Home About Capabilities Markets Careers Contact Us
Where Compliance Meets Mission

Authority.
Clarity.
By Design.

We build the compliance infrastructure that lets defense organizations focus on the mission — not the documentation.

Mission Success Depends On
What happens before the first shot is fired.
25+ yrs
Combined naval aviation, EW & air-defense experience
SDVOSB
Service-Disabled Veteran-Owned Small Business
NIST 800-171
Aligned · CMMC Level 2 readiness in flight
GovCloud-Native
Architected for FedRAMP High at Phase III
What We Do

Built for the Compliance-
Critical Environment

From security architecture to AI-powered documentation — we operate where precision and mission intersect.

🏛
The Fortress (CaaS Platform)
A seven-layer Compliance-as-a-Service platform — governed AI inference, deterministic state machines, OSCAL-native evidence, immutable audit ledger. Designed for the GovCloud boundary.
Learn more
📡
CATE Adversary Engine
Doctrine-grounded threat behavior for naval-aviation LVC training. Deterministic in the critical path; the language model held offline and supervised. DIS V7-compliant.
Learn more
📄
Documentation Engine
Security Classification Guides, Program Protection Plans, OPSEC, Insider Threat, and Compliance packages — generated, policy-validated, and signed into the evidence ledger.
Learn more
About

Serapis represents the merging of worlds — and the authority between them.

A defense-focused technology firm built by veterans who have operated in the environments our clients serve.

Who We Are
Leadership
Culture & Community
Ethics & Integrity

We build the infrastructure
mission depends on.

Serapis Architecture is a defense-focused technology company delivering compliance infrastructure and AI-powered security systems for federal contractors and government agencies. We work where precision isn't optional — where a documentation gap becomes a mission risk.

Founded by veterans who have served in the environments our clients operate, we bring operational experience alongside deep technical depth. Our work spans cloud security architecture, intelligent compliance systems, and defense training technology — each discipline reinforcing the others.

The name Serapis carries meaning by design: the ancient deity who embodied the merging of worlds, a figure of authority bridging realms. That is what we do — we bridge the world of operational mission requirements with the world of technical infrastructure, making compliance something that enables the mission rather than slowing it down.

Operational Grounding
Every solution we build is grounded in the reality of how defense organizations actually operate — informed by the people who have been there.
Technical Precision
We do not approximate compliance. Evidence is immutable, decisions are logged, and every output is validated before it reaches a compliance record.
Mission First
Compliance exists to protect and enable the mission. Our systems are built with that priority — not the inverse.
Accountable Delivery
We operate with the rigor of the organizations we serve — audit-grade documentation, traceable decisions, and a commitment to what we say we will build.
Devin Hummel
Chief Executive Officer & Principal Investigator
Devin Hummel
USN AO1 · Sailor of the Year · CDQAR/CDI/QASO · SDVOSB Owner
View profile
Eric Vice
Chief Information Security Officer & EW Systems SME
Eric Vice, MS, PMP
USN P-8A EW Operator · MS · MBA in progress · CASP+ · 8140 IAT-III
View profile
Izak Ramirez
Chief Commercial Officer
Izak Ramirez
USN P-8 Aircrewman · EW/AO · GBAD Simulator Operator · Active SECRET
View profile
Jacob R. Whitney
Chief Data Officer
Jacob R. Whitney
USN AO2 · Data Strategy & Engineering
View profile
CK
Chief Technology Officer
Cody Kuykendall
Principal Engineer & Chief Architect
View profile

Veteran-Led, Mission-Driven

Our founders served in the naval aviation, electronic-warfare, and ground-based air-defense communities — accumulating more than 25 combined years of operational mission experience. That service shapes how we operate: with discipline, accountability, and a deep understanding of what's at stake when systems fail.

Small Team, High Trust

We are a small company by design — not by limitation. Fewer layers mean faster decisions, direct accountability, and a culture where every person's contribution is visible and valued.

Community Commitment

We are committed to building pathways for veterans entering the technology sector, and to supporting the defense community that shaped our founders. Service doesn't end at separation.

Builders at Heart

We hire people who build things — engineers, architects, and operators who take ownership of outcomes rather than activity. We value judgment, depth, and the ability to operate with ambiguity.

01
Integrity in Every Output
We never ship a compliance artifact we have not validated. Every deliverable is traceable to an authoritative input and a documented decision. We do not approximate.
02
Responsible Use of AI
We deploy artificial intelligence within governed boundaries. Every model output is validated by policy gates before it influences a compliance record. We do not allow AI to operate unsupervised in consequential environments.
03
Client Confidentiality
The organizations we serve operate in sensitive environments. We handle all client information — program data, security posture, organizational context — with the discretion that trust requires.
04
Transparent Limitations
We do not overstate our capabilities or our clearances. We communicate our current posture, our roadmap, and the boundaries of what we can deliver — and we hold ourselves to those commitments.
05
Security First
Every architectural decision we make prioritizes security by design — not as a retrofit. We build for the classified environment from the first line of infrastructure.
Capabilities

What We Build

Three integrated pillars — a governed compliance platform, a deterministic AI adversary engine, and a federally-scoped documentation engine — built on a single architecture and governed by ITIL v5 plus the 6C AI Capability Model.

