Services#
Outside of my day job, I take on a small number of consulting clients through my company, Brooks Security LLC. I focus on two things I’m genuinely good at: building security and compliance programs that survive both audits and attackers, and running cloud infrastructure that’s automated, reliable, and not overpriced.
- Security Consulting: GRC done right. Policies and procedures, SOC 2 and audit readiness, risk management, cloud security, and vulnerability management.
- Operations Consulting: Infrastructure and configuration as code, CI/CD, cloud cost optimization, and reliability engineering.
One thing worth saying up front, because it comes up constantly: a lot of teams are racing to hand this work to AI and let their people go. I use AI heavily myself, but the whole point is having an experienced practitioner steering it. AI plus a seasoned human is powerful. AI on its own will confidently build you something broken. There’s more on that under Security Consulting.
I keep my client list short on purpose, so the work stays hands-on and the quality stays high. If that sounds like what you need, I’d like to hear what you’re working on.