Services
Fractional CISO and Board Advisory
Enabling secure, scalable engineering at executive level
I partner with CISOs, executive teams, and boards to manage cyber risk without slowing delivery. Working at the intersection of security leadership, engineering, and business strategy, I provide senior security judgement without the overhead of a full-time executive.
My award-winning work in secure software delivery and DevSecOps helps organizations reduce material risk, improve assurance, and align security and engineering at scale.
Fractional CISO support
I provide hands-on leadership, strategic oversight, and executive-level assurance, typically through retained engagements tailored to organizational maturity and risk profile.
- CISO cover or augmentation
- Security strategy aligned to business objectives
- Secure SDLC and product security leadership
- Board-level risk communication
- DevSecOps and Secure SDLC transformation oversight
- Regulatory and customer assurance
- Coaching and mentoring of security leaders
This model is well suited to scale-ups, PE-backed organizations, and regulated environments.
Board and executive advisory
I advise boards and executive teams on material cyber risk, translating technical complexity into clear, actionable insight.
- Board-level cyber risk reporting
- Independent security posture and maturity assessments
- Investment prioritization and budget justification
- Incident readiness and executive response coaching
- Alignment across security, engineering, and leadership
Secure SDLC and DevSecOps advisory
- Secure SDLC maturity assessments (BSIMM, SAMM, NIST SDF)
- DevSecOps strategy and roadmap development
- ISO 27001 advisory for system development
- Security tooling and vendor selection
- Customer product security RFIs and mediation
- DevSecOps talent and leadership development
Speaking and executive workshops
I speak regularly at security and technology conferences and deliver private executive and board-level workshops on cyber risk, security leadership, and organizational change. Sessions can be delivered virtually or onsite. Travel time and expenses are billed separately.
Security tooling and product advisory
Independent, senior-level feedback for security vendors and product teams, focused on developer experience, adoption, and real-world security impact.
Fees
| Engagement type | Cost |
|---|---|
| Initial 30-minute consultation | Free |
| Hourly advisory | £350 |
| Fractional CISO day rate | £1000 |
| 40–60 minute executive or board session plus Q&A | £850 plus travel and expenses |
All prices are subject to VAT. Retained and fractional engagements are scoped separately.
Who this is for
CISOs, executive teams, and boards seeking pragmatic, senior security leadership focused on real business outcomes.