About

Who You're Working With

Not a team. Not an agency. One experienced professional who handles your engagement from intake to delivery — and takes that seriously.

Background

Marshall Williams

I've been working in IT for over 15 years — supporting end users, managing infrastructure, and building automation tools for organizations across commercial, education, nonprofit, and government sectors. The last two-plus years have been focused specifically on security operations: threat investigation, M365 tenant hardening, incident response, and compliance.

I work as an independent consultant, which means you get direct access to the person doing the work — no ticket queues, no junior analysts, no hand-offs. When you hire me, I'm the one in the VM.

I built this practice around a simple principle: the same rigor I apply for enterprise clients should be available to small businesses and teams who can't justify an enterprise retainer. Fixed pricing, clear scope, no surprises.

CompTIA A+ CompTIA Network+ CompTIA Security+ QIRCIS (CIS Compliance)
15+
Years in IT
2+
Years Security Ops
4
Certifications
100%
VM Destroyed After Delivery
Sectors Served
  • Commercial / Private business
  • Education (K–12 and higher ed)
  • Nonprofit organizations
  • Government and public sector
Specialization

Where I Focus

🔐

Microsoft 365 Security

Deep familiarity with the M365 security stack — Defender, Entra ID, Conditional Access, Purview, Exchange Online Protection. I work in M365 tenants daily.

🚨

Incident Response

BEC investigations, phishing analysis, compromised account triage. I know what attackers plant and where to find it in sign-in logs, audit logs, and mail flow.

⚙️

Scripting & Automation

PowerShell and Python for IT operations — user management, reporting, scheduled tasks, API integrations, and workflow automation that actually fits your environment.

📋

CIS Compliance

QIRCIS certified in CIS Controls. I understand compliance frameworks practically — not just checkbox auditing, but what actually reduces your risk posture.

How I Work

What Makes This Different

You Work Directly With Me

There is no team behind this. I read your intake, I do the work, I write the report, I send the delivery. If you have a question, you get a direct answer — not a ticket response from someone who wasn't in your engagement.

Isolated Infrastructure, Every Time

Every engagement gets its own VM on private, self-hosted Proxmox infrastructure — isolated network, no shared state with other clients, fully destroyed after your revision window. I built this process because I'd want it done this way if I were the client.

Fixed Pricing, Clear Scope

No hourly billing. No retainers. You pick the service and tier, you know exactly what's included, you pay once. If the scope needs to grow, I'll tell you before doing extra work — not after.

I Won't Take Work I Can't Deliver

If something is outside my competency or I can't deliver it to a professional standard, I'll say so. I'd rather decline a project than take your money and disappoint you. Custom projects go through a scoping step for exactly this reason.

View Services Ask a Question