TechnicalMarvel logo
TechnicalMarvel
Principal-led Information Security
Book a Discovery Call
Packages + focused services Principal-led delivery Clear deliverables

Services

Start with a packaged engagement for fast clarity, or select focused support. All engagements are principal-led and scoped with concrete deliverables.

Book a Discovery Call View packages
Packages

Start with a clear first step

These packages are designed to help business leaders quickly move from “we’re worried” to “we have a plan.”

Security Discovery Assessment

1–2 weeks

Best first step if you’re unsure where to start.

  • Crown jewels + threat discovery workshop
  • Prioritized risks and quick wins
  • 30/60/90 improvement plan
  • Executive risk snapshot

Pricing: Request quote (fixed-scope available)

Security Program Roadmap

2–4 weeks

Governance + a plan the team can execute.

  • Target posture definition
  • Prioritized roadmap with milestones
  • Budget & staffing guidance
  • Metrics and reporting cadence

Pricing: Request quote

Ongoing vCISO Advisory

Monthly

Executive-level leadership without a full-time hire.

  • Governance cadence and decisions
  • Vendor/tool reviews (spend ROI)
  • Board / executive reporting
  • Security program oversight

Pricing: Monthly retainer

Audit Readiness Sprint

4–12 weeks

Evidence-focused readiness for SOC 2 / ISO 27001 / PCI.

  • Gap assessment + control mapping
  • Evidence kit & collection playbook
  • Remediation plan + pre-audit review
  • Stakeholder coordination support

Pricing: Request quote

Want help selecting the right scope?

Book a discovery call and we’ll propose a clear first step with deliverables and timeline.

Book a call Email Adam
Focused services

If you already know what you need

These are common engagements that can be scoped as standalone projects or delivered as part of ongoing advisory.

vCISO / Security Program Leadership

  • Strategy aligned to business goals
  • Governance, metrics, and cadence
  • Executive/board-ready reporting

Typical: ongoing monthly cadence

Risk & Vulnerability Discovery

  • Asset + threat discovery workshops
  • Prioritized risk register
  • Quick wins + remediation plan

Typical: 1–3 weeks

SOC 2 / ISO 27001 Readiness

  • Gap assessment + control mapping
  • Evidence collection kit
  • Pre-audit readiness review

Typical: 6–12 weeks

PCI-DSS Consulting

  • Scope reduction guidance
  • Remediation plan
  • Support through QSA interactions

Typical: 4–10 weeks

Cloud Security Review

  • IAM review
  • Logging/monitoring baseline
  • Misconfiguration findings & fixes

Typical: 2–4 weeks

Incident Response Readiness + Tabletop

  • IR plan + playbooks
  • Tabletop exercise
  • Improvement plan

Typical: 1–2 weeks

Prefer a one-page capability statement?

Add a PDF later if you want. For now, we can scope everything from a discovery call.

Book a call Call 613-686-1611