I've spent a career investigating cyber crime and teaching the next generation of InfoSec pros. For consulting clients, that means deep technical expertise delivered in plain English — I assess, fix, and teach, so the improvement actually sticks after I'm gone.
No mystery, no endless retainers you can't measure. Every engagement follows the same clear arc.
A free 20-minute call to understand your environment, risks, and what "done" looks like for you.
Hands-on review — scans, config audits, attack simulation — to find what actually matters.
A prioritized, plain-English remediation plan. I can advise, or roll up my sleeves and help implement.
I leave your team able to maintain the fix — runbooks, training, and the "why" behind every change.
Pick a single engagement or combine them. Everything is scoped to your size and budget.
A full picture of where you stand: vulnerability scanning, configuration review, and a ranked, plain-English report your team can act on without a translator.
Real-world attack simulation against your apps and network — the same techniques I teach in my graduate pen-testing course — paired with a remediation roadmap.
Something happened? Forensic analysis, containment, and recovery guidance from a court-experienced examiner. Calm, methodical, and documented for whoever needs it next. See a sample runbook →
Hands-on workshops and security-awareness sessions tailored to your stack and your humans. The engaging kind people actually remember — phishing sims, live demos, real stories.
Stand up or level-up your support desk: tooling selection, runbooks, and ticket-triage processes that scale with you instead of breaking under you.
Indicative starting points — every engagement is quoted after a free scoping call. Placeholders; set your own rates.
Real security maturity without the cost of a full-time team. I plug the gaps and train your people.
Protecting student data and aging infrastructure on an education budget, from someone who teaches in one.
A senior security brain on call when a client engagement needs expertise you don't keep in-house.
A free 20-minute scoping call. We'll talk through your environment and goals, and I'll tell you honestly whether I'm the right fit — and what the smallest high-impact engagement looks like.
Yes. Most assessments and advisory work happen remotely. I'm based in Florida and travel for on-site training days and incident response when it's warranted.
I hold industry certifications and teach certification courses (CompTIA A+, Security+, and more) at the college level. Specifics and credentials available on request.
From solo practices to mid-size organizations. If you're large enough to have a mature security team already, I'm probably not your best value — and I'll tell you so.
Start with a free, no-pressure scoping call. Worst case, you walk away with a clearer picture of your risks.
Book a consult →