Your startup has real security challenges. You need a CISO — but not a full-time one. You get the strategic thinking, without the salary and the overhead.
Your company is handling sensitive customer data. You're chasing ISO 27001 or SOC 2. The security checklist is growing faster than your team can handle. But you can't justify £200k+ for a full-time CISO.
I work as your virtual CISO. I build your security programme, guide your team, and get you compliance-ready — without the enterprise price tag.
Build a security roadmap that actually fits your stage — not a Fortune 500 framework scaled down.
ISO 27001, SOC 2, GDPR, UK Cyber Essentials. Get audit-ready without the consultant markup.
Tool decisions, supplier security assessments, contract review. Make informed choices without the guesswork.
When something goes wrong — and it will — you have a plan and someone to call.
Train your dev and product teams to think security without boring them to tears.
Translate security risk into business language. Get the budget you actually need.
Series A to pre-IPO. 20 to 500 people. UK or EU regulated industries — fintech, health, legal, professional services. Companies that have real compliance obligations but don't need (or can't afford) a full security team.
Billed monthly. You have security leadership on demand — strategy sessions, vendor calls, incident response, board prep.
Direct line to a senior CISO. Not a junior consultant. Not a vCISO marketplace. Me.