Governance, risk, and compliance —
done with technical depth.
Security consulting and research across GRC, identity, and cloud.
Available for consulting
& contract work
Remote and on-site engagements.
GRC Advisory
Governance, risk, and compliance program development aligned to NIST CSF, NIST SP 800-53, ISO 27001, and industry-specific frameworks including HIPAA and PCI DSS.
Risk Assessment
Identification, analysis, and prioritization of security risks across network, identity, and cloud environments — with actionable findings and documented risk responses.
Compliance Gap Analysis
Assessment of current security posture against applicable regulatory and framework requirements, with a prioritized roadmap to close identified gaps.
Security Policy Development
Development and documentation of security policies, standards, and procedures — from overarching security policy through functional policies and operational baselines.
Identity & Access Management
IAM program assessment and implementation across Okta, Microsoft Entra ID, and AWS IAM — covering least privilege, lifecycle management, MFA, and SSO.
Ongoing Advisory
Retained GRC and security advisory for organizations that need consistent expertise without a full-time hire — policy maintenance, risk reviews, and compliance monitoring.
Let’s work together.
Available for project-based engagements, staff augmentation, and retainer work.
Get in TouchNot sure what you need?
That’s a fine place to start.
Send a message about your environment and I’ll let you know how I can help — or point you in the right direction if I can’t.
Send a Message