Consulting

Having worked with major public and private organisations across the globe, I deliver security solutions that are both rigorous and business-aligned. These include:

Secure design

• Architecture and code reviews;
• SDLC (Secure Development Lifecycle) implementation and review;
• Developer security training and workshops;
• SBOM (Software Bill of Materials) analysis;
• Supply chain risk analysis and mitigation;
• Post-quantum cryptography migration support;
• Custom security tool development.

Incident response

• Incident response planning (NIST SP 800-61 R3);
• Incident resolution and forensic analysis;
• Post-incident reviews and root cause analysis;
• Threat modelling and mapping (MITRE ATT&CK®/Unified Kill Chain).

Compliance and governance

• NIST CSF 2.0 gap assessments;
• NCSC CAF maturity assessments;
• ISO 27001 and GDPR compliance support;
• UK Cyber Essentials certification support;
• Secure by Design planning;
• Security policy development and documentation.

To learn more about these services, please get in touch.