Independent Security & Engineering

Find the exposure
before they do.

10+ years in adversary simulation, penetration testing, and cloud security. Now applied to LLM applications, AI agents, the cloud they run on, and the systems built around them. If I reached out, I found something specific — and I know what it means.

OSCP GRTE GCP SME LLM Red-Team AWS · Azure
Get in touch View services
Shane Jones
Shane Jones · Ohm Security Advisory
Services

Three practice areas. Pick what fits.

Each engagement is scoped with deliverables written in plain language. Project work is fixed-fee where possible. Ongoing work runs on monthly retainer.

01 · Cloud & Identity
Cloud Security
Point-in-time exposure assessments and ongoing posture monitoring. External triage, validated asset inventory, IAM and token scope review, strategic identity roadmap. AWS, Azure, GCP.
View tiers →
02 · AI & ML
AI/ML Security
Adversarial testing for LLM applications and AI products. Prompt injection, jailbreak resistance, RAG poisoning, agent abuse. promptfoo, Garak, manual operator testing. Continuous coverage available.
View tiers →
03 · Build
Secure Development
Production software built right. Backends, APIs, web apps, internal tools, automation, ML/AI integrations, sensor and data systems. Post-build maintenance retainer available for delivered systems.
View offerings →
Custom scope? Pen tests (external, internal, web, wireless), red team engagements, social engineering including AI-assisted phishing, or anything that doesn't fit a tier — reach out and describe what you need.
About

Operator background. No account managers.

10+ years running adversary simulation and penetration testing programs at enterprise scale. Roughly 160 client organizations across finance, healthcare, energy, and technology. Most recently the GCP SME at TrustedSec, where I built custom enumeration and exploitation frameworks and led engagements across network, application, cloud, and social engineering disciplines.

Read more →
Testimonials

What clients say.

Engagements span Fortune 500 internal red teams, mid-market cloud assessments, and independent advisory work. Direct testimonials are gathered with client consent and published on the testimonials page.

View testimonials →
Contact

Let's talk.

15 minutes is enough. If I reached out to you, I'll tell you exactly what I found. If you found me — same deal.

Get in touch