🏛
The Fortress — Compliance-as-a-Service Platform
Our flagship platform. A seven-layer architecture spanning identity, policy-as-code, governed AI inference, deterministic state machines, OSCAL-native evidence generation, an immutable S3 Object Lock evidence ledger, and continuous-monitoring telemetry. Designed for FedRAMP High at the GovCloud boundary, with every AI decision gated by Open Policy Agent and bounded by a documented state transition before it influences a federal record.
📡
CATE — Cognitive Adversary Training Engine
The first product on the Fortress. A doctrine-grounded adversary behavior engine for naval-aviation Live-Virtual-Constructive training environments. Deterministic state machine in the critical path, large-language model held offline and supervised; emitter parameters validated against authoritative threat data; DIS V7-compliant PDU egress. CATE replaces scripted adversaries with adaptive, threat-accurate behavior — without ever placing an unsupervised model in the loop.
📄
Documentation Engine — Federal Records, on Demand
Security Classification Guides, Program Protection Plans, OPSEC Plans, Compliance Packages, and Insider Threat Programs — generated from authoritative inputs, validated by Open Policy Agent, signed into the Fortress evidence ledger, and maintained as living artifacts. Built to the OSW-SCO topic OSW26BZ02-DV003 reference architecture and aligned to CMMC Level 2 / NIST SP 800-171 control families.
🛡
ITIL v5 + 6C AI Governance
Every AI surface in the Fortress is mapped to one of the six 6C AI capabilities (Curate, Categorize, Compose, Converse, Cooperate, Conclude), gated by deterministic policy, and validated against a documented Practice in the ITIL v5 Practice Service Layer (PSL) Model. Governance is not retrofitted — it is the architecture.
🔗
Mission-System Integration
The Fortress and CATE both integrate with existing DoD systems — DIS V7 simulator networks, GCC / GCC High Microsoft 365 tenants, AWS GovCloud accounts — extending capability without displacing what already works. Targeted, precise modernization with a measurable evidence trail; no rip-and-replace.
🔐
Evidence Ledger & Audit Substrate
The unifying layer underneath every Serapis surface: a KMS-encrypted, S3 Object Lock immutable record of every decision, policy gate, and AI generation — written automatically, tamper-evident by design, and indexed for assessor query. The discipline behind Navy aviation quality assurance, applied to federal AI governance.
Markets

Who We Serve

From prime contractors to program offices, we operate where compliance and mission converge.

Naval Aviation
Training systems, threat emulation, and compliance infrastructure for naval aviation programs. Our team has operated on the same platforms our clients support — from the P-8A Poseidon to carrier-based aircraft.
🏛
Defense Acquisition
Program Protection Plans, Security Classification Guides, and compliance infrastructure for defense acquisition programs navigating CMMC, ITAR, and DoD policy requirements throughout the acquisition lifecycle.
🔒
Defense Contractors
Compliance automation and security architecture for prime contractors and subcontractors operating in the Defense Industrial Base — from CMMC Level 1 through cleared environments requiring robust CUI handling.
🏢
Federal Agencies
Policy-as-code compliance infrastructure and AI-powered security systems for federal agencies operating under FISMA, NIST frameworks, and FedRAMP requirements — with the audit trail to back every decision.
Careers

Join the Mission

We're building a company where people with operational background and technical depth can do their best work.

Serapis Architecture is an early-stage company with a clear purpose and a founding team that has built and operated in the environments our work targets. We are looking for people who bring both domain knowledge and technical capability — and who are motivated by meaningful work in the defense and federal space.

We value judgment over credentials, depth over breadth, and builders who take ownership of outcomes. If you have a background in defense, federal contracting, cloud security, or compliance — and you want to work on problems that matter — we'd like to talk.

All roles are remote-first. Clearance eligibility is required for most positions. Veterans are strongly encouraged to apply.

Ownership
We hire people who take accountability for outcomes, not just activity
Domain Depth
Operational experience in the environments we serve is a genuine differentiator here
Builder Mentality
We are building from the ground up — we want people energized by that, not unsettled by it

Open Positions

Cloud Security Engineer
Engineering · Remote · Clearance Eligible Required
Apply
Compliance Analyst
Compliance · Remote · CMMC / NIST Experience Preferred
Apply
Federal Business Development
Growth · Remote · Defense Contracting Background
Apply
Contact

Let's talk about what your mission needs.

Our leadership team responds directly. Whether you're evaluating a compliance challenge, exploring a partnership, or looking to understand what we build — reach out and we'll get back to you promptly.

DH
CEO & Principal Investigator
Devin Hummel
devin@serapis-architecture.com
EV
CISO & EW Systems SME
Eric Vice
eric@serapis-architecture.com
IR
Chief Commercial Officer
Izak Ramirez
izak@serapis-architecture.com
CK
Chief Technology Officer
Cody Kuykendall
cody@serapis-architecture.com
JW
Chief Data Officer
Jacob R. Whitney
jacob@serapis-architecture.com
All communications are handled directly by the founding team.
Legal

Policies & Notices

Plain-language statements of how this site works, what we do and do not collect, and the terms that govern your use.

Privacy
Terms of Use
Cookies & Tracking
Accessibility