Security gets easier when you keep it simple

You're a web3 or fintech founder looking to ensure your application is as secure as expected—ideally without slowing down development.

You've been able to manage the details of your security program so far, but your engineering team is growing and your infrastructure is getting more complex.

You take security very seriously and understand the importance of putting the right systems in place.

You believe in holding yourself to a high security standard but you have other priorities, like shipping features and meeting KPIs.

What if you could hire an independent advisor to help you with the strategy, planning, and oversight of your security practices so you can focus on building your product and growing your business?

Does any of this sound like you?

  1. You are growing, hiring, and building at the fastest speed possible.
  2. You have strong technical people on your team but lack a person who specializes in security processes.
  3. You hire developers of varying degrees of seniority and you want to empower them to do their best work in an efficient yet secure manner.
  4. You’re currently treating security initiatives as one-offprojects—like audits or fixes—and not an ongoing process that is part of everything you do.
  5. You have no measurable way to assess how much total cyber risk you currently have.

What if you could...

  1. Have someone on your team you can trust to advise you on what, when, and how to resource your information security efforts.
  2. Know that your company is staying on top of the latest security threats, vulnerabilities and events that could impact your business.
  3. Scale cybersecurity within your organization as you grow—not as an afterthought to be fixed later on.
  4. Have an easy way to track progress and develop an informed cybersecurity roadmap
  5. Forecast realistic costs for improvement projects.
  6. Have a continuous, accurate picture of your security posture.
  7. Always have up to date documentation of your security practices and standards.

My process

I use a structured approach that will walk you through the factors involved in making informed cybersecurity decisions. I help you implement strategies that are aligned with your firm’s mission, so that security can get out of the way and enable the business to meet its goals securely.

I don’t sell security products, equipment or implementation services. This allows me to give you advice that is always in your best interest.

Instead, I help you:

  • Inventory what you want to protect.
  • Assess threats and vulnerabilities.
  • Build systems and processes that make sure you meet the expected security standards within a reasonable budget.
  • Hire the right people to perform regular security audits.
  • Architect systems using security by design (and document them).
  • Implement feedback mechanisms so that you can trust but verify.

What you get

We go together over every aspect of the security of your people, product & operations. I suggest potential security strategies and we discuss them. We make a plan. Your team executes, knowing that they can reach out to me whenever they need.

  • A weekly 1:1 advisory call
  • Private access to me for you and your team leads.
  • Structured guidance to help you implement your security program.
  • Access to my library of frameworks, standards, baselines, procedures & document templates.
  • Monthly KPI review calls to discuss progress and results.

Who I've worked with

My previous clients include technology firms such as:

  • A financial advisor app with a successful exit
  • An innovative ad exchange with a successful exit
  • A leading crypto exchange
  • A popular stablecoin
  • An established cybersecurity company
  • A global education network


Fees vary, starting at US$5,000 per month, with 3-month commitment periods. Spots are limited.

Payment terms

Prepaid and non-refundable. Via wire, ACH, credit card, BTC or ETH.


Jonathan is brilliant in a particular way I notice: He can take complex knowledge and break it down into simple, understandable language. He simplifies complexity and complexifies simplicity, wherever the natural direction is for knowledge to become more 'known', alive, shared. He listens with this skill as well, which makes him able to focus and expand people simultaneously. It's a beautiful gift.

Anybody can claim to be solution oriented, resourceful or creative. However, it doesn't mean much if you don't "get it" first. Getting it means having the curiosity to understand the industry, the clients, the technology, the risks, the deadlines, etc. This is a necessity before channeling your thoughts and actions toward a greater outcome.

Already in our first meetings, you can see the gears spinning in his mind. That's how you know someone is invested, that they are thinking instead of spitting out the latest buzzwords. It is such a relief to work with the kind of people you can rely on. This is the very basis of building a trust relationship.

To put it in simple words, well, Jonathan, he "gets it".

Book a free conversation

Do you think this might be right for you?

Let’s talk.

Choose a time to discuss your situation in more detail.