Embedded Files
Security Leadership (vCISO & Advisory)
Security Leadership (vCISO & Advisory)
I support CISOs, IT Directors and boards in defining security strategy, governance structures and clear decision processes. My work strengthens ownership, reduces ambiguity and helps organisations move away from reactive security toward stable, predictable execution.
This service is ideal for companies that need senior cyber guidance — without hiring a full-time CISO or engaging in operational firefighting.
• Security operating model design
• Governance, KPIs and risk reporting
• NIS2, ISO 27001 & NIST CSF alignment
• Policy & standard frameworks
• Executive-level architecture & risk advisory
• Interim / fractional CISO support
• Board- and steering-committee communication
Enterprise Security Architecture
Enterprise Security Architecture
I design cloud and hybrid architectures that reduce complexity and support long-term security maturity. I focus on identity, access governance, network segmentation, Zero Trust principles and Azure security baselines — all grounded in realistic business constraints.
• Azure governance & landing zone architecture
• Hybrid identity design (AD · Entra ID)
• Network segmentation & Zero Trust
• Privileged access patterns
• Secure access for IT, OT and remote environments
• Architecture review workshops & documentation
• Security patterns & reference architectures
Identity Architecture
Identity Architecture
• AD & Azure AD / Entra ID
• Hybrid identity hardening
• MFA, SSO, Conditional Access
• Role & group strategy
• Automation & PowerShell governance
Privileged Access (PAM)
Privileged Access (PAM)
• CyberArk / BeyondTrust patterns
• Tier 0–2 model & admin separation
• PIM design & approval flows
• Break-glass strategy
• Secure workstation models (PAWs)
Identity Governance (IGA)
Identity Governance (IGA)
• Joiner–Mover–Leaver (JML) frameworks
• Access reviews & separation of duties
• Application onboarding standards
• Role mining & least-privilege models
• Identity lifecycle documentation
Cyber Risk & Compliance
Cyber Risk & Compliance
I help organisations assess security risk in a way that is clear, quantifiable and tied to business priorities. My work spans enterprise risk assessments, audit uplift, M&A reviews and regulatory alignment with ISO 27001, NIST CSF, CIS Controls and NIS2.
• Cloud & identity risk assessments
• ISO 27001 / NIST / NIS2 alignment
• Control mapping & audit preparation
• Policy & SOP development
• Vendor & SaaS security assessments
• M&A cyber due diligence
• Risk register & decision frameworks
OT / ICS Secure Remote Access
OT / ICS Secure Remote Access
For industrial clients, I deliver practical secure remote access designs aligned with Purdue, IEC 62443 and Zero Trust principles — improving safety and operational resilience without disrupting production.
• Access segmentation and RBAC
• Secure remote maintenance workflows
• Citrix/VDI review for OT/SCADA
• Monitoring, logging & alerting strategy
• Identity patterns for operators and vendors
How I Work
How I Work
• Clear scope and ownership
• Low bureaucracy, high structure
• Architecture-led problem solving
• Minimal politics
• Transparent communication
• Documentation that survives beyond the project
Engagement Options
Engagement Options
• Contract roles (B2B)
• Part-time vCISO
• Architecture advisory
• Short-term reviews
• Long-term transformation support
• Workshops & playbooks
Need support with architecture, IAM or cyber risk?
Need support with architecture, IAM or cyber risk?
I’m available for contract roles, advisory projects and transformation leadership.
I’m available for contract roles, advisory projects and transformation leadership.
Page updated
Google Sites
Report abuse