Security engineering
Architecture review, control implementation, and infrastructure-as-code contributions for the systems your customers depend on. We build to your stack and your repository, not ours.
- Cadence
- Four- to twelve-week project engagements
- Deliverables
- Architecture review, IaC pull requests, secure-by-default templates, on-call runbooks, ADRs
- Scope
- Specified systems and integrations, agreed in writing before the engagement starts
- Engagement model
- Discovery → scope → engagement → reporting → remediation
- Pricing
- Time and materials, weekly burn-down report
- Code quality
- PRs against your repos; review process is whatever you already use
What this service is
We are practitioners, not advisors. The deliverables of a security engineering engagement include code: pull requests against your infrastructure repository, hardening for your CI pipelines, terraform modules for the controls you have decided to standardise. The architectural review and the runbook are part of the deliverable, but they are not the whole of it. We build what we recommend.
What this service is not
We do not write reports designed to be filed. We do not produce deliverables that exist only as PDFs. We do not subcontract to junior staff and review their work as a check-the-box; the engineer named in the statement of work is the engineer who does the work.
Reference engagements
Detection-pipeline rebuild for a regional bank’s payment-clearing infrastructure. Cloud-architecture review and remediation for a European fintech ahead of a regulatory inspection. SBOM tooling and supply-chain controls for a wallet provider. Specifics are confidential and shared on request, with the customer’s permission, after a mutual NDA.
Get in touch about security engineering
Engagement starts with a short discovery call. We respond to all inbound within five working days. Encrypt sensitive details with our PGP key.