site-url-qr-code

Learn More About Me

Certified Cloud Security Professional (CCSP) & AWS Solutions Architect

Cloud security specialist for regulated industries

Empowering Your Business with Tailored IT Consulting in Cloud and Cybersecurity

Upholding Ethics and Integrity in Technology: A Commitment to Moral Values

👉 Book Free Discovery Call


I help CTOs and security teams harden AWS, reduce cloud risk, and cut costs by 20-40%.

đź”’ Why work with me?

Hands-on AWS security expert (CCSP + 7+ years). Skip big-firm overhead:

  • No bureaucracy or management layers
  • Direct expertise, no overhead costs
  • Flexible, outcome-focused engagements

Real Results for Cloud Security Teams

Proven outcomes from enterprise-scale cloud security projects

PCI Compliance Achieved

Led PCI-DSS compliance program for high-volume payments platform, implementing controls and monitoring that maintained continuous compliance through multiple audits.

50K+ Account IAM Migration

Engineered custom migration tools that transferred 50,000+ user accounts to new SaaS IAM platform in production environment—completed under aggressive timeline with zero downtime.

Proactive Error Detection

Built real-time alerting system on new SaaS IAM platform to automatically detect and prioritize missing/problematic accounts, reducing manual remediation by 70%.

SOC 2 Controls Designed

Authored and proposed targeted SOC 2 controls addressing critical gaps in access management and monitoring, adopted into compliance roadmap.

API Key Risk Reduction

Implemented automated API key governance reducing unauthorized access risk across 200+ services—cut exposure surface by 85%.

Book Free Discovery Call → See Your Risk Reduction Path

The examples and results described on this site are illustrative and based on past client projects. They do not guarantee identical outcomes for future engagements. All security and compliance advice is provided on an advisory basis only and does not replace formal legal counsel.

Lengthy, Painful Access Audits

Problem

Security teams waste hours collecting evidence on provisioning/de-provisioning permissions and justifying PAM actions—especially for privileged accounts—leading to compliance delays and breach risks.

Solution

Shift from Discretionary Access Control (DAC) to Role-Based Access Control (RBAC) with structured logging. Initial effort yields massive long-term savings (e.g., 50% audit time) and prevents breaches via automated justification reports.

Skyrocketing AWS Bills from 24/7 Compute

Problem

Unpredictable transaction volumes tempt over-provisioning EC2 instances that run 24/7, inflating costs far beyond ROI—while still risking crashes from sudden spikes.

Solution

Migrate to serverless (Lambda/Fargate) for on-demand scaling during peaks. Collect usage data in parallel to forecast patterns, then optimize for 30-50% further savings without downtime.

Multi-Jurisdiction Compliance Nightmares

Problem

Software-level granularity fails when regulations (e.g., GDPR) demand data residency in specific jurisdictions, causing scalability issues, high costs, and dev team overload.

Solution

Architect via Availability Zones grouped by rules (e.g., EU-only zones). Build jurisdiction-agnostic apps with infrastructure-level controls—no code changes needed per region.

Services

Focused cloud security and migration services for teams that need stronger AWS security, lower risk, and better architectural decisions.

Cloud Security Audit

10-day review of IAM, storage, and threat detection controls with written findings and a practical remediation roadmap.

From USD 5,000

Secure Cloud Data Migration

Secure migration of business data to AWS or multi-cloud environments with planning, encryption, integrity checks, validation, and cutover support.

From USD 7,500

Cloud Architecture & Design Review

Review and design of secure, scalable AWS architecture covering networking, IAM, data, resiliency, and cost optimization.

From USD 7,000

Compliance Readiness Assessment

Cloud compliance review for SOC 2, ISO 27001, GDPR, and similar frameworks, with gap analysis and prioritized next steps.

