Freelance Cloud Infrastructure Engineer

Senior-level cloud work.
Without the full-time hire.

AWS · Azure · Terraform · SOC 2 · Active Directory
20+ years enterprise IT · Available for engagements now

Start a Conversation

Who I Work With

Startups and SMBs inheriting a messy cloud environment

📄

Mid-market companies preparing for SOC 2 or CIS audits

🚀

Organizations migrating from on-prem to AWS or Azure

🔗

M&A teams consolidating Active Directory environments

Services

Tier 1

Cloud Environment Audit

$1,500 flat

A focused review of your AWS or Azure environment with a clear, prioritized action plan — delivered in 5 business days.

  • IAM review — users, roles, policies, over-permissioned accounts
  • Networking review — VPC/VNet, security groups, open ports
  • Storage review — public access, encryption, lifecycle policies
  • Monitoring review — CloudWatch / Azure Monitor coverage gaps
  • Written findings report with prioritized remediation checklist
  • 1-hour debrief call

Ideal for startups and fast-growing teams that need a clear picture of their cloud security posture.

Tier 2

Infrastructure Buildout

$100–125/hr

Terraform-based AWS or Azure infrastructure built from scratch or refactored from an existing environment. Typical engagement: 20–40 hours.

  • VPC/VNet design and deployment
  • IAM roles, policies, and least-privilege access model
  • Storage with encryption and lifecycle policies
  • Monitoring and alerting setup
  • Terraform codebase with state management
  • Runbook, architecture diagram, and 30-day async Q&A

Ideal for companies standing up or replacing a cloud environment with clean, documented, repeatable IaC.

Tier 3

SOC 2 / CIS Compliance Readiness

$5,000–12,000 flat

End-to-end compliance readiness for AWS or Azure environments targeting SOC 2 Type II or CIS benchmark certification.

  • Gap assessment against SOC 2 Trust Service Criteria or CIS Controls v8
  • Technical remediation via Terraform / Azure Policy / AWS Config
  • Policy-as-code for ongoing enforcement
  • Evidence collection templates formatted for auditor review
  • Control mapping document and written remediation summary
  • Two review calls — kickoff and final walkthrough

Ideal for SaaS, fintech, or healthcare companies preparing for their first SOC 2 audit.

Tier 4

Active Directory Migration & Consolidation

$8,000–25,000 scoped

Complex Active Directory migrations, consolidations, and cloud identity transitions — done cleanly without disrupting your users.

  • Current-state AD assessment — forests, domains, trusts, GPOs, OUs
  • Migration plan with rollback strategy
  • Forest consolidation or Entra ID / Azure AD cutover
  • Azure AD Connect / Entra ID configuration and sync validation
  • Okta SSO integration if applicable
  • Post-migration validation report and sign-off checklist

Ideal for companies going through M&A, consolidating AD environments, or moving off on-prem AD to Entra ID.

Add-Ons

Monthly retainer (5 hrs async support)$500/mo
CI/CD pipeline setup (GitHub Actions / Azure DevOps)$1,500–3,000
Terraform module library (custom, documented)$2,000–4,000
HIPAA cloud controls add-on (with Tier 3)+$2,000
Ongoing compliance monitoring (AWS Config / Defender for Cloud)$1,500

About

I'm a Cloud Infrastructure Engineer with 20+ years of experience building and securing enterprise environments. I work with AWS and Azure daily — designing infrastructure-as-code with Terraform, hardening environments against SOC 2 and CIS benchmarks, and untangling complex Active Directory situations.

I've taken on projects other engineers avoid: multi-forest AD consolidations, cloud environments that grew faster than their security posture, and compliance readiness for companies facing their first SOC 2 audit.

I take on a small number of outside engagements at a time. You work directly with me — no subcontracting, no handoffs.

AWS Solutions Architect AZ-500 Azure Administrator Azure DevOps Engineer Expert MCSE CompTIA Security+

Get in Touch

Tell me what you're dealing with. I'll let you know if I can help and what it would look like.

[email protected]