Consulting

CONSULTING

PAGE HEADLINE

Strategic Cybersecurity & GRC Consulting

INTRO

I work with organizations that need experienced security leadership — without the overhead of a full-time hire. Whether you’re building a program from scratch, preparing for an audit, or trying to align your security posture with your business strategy, I can help.

My engagements are direct, practical, and grounded in 20+ years of doing this work across a variety of industries and environments.

SERVICES

GRC Program Development

Building governance, risk, and compliance programs from the ground up. This includes framework selection and mapping (NIST CSF, ISO 27001, SOC 2, PCI DSS), policy development, risk register design, and program documentation.

Audit Readiness & Preparation

Getting your organization ready for external audits or certification reviews. I help identify gaps, build evidence packages, prepare your team, and manage the audit relationship.

Risk Assessment & Management

Conducting enterprise risk assessments, developing risk treatment plans, and building repeatable risk management processes that scale with your organization.

Security Program Review & Advisory

An objective review of your existing security program — what’s working, what’s not, and where to focus. Ideal for organizations that have grown their security posture organically and want an outside perspective.

Fractional CISO / vCISO Services

Ongoing strategic security leadership on a part-time or advisory basis. I can serve as your security voice in executive and board conversations, help set direction, and keep your program moving.

Compliance Gap Analysis

Structured assessment of where your current controls stand against a specific framework or regulatory requirement, with a prioritized remediation roadmap.

WHO I WORK WITH

I work best with mid-market companies, growth-stage organizations, and teams that are serious about security but may not yet have the internal resources to go it alone. Industry experience includes technology, professional services, retail, and regulated industries.

HOW TO ENGAGE

Most engagements start with a conversation. I’ll ask about where you are, where you’re trying to go, and what’s getting in the way. From there, we’ll figure out if and how I can help.

[ Get in Touch → ] (link to contact page)