Consulting

Virtual CISO

The Problem

Your startup has root access to AWS and super admin on Google Workspace. If all your internal admins are compromised, collude, or simply aren't available, you're locked out of your own infrastructure.

At 1-10 people, you don't need a full-time CISO. But you do need someone trusted holding the keys - someone independent from your internal team who can recover your accounts when things go wrong.

Third-Party Break-Glass Admin

I provide external credential custody and break-glass recovery services for early-stage startups. Think of it as insurance - you're paying for peace of mind and expertise, not hours.

AWS Root Credential Custody

Root credentials stored in shared 1Password vault with hardware MFA. Independent from your Identity Center - I can recover your account if all internal admins are compromised.

Google Workspace Super Admin

Break-glass admin account with vault-stored credentials. Recovery path independent of your internal team. Clear separation of day-to-day admin vs. emergency access.

Quarterly Security Reviews

Verify break-glass access still works. Review who has admin access. Quick security posture check. 30-60 minutes, four times a year.

Emergency Response

Account lockout recovery. Rogue employee scenarios. Credential compromise response. This is what you're really paying for.

Why Me

25+ years in infrastructure and security. First external S3 ops hire at Amazon. Founded Uber's first Seattle SRE team. Led pre-IPO infrastructure at Twitter. I've seen what happens when access controls fail at scale.

Government security background: Built secure platforms for Department of Energy at Honeywell FM&T. FIPS-140 compliance, PKI infrastructure, Sandia National Labs. Six Sigma Green Belt certified.

Currently a founding engineer at Tensor9, building air-gapped deployment infrastructure. I understand both the technical and compliance sides of cloud security.

Engagement

$5,000/month

Monthly retainer, month-to-month

  • + AWS and Google Workspace credential custody
  • + Quarterly access verification and security review
  • + Emergency response (24hr SLA)
  • + Initial setup and configuration

Get Started

30-minute intro call to discuss your setup and requirements.

Schedule a Call Download Resume

Ideal For

  • Seed to Series A startups
  • Teams of 1-50 people
  • AWS or GCP infrastructure
  • Google Workspace or Microsoft 365

Not Included

  • Day-to-day administration
  • User provisioning
  • SOC 2 compliance projects
  • Penetration testing

Security Background

  • Department of Energy
  • Sandia National Labs
  • FIPS-140 / PKI
  • Six Sigma Green Belt

Experience

  • Amazon / AWS (8 years)
  • Uber (Pre-IPO)
  • Twitter (Pre-IPO)
  • Meta