A middle-aged man with dark hair and a beard, smiling while sitting at a desk in a modern office, using a laptop. The desk holds a mug, framed certificate, and an iPad displaying a messaging app. Large windows behind him reveal a city skyline.

Security Office Hours for Early-Stage Startups

Not ready for a full vCISO engagement?

Security Office Hours gives early-stage founders (5–50 employees) direct Slack access to a CISSP with 15+ years at enterprise security vendors — without the overhead of a formal engagement.

Ask questions as they come up. Get answers by the next business day. Know what to build, what to buy, and what to say before it costs you a deal.

Built for early-stage startups

This is for you if:

  • An enterprise prospect just sent you a security questionnaire, and you're not sure how to answer without overpromising

  • You're 6–12 months from needing ISO 27001 or SOC 2 and want to build the right foundation now

  • You're making tool or architecture decisions you don't want to get wrong

This is not for you if:

  • You're already in an active certification process, need hands-on implementation, or have a security incident in progress.

Get unstuck fast

Security questions answered by an expert who's seen it before—no waiting weeks for a consultant booking or wading through conflicting advice online.

Build the right foundation

Guidance on which tools, practices, and controls actually matter at your stage (and which ones don't). Avoid the trap of over-engineering security too early or ignoring critical gaps.

Avoid expensive mistakes

Know before you commit to vendors, tools, or security decisions that'll cost you later. Get second opinions on architectural choices before you build the wrong thing.

Grow your security IQ

Learn how to think about security as you build, without becoming a security expert yourself. Build good patterns now, before bad habits become expensive problems.

Security guidance that keeps you moving forward

What you get:

Stop second-guessing every security decision

Direct Slack access to experienced security leadership

Ask questions as they come up. Get answers within one business day. No consultant booking calendars, no formal engagement letters for simple questions.

Avoid expensive mistakes before you make them

  • "Should we build on AWS, GCP, or Azure from a security perspective?"

  • "This vendor wants admin access to our systems—is that normal?"

  • "A prospect asked if we're ISO 27001 certified—how do we answer?"

  • "Our CTO wants to use Tool X—will that create problems later?"

Guidance calibrated to your actual stage

We understand the difference between a 50-person scaleup and a 5,000-person enterprise, and between "what matters now" and "what you can defer until Series B."

Know what to say to enterprise prospects

Get talking points for security questions in sales calls. Don't lose deals because you couldn't speak confidently about your security posture.

Quarterly strategy check-ins

Every 90 days, we'll hop on a call to review what's changed, what's coming, and whether you're still on the right track.

When you need deeper support: Our vCISO Services provide strategic security leadership, compliance guidance, and comprehensive program development.

Pricing: Less than your AWS bill

€600/month

  • Month-to-month, cancel anytime

  • No surprise bills, no hourly overages

  • Slack access + quarterly 30-min calls

Compare that to:

  • One security tool subscription: €500-1,500/month (you still don't know how to use it)

  • One day of consultant time: €1,500-2,500 (then they're gone)

  • Losing one enterprise deal because you couldn't answer security questions: €50K-500K ARR

Getting started is simple

15-minute conversation to understand your situation and confirm Office Hours is the right fit. We'll discuss your stage, technical setup, and what kind of guidance you're looking for.

Step 1: Initial call

We'll add you to a dedicated Slack channel (or use your existing workspace). You get direct access—no intermediaries or ticketing systems.

Step 2: Slack setup

Security questions come up? Drop them in Slack. You'll get answers by next business day, often faster. We'll point you to resources, make recommendations, or help you think through decisions.

Step 3: Ask away

Every quarter, we'll schedule a 30-minute call to review your security posture, discuss what's changing in your business, and ensure you're still on the right track.

Step 4: Quarterly check-ins

Office Hours is designed for tactical guidance while you're building. You'll know it's time to upgrade to full vCISO services when:

  • Enterprise customers require formal security assessments or vendor reviews

  • Investors ask for security program documentation as part of due diligence

  • You're pursuing ISO 27001, SOC 2, or other compliance certifications

  • You're scaling past 50 employees and need formal security governance

  • Your security questions are becoming strategic, not just tactical

When that happens: You'll already have a relationship with us. We'll transition you smoothly to vCISO services—and you'll have avoided the expensive mistakes most startups make in their first 2 years.

You'll outgrow Office Hours—and that's the plan

Common questions:

Ready to stop Googling security questions at 11 PM?

Book a 15-minute call. We'll discuss:

  • Where you are now (stage, technical setup, immediate security questions)

  • What kind of guidance you're looking for

  • Whether Office Hours is the right fit (we'll tell you if it's not)

No sales pitch. Just a straight conversation about whether this makes sense for you.

Or contact us directly

Already working with several startups across Europe. Based in the Netherlands, supporting founders everywhere.