Senior security leadership.
Without the full-time hire.

A supplier just asked for your ISO 27001 certificate. Your cyber insurance renewal is asking questions nobody can answer. That’s the conversation we should have.

Book a 30-Minute CallExplore My Work

Most businesses are one incident away from a very bad day

You've outgrown IT without a strategy

Security and IT decisions are being made reactively. There's no ownership, no roadmap, and no one at board level accountable for risk.

Compliance is overdue and no one owns it

Cyber Essentials, ISO 27001, client security questionnaires — they keep coming and the deadline is always now. You need someone who can own the programme, not just advise on it.

You're adopting AI faster than your controls

AI tools are in production before the governance is built. Audit trails, cost controls, and policy frameworks aren't optional — they're what keeps you defensible.

Services

What I Do

Helping organisations navigate the intersection of security, infrastructure, and intelligent automation.

Fractional CTO / IT Director

I provide strategic IT leadership for growth-stage companies, scale-ups, and mid-market organizations. I take accountability for infrastructure, security, compliance, and team performance—without the overhead of a full-time executive.

Security & Compliance Strategy

Security isn't a checkbox—it's a competitive advantage. I help you build a security-first culture, design architectures that protect customer trust, and navigate regulatory requirements (ISO 27001, SOC2, GDPR).

AI & Automation Architecture

AI is reshaping every industry. I help you evaluate, design, and safely deploy AI solutions—from LLM integrations to autonomous systems—without sacrificing security or losing control.

Technical Transformation & M&A

Mergers, acquisitions, and major platform migrations are complex. I've led integration of teams, systems, and cultures—minimizing risk and maximizing value creation.

How it works

1

Start with a conversation

30 minutes. No pitch, no sales deck. Just a frank look at where you are and whether I can help. Book a slot directly.

2

Discovery Audit

A structured review of your security posture, cloud configuration, and compliance position. Delivered as a prioritised report you can act on immediately — with or without me.

3

Ongoing engagement

Monthly retainer, scoped to what you actually need. Typically 1–2 days a week. A senior person in the room, not a junior with a framework.

Ready to start? Step 1 takes 30 minutes and costs nothing.

Book a Call

What clients say

At HOST we specialise in placing cyber security professionals, so our own security credibility matters — both to us and to our clients. Richard helped us get our house properly in order: clear governance, a realistic picture of our risk, and practical controls that we could actually maintain. He's straight-talking, technically credible, and knows how to work with a small team without creating overhead. Exactly the kind of person we needed.

Bradley Rickman

Head of Technology Recruitment, HOST Technology Group

We're a building services business — security isn't our core focus, but that doesn't mean it isn't our problem. Richard quickly understood how we operate and gave us a clear, jargon-free picture of where we were exposed. He fixed what needed fixing and left us with something we could maintain ourselves. Practical, straightforward, and didn't overcomplicate it.

Gareth Westerby

Operations Director, Maintained Building Services

I'd always assumed proper security leadership was something larger businesses could afford and smaller ones had to make do without. Richard changed my view on that. He audited where we stood, explained it in plain English, and gave us a prioritised action list with costs attached. No scaremongering, no unnecessary complexity — just a clear picture of our actual risk and what to do about it.

Chris Benbow

Managing Director, Precise AV Ltd

25+ years experience

I started in hands-on IT support and infrastructure, building up through MSP environments where I managed the technology estate for 23 large-scale clients simultaneously at IT Lab. That breadth — across sectors, sizes, and maturity levels — is where the pattern recognition comes from.

In 2019 I moved into Lily's Kitchen as embedded IT Manager through Correct Group, then directly as Head of IT following the Nestlé Purina acquisition. I've led the digital transformation strategy through that transition: hybrid cloud infrastructure, security and compliance, a £1.2m annual budget, and teams across the globe. The AI and automation work — generative AI, agentic workflows, Azure Fabric data model — is the current chapter.

I've run RichardHam.co.uk in parallel since 2014, working with SMEs and PE-backed businesses on the things that don't need a full-time hire but do need a senior person: security posture, IT leadership, compliance prep, M&A due diligence, and AI strategy. I work fractionally because it's a better model — for the businesses I help, and for me.

25+

Years of hands-on security & infrastructure leadership

40+

UK businesses secured, from Series A to listed companies

90%

Of clients renew or expand their engagement

Read my full story

Open Source

Featured Projects

Building tools and systems for the future of AI and infrastructure.

ProjectLodestar

Multi-LLM routing system that optimizes cost, capability, and availability. Routes requests across providers based on model performance and price.

PythonLLM RoutingCost OptimizationMulti-Provider
View on GitHub

Control Tower

GitHub-native control plane for AI-assisted projects. Uses GitHub as the orchestration platform—no new tools, no new dashboards.

GitHub ActionsAI AgentsAutomationInfrastructure-as-Code
View on GitHub

SentinelForge

Strict governance, auditing, and observability for AI agent execution. Tracks decisions, flags drift, maintains audit trails for regulated environments.

PythonGovernanceAudit TrailObservability
View on GitHub
View all projects

Let's talk.

Whether you need fractional CISO leadership, a specific project, or just want to discuss an approach—I'm here to help.

Get in Touch