Security expertise for the modern threat landscape. I protect what matters most — your infrastructure, your data, your reputation.
View ServicesPurpose-built security for Amazon Web Services — the cloud side of your hybrid estate. I harden AWS accounts with IAM least-privilege policies, GuardDuty tuning, and Security Hub configuration, ensuring your cloud perimeter is as solid as your on-premises one. AWS findings and logs are integrated into the centralised SIEM, providing unified threat visibility across cloud and on-premises environments. Remediation and posture management are backed by Terraform for infrastructure-as-code and Python scripts for automation.
Workloads don't care whether they run in AWS or on a datacenter rack — and neither does my approach. I apply OS hardening, CIS benchmarks, and runtime threat detection consistently across cloud and on-premises Linux hosts, container runtimes, and Kubernetes clusters — with service mesh security via Istio, network policy enforcement through Calico, and policy-as-code using OPA.
I design and implement ISO 27001 and PCI DSS controls that span your full hybrid environment — not just the cloud-facing parts. Whether your assets sit in AWS or inside a datacenter, every control is mapped, evidenced, and audit-ready from day one.
Drawing on hands-on datacenter experience with VMware, Hyper-V, and Nutanix HCI, I cover virtual machine security, runtime security, hypervisor hardening, micro-segmentation, east-west traffic controls, and secure connectivity between on-premises environments and AWS.