS Controls.
    • Legal/ethical considerations: PII, GDPR, HIPAA, PCI-DSS.
Google Cybersecurity Certificate

Google Cybersecurity Certificate

2023-2024 · Google / Coursera

National Cyber League

National Cyber League

Fall 2024

Qualys Vulnerability Management, Detection and Response

Qualys Vulnerability Management, Detection and Response

2025 · Qualys

AWS Security Fundamentals

AWS Security Fundamentals

2025 · Amazon Web Services

AI Security on AWS

AI Security on AWS

2025 · Amazon Web Services

Building Generative AI Solutions using AWS

Building Generative AI Solutions using AWS

2025 · Amazon Web Services