From USD 8,000

Book Free Discovery Call

Free Quick Self Assessments

👉 📋 Cloud Security Quick Assessment
👉 📋 Compliance Readiness Assessment
👉 📋 90 Days security Roadmap
👉 🤖 AI Security & Governance Quick Assessment
👉 ⚛️ Quantum Computing Readiness

Prices

Service Details Price (USD)
Initial Discovery Call 30-minute qualification call to assess fit and requirements Free
Cloud Security Audit IAM, storage, and threat detection review with written findings report From USD 5,000
Cloud Architecture & Design Review Review and design of secure, scalable AWS architecture (networking, IAM, data, resiliency, cost), with diagrams and implementation recommendations From USD 7,000
Secure Cloud Data Migration Planning and execution of secure data migration to AWS or multi-cloud environments, including access controls, encryption, integrity checks, and cutover support. From USD 7,500
Compliance Readiness Assessment SOC 2 / ISO 27001 / GDPR cloud compliance review From USD 8,000
End-to-End Cloud Security Programme Audit + fixes + 90-day hardening roadmap From USD 15,000
Monthly Cloud Security Advisory Retainer Ongoing advisory and monitoring, up to 20 hrs/month From USD 3,000/month

Certified By

How does it work?

Flexible payments: Escrow, Wise, invoice (net-30), or bank wire

Escrow: Secure milestones—funds held until approved (most popular).
Fast/low‑cost: Wise transfers.
Established firms: Net-30 invoicing available.

All covered by Hiscox Professional Indemnity insurance (ÂŁ2M).

What is escrow and how does it work?
Escrow is a secure payment method where the client funds a project in advance, but the money is held by a third party until agreed-upon milestones or the final project is completed. This ensures both parties are protected: the client is assured the work will be done before payment is released, and the freelancer is assured they will be paid once the work is completed to satisfaction.
What happens if there is a dispute over the work completed?
If a dispute arises, both the client and the freelancer can present their case to the escrow service or a neutral mediator (if applicable). The funds will be held in escrow until the issue is resolved, ensuring fair treatment for both sides. We will aim for clear communication and regular updates to avoid misunderstandings and resolve issues quickly.
How do we ensure the project is completed on time?
We agree on clear project milestones and deadlines before starting the work. Regular progress updates will be shared throughout the development process, and if any delays are anticipated, I’ll notify you well in advance. This keeps the project on track and allows for adjustments if needed.
What happens if the project requirements change mid-way?
If the scope of the project changes, I will provide an updated estimate of the time and cost required. We can amend the project milestones accordingly. Any new requirements will be added to the escrow agreement to ensure clarity on both sides.
How do you ensure the quality of the work?
We ensure quality through rigorous processes, peer reviews, compliance checklists, and client feedback loops. Every deliverable passes a final quality gate before handover.
What happens if the project takes longer than expected?
We will set realistic timelines and define project milestones upfront. If any delays are foreseen, I will communicate this immediately and work with you to adjust timelines or expectations. If the delay is caused by me, I’ll make it a priority to complete the work as soon as possible.
How do you handle intellectual property and confidentiality?
I respect your privacy and the confidentiality of your project. Any intellectual property (IP) created during the course of our collaboration will be transferred to you once the project is complete and payment has been made. I’m happy to sign an NDA (Non-Disclosure Agreement) if necessary.
How do you charge for the project?
Prices are mentioned above in the prices section. We could agree on payments released through escrow as key deliverables are completed.
Do you offer support after the project is completed?
Yes, I offer post-project support. Ongoing support can be arranged on a retainer basis or as an hourly rate for any additional work that arises after the project is finished.
How do we communicate during the project?
I prefer to maintain open lines of communication through your preferred channels, whether that's email, Slack, or project management tools like Trello or Jira. I ensure timely responses to any inquiries or feedback. Regular check-ins and progress reports can be scheduled to keep you updated.
What if I’m not satisfied with the work?
Your satisfaction is my priority. If you're not happy with the work at any point, we can discuss your concerns, make revisions, or clarify any misunderstandings. If the issue cannot be resolved, funds in escrow will be returned to you (as per the agreement terms), ensuring fair treatment for both sides.
Are your services insured?
Yes, all services are covered by Professional Indemnity (PI) insurance with Hiscox, up to ÂŁ2M GBP. This protects against cyber incidents resulting from errors or omissions.
Can I terminate the project early?
Yes, if you need to terminate the project early, we can do so. However, any completed work will be delivered, and payment will be made for the milestones that have been met. If the termination is due to non-performance or issues on my end, we can discuss a fair resolution through the escrow process.
Do you work with clients in different time zones?
Yes, I am flexible and can accommodate different time zones. I strive to maintain clear communication and will adjust my working hours to ensure that deadlines and milestones are met.

Socials

Subscribe to my newsletter to receive updates, trends, tips, and hints from the experts.

For general inquiries or a booking a free discovery call