Cloud security, firewall management, DNS, DHCP and full network infrastructure — delivered by a specialist with 6+ years of hands-on experience keeping systems resilient and organisations protected.
I'm an independent network and cloud security specialist with 6+ years of hands-on experience in routing, switching, datacentre infrastructure, cloud security, and everything in between.
From designing enterprise switching fabrics and BGP routing policies to locking down cloud environments and managing firewall rule sets — I work across the full network stack so your infrastructure is built right, secured properly, and stays running.
"Security isn't a product — it's a discipline. One that demands constant attention and zero complacency."
Every service I offer is built on real-world experience with enterprise environments. No outsourcing, no guesswork — just specialist knowledge applied with care.
Security posture management, identity & access controls, policy enforcement and compliance across AWS, Azure and GCP. Your cloud, locked down properly.
Enquire →Rule set design, ongoing management, auditing and optimisation of firewall policies. Palo Alto NGFW, Cisco FTD/FMC, Cisco ASA, Fortinet FortiGate and pfSense — I work with them all.
Enquire →Design, deployment and ongoing management of DNS and DHCP infrastructure. Reliable name resolution and IP management that quietly keeps everything connected.
Enquire →End-to-end network design, routing, switching, segmentation and VPN configuration. Built for performance, resilience and ease of management.
Enquire →SIEM monitoring, log analysis, intrusion detection and incident response. When something looks wrong, I find it — and fix it — fast.
Enquire →Independent security assessments, vulnerability reviews and remediation planning. Honest, thorough, and delivered in plain language — not just a report.
Enquire →Before cloud security, there was the network. My career is grounded in hands-on enterprise networking — the kind that lives in datacentre racks, runs across campuses, and keeps critical services reachable around the clock.
That foundation means I don't just secure networks — I understand how they work at every layer. That depth makes a real difference when diagnosing issues, designing resilient topologies, or hardening a live environment without taking services down.
BGP, OSPF and EIGRP in enterprise and service provider environments. Route policy design, traffic engineering, redundancy planning and multi-site WAN connectivity.
VLAN design, inter-VLAN routing, spanning tree optimisation, port security and 802.1X. Campus and datacentre switching with Cisco Catalyst and Nexus platforms.
Spine-leaf architecture, VxLAN/EVPN fabric design, server connectivity and east-west traffic optimisation. Physical and virtual infrastructure in enterprise datacentre environments.
No ambiguity, no jargon, no surprises. Every engagement follows a clear framework — so you always know exactly where things stand.
I start by understanding your current environment — your topology, existing tools, pain points, and security gaps. No assumptions, just an honest picture of where you are.
I map out the solution architecture, firewall rules, DNS zones, or security policy framework — documented clearly before a single change is made to your live environment.
Careful, methodical deployment with rollback procedures in place. Changes are tested, validated, and communicated to you every step of the way.
Monitoring, maintenance, and on-call support to keep your infrastructure healthy long after the initial deployment. Security is never a one-time job.
No account managers, no juniors, no outsourcing. I'm the one who scopes it, designs it, and implements it. You always know who's responsible.
6+ years working with live enterprise environments — not labs, not certifications alone. I've seen what breaks under pressure and I build to prevent it.
I translate complex infrastructure into clear decisions for you. No jargon barriers, no inflated complexity — just honest, straightforward communication.
I'm not a generalist who does a bit of everything. Cloud security, network infrastructure and firewall management are all I do — and I do them properly.
"A secure network should be
invisible to your team —
and impenetrable to everyone else."
The best infrastructure is the kind nobody notices. It just works — quietly, reliably, around the clock. That's the standard I hold every engagement to, whether it's a firewall rule or a full cloud migration.
Whether you need a full security audit, a firewall overhaul, or ongoing cloud infrastructure support — tell me what you're working with and I'll come back to you within one business day.