Security Reviews
A thorough assessment of your AWS environment against security best practices. You'll get clear priorities and actionable recommendations — not a 100-page report that sits in a drawer.
Independent Cloud Security Specialist
AWS Cloud Security Done Right
I help fast-growing companies secure their AWS environments — with practical solutions, not expensive reports.
25+
years in software
5+
years cloud security
AWS
Security Certified
About Me
I've spent over 25 years building software — from desktop applications to distributed cloud systems. For the past five years, my focus has shifted to what keeps those systems safe: cloud security, application security, and helping teams avoid the pitfalls that come with rapid growth.
As a security lead and staff engineer, I've worked at the intersection of development and security. I know what it's like to ship features under pressure, and I understand why security often takes a back seat. That experience shapes how I work today: pragmatic, collaborative, and focused on solutions that actually get implemented.
I specialise in AWS environments, with deep experience in serverless architectures, CloudFront, S3, and IAM. Whether you need a second pair of eyes on your infrastructure or hands-on help fixing issues, I'm here to help you move forward securely — without slowing you down.
What I Offer
I focus exclusively on AWS environments. My approach is hands-on: I don't just deliver findings — I help you understand and fix them.
Architecture Assessment
Planning a new system or making significant changes? I'll review your architecture for security risks before they become expensive problems. Ideal for new projects, migrations, or major refactors.
Implementation Support
Sometimes you need more than advice. I work alongside your team to implement security controls, fix vulnerabilities, and make sure improvements actually ship.
How I Work
Every engagement is timeboxed and focused. No open-ended contracts, no surprise invoices. I offer three ways to work together, depending on what fits your situation:
Independent Review
You give me read-only access to your AWS environment. I conduct my assessment independently and deliver prioritised, actionable findings. Minimal time investment from your team — ideal when you need an outside perspective without pulling people off their work.
Pair Review
We schedule focused sessions where I work through your environment together with a senior engineer, architect, or CTO. We look at exactly where your questions and concerns are. More collaborative, and often surfaces context that a solo review would miss.
Guided Review
A hybrid approach: you walk me through your architecture and key decisions first, then I dive deep independently. Combines the context of a conversation with the thoroughness of a dedicated review.
Not sure which approach fits? Let's talk — a short conversation usually makes it clear.
Who I Work With
I work best with smaller, fast-moving teams who value direct communication over lengthy processes.
If you're building quickly with modern tools — including AI-assisted development — and want to make sure your cloud foundation is solid, we're probably a good fit. Shipping fast is great, but it's worth having someone check that the security basics aren't falling through the cracks.
I also work with companies preparing for audits, responding to security concerns from customers or investors, or simply wanting an experienced second opinion before things get more complex.
Typical situations
- Your company has grown quickly and you're not sure your AWS setup is still secure
- You're shipping fast with AI-assisted development and want a security sanity check
- You're preparing for a security audit or compliance requirement
- You've had a security scare and want to make sure it doesn't happen again
- You want an experienced second opinion on your cloud architecture
Let's Talk
Interested in discussing how I can help? I'm happy to have a no-obligation conversation about your situation. Reach out and let's see if there's a fit.