Consulting / Custom projects
We scope and deliver custom IT projects across identity, security, network, automation, and integration — anywhere a Pro2 or Pro3 Master engineer adds the depth your team needs. Quoted per scope, signed off before any work begins.
Patterns we deliver often
End-to-end SOC 2 evidence preparation: control inventory, policy templates, access reviews, vendor risk, audit-log baselines, evidence packets. We work directly with your auditor + Vanta / Drata / Tugboat or equivalent.
Pro2 lead · Pro3 Master review · 6 – 12 weeks · fixed-fee after Discovery
Tenant-wide identity hardening: privileged-role audit + Just-In-Time access, conditional access policy design, MFA enforcement, legacy-auth shutoff, sign-in risk policies, app-consent governance.
Pro2 / Pro3 Master · 2 – 6 weeks · fixed-fee
Replace VPN with identity-aware access: app catalog, access policies, device posture, browser-isolation, gateway DNS filtering, optional Tunnels for self-hosted apps.
Pro2 / Pro3 Master · 4 – 12 weeks · fixed-fee or T&M
Tenant audit + remediation: identity hardening, SharePoint sharing surface, mail-flow rules, Teams policy, Defender configuration, audit-log retention. Often a precursor to SOC 2.
Pro2 lead · 3 – 8 weeks · fixed-fee
Technology side of M&A diligence: tenant inventory, security posture, license stack, contract review, integration risk, day-1 / day-90 / day-365 plan. Confidential, fast, written.
Pro3 Master · 1 – 3 weeks · fixed-fee
Office network redesign — switching, Wi-Fi, segmentation, firewall, VPN-replacement strategy, ISP redundancy. Documented diagrams and a phased implementation plan you keep.
Pro2 lead · Pro3 Master architecture review · 2 – 6 weeks · fixed-fee
Integrate two business systems that should be talking — CRM ↔ billing, identity ↔ HR, support ↔ engineering. Built on standard tooling (Workato, Zapier, native APIs) with documentation that survives the engagement.
Pro2 lead · 2 – 8 weeks · fixed-fee or T&M
Sit opposite the underwriter on your behalf to defend the renewal posture. Translate your security controls into the language the underwriter scores against. Recommend remediation that materially moves the rate.
Pro3 Master · 1 – 3 weeks · fixed-fee
Education
What you are trying to accomplish (the outcome, not the technology). What you have tried so far. What is at stake (timing, dollars, audit, customer commitment). Who the internal owner is. The rest we will uncover in Discovery.
Arrive without a perfect requirements document, a pre-selected vendor, or a pre-decided architecture. We will do the discovery work. If you bring a pre-decided architecture, we will review it on its merits and tell you what we find.
Fixed-fee where the scope is clear after Discovery and the variance is on us. T&M where scope intentionally evolves through execution (research, R&D-style work, the first roll of a pattern we will iterate together). Discovery's deliverable always says which shape we recommend and why.
When the work is outside our depth — bare-metal hardware engineering, custom on-prem infrastructure design, anything where we would be learning on your time. We will tell you this on the Discovery call, and where we can, we will point you to a partner who is the right fit.
One conversation, one written plan within five business days. No commitment to engage.