Consulting

You're a web-based software founder looking to ensure your application is as secure as expected—ideally without slowing down development.

You've been able to manage the details of your security program so far, but your engineering team is growing and your infrastructure is getting more complex.

You take security very seriously and understand the importance of putting the right systems in place.

You believe in holding yourself to a high security standard but you also have other priorities, like shipping a product and meeting your goals.

What if you could hire an independent advisor to help you with the strategy and planning of your security practices, so you can focus on building your product, knowing that security is taken care of?

Does any of this sound like you?

  1. You are growing, hiring, and building quickly but you want to do things right the first time.
  2. You have strong technical people on your team but the person who is dedicated to security processes has many other responsibilities, or they don't have experience managing a security program.
  3. You want to empower your team to do their best work in an efficient yet secure manner.
  4. You're currently treating security initiatives as one-off projects—like audits or fixes—and not yet as an ongoing process that is part of everything you do.
  5. You have no measurable way to assess how much total cyber risk you currently have and the potential impact on your business.

What if you could...

  1. Have someone on your team who is a dedicated expert to advise you on what, when, and how to resource your information security efforts.
  2. Have confidence that your company is staying on top of the latest security threats, vulnerabilities and events that could impact your business.
  3. Scale cybersecurity within your organization as you grow, baking security in the DNA of your team.
  4. Have an easy way to track progress, develop an informed cybersecurity roadmap and establish priorities.
  5. Forecast realistic timelines and costs for improvement projects.
  6. Have a continuous and accurate picture of your security posture.
  7. Always have up to date documentation of your security practices and standards.

My process

I use a structured approach that will walk you through the factors involved in making informed cybersecurity decisions. I help you implement strategies that are aligned with your mission, so that security can get out of the way and enable your business to meet its goals securely.

As an independent advisor, I don’t sell security products, equipment, or implementation. This allows me to give you advice that is always neutral and aligned with your best interests.

Instead, I help you:

  • Inventory the assets that you want to protect.
  • Assess threats and vulnerabilities.
  • Identify improvements that will save you time and money.
  • Build systems and processes that make sure you meet the expected security standards within a reasonable budget.
  • Hire the right contractors to augment your team when needed.
  • Architect systems using security by design (and document them).
  • Implement feedback mechanisms so that you can trust but verify.

What you get

We review every aspect of the security of your people, product, & operations. I suggest potential strategies and we decide together on the best course of action for you to implement.

  • Weekly 1:1 advisory calls
  • Monthly KPI review calls to discuss progress and results.
  • Private access to me for you and your team leads.
  • Structured guidance to help you implement your security program.
  • A chance to influence the direction of my security research.
  • Full access to my library of tools, frameworks, standards, baselines, and SOP templates.

Who I've worked with

My previous clients include DeFi, Fintech, and technology firms such as:

  • A financial advisor mobile app with a $60M exit
  • An innovative ad exchange with a successful exit
  • A leading Canadian crypto exchange
  • A top 10 market cap stablecoin project
  • An established Canadian cybersecurity company
  • A global (23 countries) education network

Pricing

Monthly retainers start at CA$10K per month, adjusting for scope and program maturity.

Fees are prepaid and non-refundable, sent with the materials that I'll request. Payments can be made via credit card, BTC, or ETH.

Testimonials

Jonathan is brilliant in a particular way I notice: He can take complex knowledge and break it down into simple, understandable language. He simplifies complexity and complexifies simplicity, wherever the natural direction is for knowledge to become more 'known', alive, shared. He listens with this skill as well, which makes him able to focus and expand people simultaneously. It's a beautiful gift.

Anybody can claim to be solution oriented, resourceful or creative. However, it doesn't mean much if you don't "get it" first. Getting it means having the curiosity to understand the industry, the clients, the technology, the risks, the deadlines, etc. This is a necessity before channeling your thoughts and actions toward a greater outcome.

Already in our first meetings, you can see the gears spinning in his mind. That's how you know someone is invested, that they are thinking instead of spitting out the latest buzzwords. It is such a relief to work with the kind of person you can rely on . This is the very basis of building a trust relationship.

To put it in simple words, well, Jonathan, he "gets it".

Schedule a free conversation

Do you think this might be right for you?

Let's talk.

Choose a time and we can discuss your situation in more detail.