Most IT and security problems aren’t mysterious — they’re the result of infrastructure that grew faster than it was designed, compliance requirements that nobody budgeted for, or manual processes that never got automated. BeboSec LLC takes on project-based engagements to fix exactly that. Work is scoped and priced per project, so you know what you’re getting before anything starts.
CMMC Compliance #
If you’re a defense contractor working toward CMMC Level 1 or Level 2, this is where I spend a significant portion of my professional time. I’ve personally owned the majority of CMMC compliance objectives in a live DoD-adjacent environment and seen the organization through a successful Level 2 C3PAO assessment — not as a consultant reading the framework for the first time, but as the person responsible for actually meeting the controls.
Engagements typically cover:
- Gap assessments against CMMC Level 1 or Level 2 controls
- Access control implementation and documentation
- Vulnerability management program setup and evidence collection
- Policy and SSP documentation for audit readiness
- Microsoft GCC/GCCH environment configuration (Exchange Online, Azure AD, Intune) — a common requirement for CUI handling that many compliance consultants hand off to someone else
If you’re staring down a CMMC deadline and don’t know where to start, reach out.
Network Architecture & Security #
Enterprise network design and security hardening for organizations that have outgrown their current setup — flat networks, no segmentation, firewalls that are technically on but not doing much.
On the architecture side: multi-site VLAN segmentation, WireGuard VPN design for dev/prod isolation, and firewall management across FortiGate/Fortinet, OPNsense, and Ubiquiti environments. On the security side: application-layer IPS with CrowdSec and NGINX, Caddy, or Traefik reverse proxies, SIEM deployment and tuning with Security Onion, Wazuh, and Elasticsearch, and vulnerability management with Nessus and Greenbone OpenVAS from scanning through remediation closure.
Infrastructure & Virtualization #
For organizations looking to get off VMware — whether due to Broadcom’s post-acquisition pricing or just a desire for something more open — full environment migrations to Proxmox are a core part of what BeboSec does. That includes multi-node clusters with Ceph shared storage, migrating from both ESXi and Nutanix. It’s not a small undertaking when done properly, and the details matter.
Beyond migrations: Infrastructure as Code with Ansible and Terraform for repeatable, version-controlled provisioning, TrueNAS and enterprise backup infrastructure, monitoring stack buildout with Grafana, Prometheus, and InfluxDB, and cloud environments across AWS and GCP.
Automation & Scripting #
Every environment has a list of things someone does manually that shouldn’t require a person. Patching, certificate renewals, Active Directory tasks, deployments — these are solved problems. Ansible, PowerShell, Bash, and Python across Windows and Linux environments, with a focus on building things that don’t need babysitting after handoff.
How Engagements Work #
All work is scoped upfront. Before anything starts we agree on deliverables, timeline, and a fixed project fee. No surprise invoices, no billing for getting up to speed.
Typical engagements run 2–8 weeks. Ongoing support and retainer arrangements are available for the right fit.
Get In Touch #
If something on this page sounds like a problem you’re dealing with, reach out. Even if you’re not sure exactly what you need, a short conversation usually makes it clear whether it’s a good fit — and if it’s not, I’ll tell you that too.
Email: [email protected]