Skip to content

Add profile: Valeri Milke (@vamisec) #92

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
github-actions wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add profile: Valeri Milke (@vamisec) #92

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
113 changes: 113 additions & 0 deletions engineers/vamisec.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,113 @@
---
name: "Valeri Milke"
github: "vamisec"
specializations:
- "Audit & Assurance"
- "Cloud Security"
- "Compliance Automation"
- "Identity & Access Management"
- "Incident Response"
- "Offensive Security"
- "Privacy"
- "Risk Management"
- "Security Architecture"
- "Security Governance"
- "Security Operations"
- "Third-Party Risk"
- "Vulnerability Management"
- "AI Governance"
- "Cloud Governance"
- "DevSecOps"
- "AI Pentesting"
- "Agentic AI Threat Modeling"
- "MAESTRO"
- "STRIDE"
title: "CEO"
company: "VamiSec GmbH"
location: "Bonn"
linkedin: "https://www.linkedin.com/in/valeri-milke/"
twitter: "https://x.com/VamiSec"
blog: "https://www.youtube.com/@VamiSec"
frameworks:
- "CCPA"
- "CJIS"
- "CMMC"
- "CMS ARC-AMPE"
- "COBIT"
- "CSA STAR"
- "EU AI Act"
- "FedRAMP"
- "GAO Green Book"
- "GDPR"
- "GovRAMP"
- "HIPAA"
- "HITRUST"
- "IRS Pub 1075"
- "ISO 27001"
- "ISO 27017"
- "ISO 27018"
- "ISO 42001"
- "NIST 800-53"
- "NIST 800-171"
- "NIST AI RMF"
- "NIST CSF"
- "NIST RMF"
- "PCI-DSS"
- "SOC 2"
- "StateRAMP"
languages:
- "Bash"
- "Go"
- "JavaScript"
- "OSCAL"
- "PowerShell"
- "Python"
- "Rust"
certifications:
- "ISO 27001 LA"
- "ISO 42001 LA"
- "AI Act Officer"
- "CRA"
- "NIS2"
- "DORA"
- "GDPR (IHK)"
available_for:
- "mentoring"
- "speaking"
- "consulting"
- "open-source"
- "hiring"
- "collaboration"
projects:
- name: "VamiGRC"
url: "https://vamigrc.com"
description: "AI-native, agentic GRC platform unifying ISMS, AIMS, PIMS, BCMS and CSMS into one integrated management system. VamiGRC helps organizations manage regulatory complexity across ISO 27001, ISO 42001, NIS2, DORA, EU AI Act, CRA and GDPR with evidence-based, audit-ready workflows."
---

## About Me

I got into GRC because I saw that security and compliance only create real value when they are connected to actual business risk, technical reality and operational decision-making. Too often, GRC is treated as documentation work for audits rather than a structured way to build trust, resilience and secure growth.

I am the founder and CEO of VamiSec, an AI-driven IT security and GRC consultancy based in Germany. My work focuses on helping organizations design and operate integrated management systems across information security, AI governance, privacy, resilience and product security. This includes ISO 27001, ISO 42001, NIS2, DORA, the EU AI Act, CRA, GDPR and related security frameworks.

With VamiGRC, my current focus is on rethinking GRC as an AI-native, agentic operating model: not another tool that simply stores risks and controls, but a platform that actively supports risk analysis, evidence management, regulatory mapping, audit readiness and management reporting.

My passion is building trustworthy security and compliance systems that are practical, technically grounded and useful for both management and engineering teams.

## Experience Highlights

- Founder & CEO of VamiSec, focused on IT Security, GRC and AI Governance
- Certified ISO 27001 Lead Auditor and ISO 42001 Lead Auditor
- Designed integrated management systems across ISMS, AIMS, PIMS, BCMS and CSMS
- Supported organizations with NIS2, DORA, EU AI Act, CRA, GDPR and ISO compliance
- Built VamiGRC as an AI-native, agentic GRC platform for modern compliance operations
- Led and supported security assessments, risk analyses, audit preparation and compliance implementation projects
- Experience in cloud security, AI security, secure SDLC, penetration testing and technical risk validation
- PECB Training Partner for internationally recognized security and compliance training programs
- Wiz Partner with focus on cloud security, CNAPP and managed cloud security services
- Strong focus on making GRC practical, evidence-based and audit-ready

## Get in Touch

The best way to connect is via LinkedIn DM or by email at valeri.milke@vamisec.com.
I am always open to exchanging ideas on AI-native GRC, integrated management systems, regulatory compliance, cloud security and trustworthy AI.