$ whoami
IT, security, and compliance — built for companies too small to have their own team for it.
Founder-led IT support, cybersecurity, and security compliance for startups and small businesses.
$ contact --start$ services --list
// it-support
IT Support
Day-to-day IT that scales without an in-house team: endpoints, infrastructure, and help-desk-level support.
// cybersecurity
Cybersecurity
Practical, right-sized security programs: cloud security, identity & access management, endpoint protection, incident response, and SOC-style monitoring.
// compliance-grc
Security Compliance & GRC
SOC 2, ISO 27001, HIPAA/GDPR/CCPA-aligned programs, audit readiness, and policy and risk management — the part that unblocks deals.
$ cat about.md
I specialize in building and running cybersecurity programs — cloud security, data security governance, endpoint protection, identity & access management, incident response, network security, risk management, and SOC operations. I've done this across security, fintech, ad-tech, legal, and e-commerce, which means I've seen how the same control looks different depending on who's asking (an auditor, an investor, or a customer's security questionnaire).
Before specializing, I spent over a decade in IT and security more broadly, which is part of why I don't treat security as a bolt-on: it has to work with the infrastructure you actually have.
On the compliance side, I read the regulations (GDPR, CCPA, HIPAA) so you don't have to, and translate them into frameworks that hold up — NIST, COBIT, FedRAMP, SOC 2, PCI DSS, and ISO 27001. The goal isn't a binder on a shelf; it's a program that passes audits and doesn't slow the business down.
$ contact --start
Tell me about what you're working on.