Compliance

I support teams as they implement compliance programs—turning SOC 2, ITAR, and CMMC requirements into practical processes that fit how engineering actually works.

SOC 2 Type 2

ITAR

CMMC readiness

How I Help

Readiness scans, gap analyses, and pragmatic roadmaps
Policy/evidence frameworks that don’t slow delivery
Vendor assessments and secure supplier practices

Selected Work

Amazon Project Kuiper — third‑party security assessments at scale
Duro — SOC 2 Type 2; CMMC readiness on AWS GovCloud

Ready to talk?

Quick intro calls are the fastest way to see if I can help. No pitch decks.

Book a quick intro