United States
I’m an IT security and GRC leader with 10+ years spanning higher ed, gaming, and big tech — and my favorite part of the job is leaving things more secure, more compliant, and more durable than I found them. At the University of Washington, I served as cybersecurity lead and designated System Security Officer. I ran CrowdStrike-based incident response, led audits against NIST CSF, NIST SP 800-53, and HIPAA, and held CIO/SSO sign-off authority for a research center navigating multi-state (WA/CA) and federal IES compliance. Governance and risk are where I do my best work: translating frameworks into controls people actually follow, and making audits a routine outcome instead of a fire drill. That security work sits on top of a deep engineering foundation. I’ve built IT from zero — standing up a Tencent gaming studio’s entire stack (AWS, JumpCloud MDM, Google Workspace SSO/MFA, 100+ multi-OS workstations) in five months, with an MFA pattern later adopted as standard by sister studios in LA and Montreal. I’ve overhauled MDM across 300+ macOS/iPadOS devices, cut a clinical onboarding SLA from 48 hours to 2, and automated provisioning to shave 75% off the work. I’m fluent across JAMF Pro, Intune, JumpCloud, scripting in Bash/PowerShell/Python, and cloud on AWS/Azure/GCP. I also lead people. I’ve mentored and managed infrastructure and helpdesk teams (including union staff), run a $250K hardware lifecycle program at 100% budget compliance, and served on UW governance boards for IT/Cybersecurity, Benefits, and Research. Right now I’m building Dosanjh Labs, a suite of security & compliance software — including Sightline (a GRC platform that maps security posture to 22+ frameworks like NIST CSF, NIST SP 800-53, HIPAA, SOC 2, and CMMC) and Bastion (a CMMC Level 2 / NIST SP 800-171 self-assessment tool with live DoD SPRS scoring and SSP/POA&M generation). It’s the GRC work I love, turned into products. On the side, I build AI for low-resource languages — including an AI Sikh Librarian (a RAG pipeline over a 758M+ word multilingual corpus) now used in 20+ countries, and an open-source OCR library for Gurmukhi script. I’m currently open to work and most excited about IT Security / GRC and program leadership roles, with the engineering range to stay hands-on. If your team is wrestling with security posture, compliance, or scaling endpoint and cloud operations, I’d love to talk about how I can help. 📫 [email protected] · 🌐 jasvant.pages.dev · 🏢 dosanjhlabs.com · Seattle, WA
- Founded Dosanjh Labs and build a suite of security, compliance, and IT products — live at dosanjhlabs.com. - Sightline — a GRC platform that continuously maps an organization’s posture to 22+ frameworks (NIST CSF 2.0, SP 800-53, HIPAA, SOC 2, PCI DSS, ISO 27001, CMMC, FERPA, GDPR) and turns findings into plain-English, board-ready remediation plans. - Bastion — a CMMC Level 2 / NIST SP 800-171 self-assessment tool that computes a live DoD SPRS score and generates audit-ready SSP and POA&M documents entirely client-side, so CUI never leaves the machine. - Lookout & Cairn — cross-platform infrastructure monitoring, and device-inventory reconciliation across 12+ MDM/EDR sources (Jamf, Intune, JumpCloud, CrowdStrike, Defender). - Built the full platform on Cloudflare (Pages/Workers, D1) with Stripe subscription billing and passwordless auth (Clerk; passkeys/MFA; OIDC).
- Served as designated System Security Officer and CIO/SSO sign-off authority, leading security audits against NIST CSF, NIST SP 800-53, and HIPAA across multi-state (WA/CA) and federal IES compliance requirements. - Led CrowdStrike-based incident response, hardening endpoint security and detection across the college's infrastructure. - Directed an MDM overhaul of 300+ macOS/iPadOS devices in JAMF Pro, standardizing configuration, patching, and security baselines. - Onboarded the Speech & Hearing Sciences Clinic (5 HIPAA-regulated clinical vendors), improving support SLA from 48 hours to 2 and cutting $30K/year in costs. - Directed a 6-month network security migration with zero unplanned downtime; ran a $250K hardware lifecycle program at 100% budget compliance. - Led and mentored 9 infrastructure and helpdesk staff (4 union); served on the UW Professional Staff Organization Board and Faculty Councils for IT & Cybersecurity, Benefits & Retirement, and Research.
- Stood up a new gaming studio's entire IT environment from zero in 5 months — AWS, JumpCloud MDM, Google Workspace SSO/MFA, networking, and 100+ multi-OS workstations. - Architected a JumpCloud Go MFA implementation later adopted as the standard by Tencent's Los Angeles and Montreal studios. - Owned identity, endpoint management, and security operations as the studio's senior-most IT leader during launch.
- Automated macOS server imaging and API configuration via shell scripting, cutting provisioning time 75% (4 hours to 1). - Built repeatable infrastructure tooling that reduced manual setup and configuration drift.
- Authored Bomgar-to-Linux (Fedora/Ubuntu) porting documentation adopted by BeyondTrust as a first-party solution supporting 5,000+ AR/VR employees. - Contributed to a team ranked #1 nationally in ticket resolution. - Mentored 20 YearUp externs and 10 technicians; 5 mentees converted to full-time roles.