Who it’s for
CTOs and Heads of Security at regulated organisations who need a senior practitioner to review (or design from scratch) the security architecture of an AWS / Azure / GCP platform — at the scale and rigour that an FCA, PRA, or PCI auditor expects.
Outcome
- An architecture document that maps controls to risks to regulators
- A baseline secure-by-default platform pattern the engineering team reuses for every new service
- A landing-zone build (or review) covering identity, network, logging, KMS, secrets, observability
- A pull-request-grade implementation of the priority gaps
- A runbook for the operating team to keep the controls effective
On pattern across prior engagements: landing zones designed under this model have passed external SOC 2 Type 2 on first attempt and lifted Azure CIS benchmark scores by ~30%.
Operating model
We embed with platform engineering for the engagement. We review every account / subscription / project, every IAM boundary, every data flow. We diagram the threat model. We write the controls and put them through your code review. We translate the work for the audit committee.
Engagement length & shape
- Initial scope: 6-10 weeks depending on platform size.
- Retainer: monthly thereafter, scoped per new platform component.
Most consultants leave a slide deck. Salvador Cloud left an operating model the team is still using two years later.
What's NOT in scope
- Building the platform itself (we partner with platform engineering teams)
- Day-to-day SecOps (see DevSecOps and SOC service)
- Vendor-specific certifications (we focus on the architecture)
Anonymised case study
See how this service plays out in practice.
Read the case study →
Frequently asked
What does a cloud security architecture review cover?
Account / tenant boundary, identity model, data-plane segmentation, logging and detection coverage, key management, third-party access, and the deployment pipeline that produces it all. The deliverable is a current-state diagram, a gap list mapped to your regulator(s), and a prioritised remediation plan with owners.How is this different from a CSPM tool?
CSPM tools surface misconfigurations against a generic baseline. Architecture review surfaces the design decisions upstream of those misconfigurations — the ones a tool can't catch (e.g. trust boundary violations, control gaps between accounts, IAM inheritance traps). Both are useful; one is not a substitute for the other.We're multi-cloud. Does that matter?
Multi-cloud sharpens the architecture conversation rather than complicating it. The control patterns are similar across AWS / GCP / Azure; the gaps tend to be at the joins (federated identity, shared data planes, cross-cloud observability). We treat each cloud on its own terms but keep the threat model unified.Do you implement the changes, or just recommend them?
We design the controls, write the IaC patterns, and pair with your platform team on the first implementation. After that, the patterns live in your repo and your team extends them. We don't build out every account — that's not where the value is.How long does this take?
A single-account or single-cloud review is typically 4 weeks. A multi-account multi-cloud architecture engagement is typically 8 weeks initial / monthly retainer thereafter. Both end with concrete artefacts you keep regardless of whether you continue.
Next step
Ready to scope this engagement?
No proposals, no pitching. We'll diagnose, scope, and price up front.