Information Risk & AI Security
Securing information systems, defending against AI accelerated attacks, and automating risk operations
Click anything to earn XP & level up your character
Projects
Infrastructure
Kubernetes
Container orchestration for services
Local AI
Self-hosted AI services
Home Assistant
Home automation platform
Gitea
Self-hosted Git server
Virtual Machines
Multi-OS virtualization layer
Databases
Data services and persistence
Third Party Cyber Risk Management
Over a decade of experience managing third-party cyber risk across diverse vendor ecosystems. Leading assessments, monitoring programs, and AI risk evaluations from the front lines.
Third Party Risk Assessments
End-to-end risk assessments of third-party vendors, evaluating security posture, identifying gaps, and providing actionable remediation roadmaps aligned to NIST and ISO frameworks.
Control Maturity
Evaluating and maturing vendor security controls across the full lifecycle — from initial onboarding to ongoing reassessment, ensuring continuous alignment with organizational risk tolerance.
Cyber Event Response
Coordinating incident response for third-party security events, from initial detection through containment, notification, and post-incident remediation with full vendor accountability.
Continuous Third Party Monitoring
Implementing continuous monitoring programs that track vendor security posture in real-time — security ratings, breach alerts, compliance drift, and automated risk scoring.
Third Party Inventory
Building and maintaining comprehensive third-party inventories with risk categorization, data flow mapping, contract tracking, and automated refresh cycles to keep the vendor ecosystem fully visible.
Third Party AI Assessments
Specialized assessments for AI/ML vendors and AI-powered services, evaluating model risk, data governance, algorithmic bias, and AI-specific security controls in the third-party lifecycle.
Leadership Capabilities
Leading cross-functional risk initiatives, mentoring junior risk analysts, presenting to executive leadership, and driving organizational maturity in third-party cyber risk management practices.
EverQuest Ecosystem
EQEmulator Server
In 2006, a team of enthusiasts reverse engineered EverQuest's server/client communication protocol to preserve a beloved game. In 2009, I joined the project and contributed my Perl, Lua, SQL, and RPG development skills. I host a personal instance of the server used primarily for testing new features, and I'm building a 'Tour-de-Norrath' historical museum of the game.
Quest Development
The quests in EverQuest were nothing like modern MMORPGs — you won't find 'go kill 10 skeletons' here. They were impactful, meaningful, and often incredibly long. Rebuilding these quests has been a massive effort. We've even interviewed former EverQuest developers, artists, and producers to help restore quests that are old, broken, or lost to time.
About
Nic Weilbacher
I'm a Systems Engineer and DevOps practitioner with a deep passion for building reliable infrastructure, automating operations, and securing networks. With 13 years in cybersecurity — including 10 years specializing in third-party cyber risk, plus 3 years in vulnerability management and SOC — I bring a security-first mindset to everything I build. I specialize in multi-service home datacenters, Kubernetes orchestration, and automation tools that turn manual toil into elegant solutions.
My work centers on Python automation, infrastructure-as-code, and AI-assisted system administration. I build network monitoring platforms with CIS compliance reporting, vulnerability assessment tools with LLM-driven analysis, and distributed task processing systems. I'm passionate about self-hosted services, private cloud infrastructure, and open-source tooling.
When I'm not working, I'm tinkering — whether it's experimenting with local AI models, building RPG engines, crafting retro-themed websites, or exploring something completely new. I love learning across a broad range of topics and turning curious ideas into real projects.