Description

I help scaling SMEs, FinTechs, and start-ups improve cloud security, prepare for client audits, and meet compliance expectations without needing a full-time internal security team.

As companies grow, security questions often become commercial blockers. Enterprise clients may ask for detailed security questionnaires, investors may expect stronger governance, and regulators may require clearer evidence of controls. I help turn those requirements into practical next steps, clear documentation, and security improvements that support growth rather than slow it down.

My work covers ISO 27001, Cyber Essentials, DORA readiness, vendor risk, CNAPP implementation, security questionnaires, and multi-cloud security across AWS, Azure, and GCP. I bring experience across consulting, cloud security, incident response, threat intelligence, financial services, and start-up environments. I also hold a BSc in Computer Science with Cyber Security from Warwick and an MSc in Management and Finance from Durham.

Recent projects include advising a global securities exchange on an£11M+ CNAPP migration from CloudGuard to WIZ, supporting integrations with Splunk, OPE, and Snowflake, and translating technical findings into executive-level recommendations.

Typical projects I support:

Compliance readiness: ISO 27001, Cyber Essentials, DORA, audit preparation, gap assessments, control mapping, and evidence gathering.
Cloud security: AWS, Azure, GCP, WIZ, CNAPP, risk prioritisation, and secure cloud architecture.
Fractional security support: governance, RACI design, vendor risk, client security questionnaires, and third-party assessments.
Automation: Python, LLM workflows, threat intelligence, compliance reporting, and security process automation.

My style is pragmatic, structured, and business-focused. I help you identify what matters, fix what blocks progress, and give clients, investors, and internal stakeholders confidence in your security posture.

Industry field of expertise

Languages

English
Native or bilingual
Spanish
Native or bilingual

Workplace preferences

Can work on-site

London (up to 50km)

Spike Reply (Reply Group)
Cyber Security Consultant
CONSULTING AND AUDITS
September 2025 - Today (9 months)
London, United Kingdom
(European boutique tech-consulting group operating as a network of specialised companies, recognised for leading work in digital transformation, AI, cloud and cybersecurity)

• Advised a global securities exchange on an £11M+ CNAPP migration from CloudGuard to WIZ, executing multi-cloud PoCs across WIZ and Orca to assess risk coverage, scalability, and operational fit; translated findings into a comparative matrix and executive presentation that secured CISO approval for long-term implementation.

• Supporting CNAPP implementation through downstream integrations with Splunk, OPE, and Snowflake, enabling compliance reporting, observability, and secure operational transition across AWS, Azure, and GCP.
Cloud computing CNAPP WIZ AWS, Azure & GCP Security Architecture
CrowdStrike
Cyber Security Analyst
DIGITAL AND IT
September 2024 - March 2025 (6 months)
Reading, United Kingdom
(Leading Cybersecurity firm with a $125B+ market capitalisation, recognised for industry-leading Managed Detection and Response (MDR) capabilities and trusted by over 300+ Fortune 500 companies)

• Reduced incident response times by 13% against a 3-month JIRA baseline by automating triage for 500+ recurring Windows, macOS, Linux alerts across Fortune 500 clients, saving senior analysts 15–20 minutes daily.

• Built CrowdBridge, a Slack-integrated bot powered by internal LLM APIs and profile matching, connecting 200+ pilot employees to on-demand expertise, fostering collaboration and reducing remote isolation.
IT-Security Incident Response Threat Detection Endpoint Security Linux, Windows, & MacOS
WiseBee (Start-up)
Threat Intelligence Analyst
DIGITAL AND IT
June 2024 - September 2024 (3 months)
London, United Kingdom
(AI-native platform continuously monitors, detects, and neutralizes threats - Secured a $2.5M pre-seed round led by Frontline Ventures and BrightCap Ventures)

• Increased SME threat-risk interpretation productivity by deploying a real-time RAG-enabled CTI automation workflow in n8n, integrating CVEs, MITRE ATT&CK TTP mappings, APT profiles, Detection IDs, CTI news feeds, and LLM APIs to transform unstructured threat data into executive-ready intelligence reports.
Threat Intelligence LLM Automation Python Third-Party Risk OSINT

Check out Miguel's experience

Be the first to recommend Miguel

Help this freelancer shine by sharing your experience working together.

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

Baptiste Duhen

Fullstack developer

4.6

(4)

Amed Hamou

Senior Lead Developer

(2)

Audrey Champion

Web developer

4.3

(3)

Signup to reveal

MSc Management & Finance
Durham University Business School
2026
Grade: Distinction Masters of Science (BSc) - With 2 merit scholarships
BSc (Hons) Computer Science with Cyber Security
University of Warwick
2024
Bachelor of Science with Honours - Certified by National Cyber Security Centre (NCSC)

Check out Miguel's education

CompTIA Security+
CompTIA
2026
IT-Security
WIZ Cloud Professional
WIZ
2026
https://verify.skilljar.com/c/yo4irie8eij7
Cloud computing CNAPP IT-Security WIZ

Miguel's certifications are only visible to Malt Community members

Cybersecurity Expert

Miguel Lopez

Cloud Security & Compliance Consultant

About Miguel

Experience

Recommendations

These freelancer profiles also match your criteria

Education

Certifications

Skill set

Categories