Services

Useful when the system is messier than the diagram and the next step needs to become concrete.

Where I can help

Scoped consulting, review, and build work. Good fit depends on the problem, conflict checks, and whether the output can be made useful.

cloud-security-reality-check

Cloud security reality check

A practical review of account structure, network paths, IAM blast radius, logging, detection, migration guardrails, and rollback paths.

cloud-heavy teamscloud migrationsecurity architectureregulated environments

Outputs:

prioritized findings with risk, evidence, and concrete remediation steps
target-state notes for boundaries, logs, rollback, and ownership
quick-win backlog for the first 30 days
plain-language summary that avoids false precision

Relevant evidence: Hands-on work around cloud networking, managed services, migrations, account structure, and security operations; biased toward evidence, blast-radius reduction, and systems a team can maintain.

bounded-agent-integration

Bounded agent integration

Design and build an MCP or agent-facing integration with read-only defaults, clear tool scope, authentication handling, pagination, rate limits, tests, and handoff notes.

security vendorsinternal platform teamsSOC automationAI-assisted operations

Outputs:

working MCP server or integration with explicit tool schemas
authentication and token lifecycle handling
tests, linting, typing, and deployment notes
agent-facing documentation and example prompts

Relevant evidence: Released Cisco FMC MCP Server with token lifecycle handling, rate limiting, transparent pagination, read-only design, pytest, mypy, and ruff.

governed-ai-workflow-plan

Governed AI workflow plan

Turn a proposed AI workflow into an implementable design with identity, tool boundaries, review loops, evidence, fallback paths, and explicit non-goals.

LLM pilotsenterprise AI enablementrisk reviewsagentic workflows

Outputs:

workflow architecture with trust boundaries and tool permissions
control checklist mapped to operational risks
prototype or implementation plan where useful
acceptance tests for safe behavior and handoff

Relevant evidence: MÆI/Smactorio work applies control thinking, external review, and task-scoped tool use to real agent workflows.

security-automation-guardrails

Security automation and migration guardrails

Build or review automation that turns cloud-security decisions into repeatable checks, runbooks, scripts, Terraform patterns, or operational dashboards.

platform engineeringsecurity operationscloud migrationlean teams

Outputs:

automation backlog split by risk and execution cost
scripts or infrastructure patterns for high-value controls
operational runbook with validation steps
handoff notes for the owning team

Relevant evidence: Repeated work converting ambiguous constraints into scripts, runbooks, dashboards, migration notes, and operating patterns.

architecture-reality-check

Architecture reality check

A direct review of a cloud, security, AI, or infrastructure decision when the system is messy and the cost of being wrong is not theoretical.

founderstechnical teamsarchitecture decisionspre-build validation

Outputs:

decision memo with tradeoffs and recommendation
risk register for the architecture or plan
sequenced implementation path
questions your team should answer before spending more money

Relevant evidence: Useful when identity, network paths, logs, state, fallback behavior, and human handoff matter more than a framework deck.

Where I can help

Cloud security reality check

Bounded agent integration

Governed AI workflow plan

Security automation and migration guardrails

Architecture reality check

Good fit / bad fit

Good fit

Bad fit