Let's talk.
Tell me what you're building, what's broken, or what you're worried about. I respond within one business day.
Independent counsel for technology leaders.
No vendor allegiance, no upsell. Architecture due diligence, security strategy, and the translation between what your engineers know and what your board can act on.
Security architecture, end to end.
IAM, threat modeling, Zero Trust for human users. Plus the harder part most teams haven't started yet: identity, isolation, and observability for AI agents calling your APIs at machine speed. OWASP LLM Top 10, MCP gateways, AI governance you can take to an auditor.
Implementation, not just slides.
Java, Spring Boot, Angular for the spine. RAG pipelines, agent workflows, MCP servers for the new layer. Code that runs on Monday, not in next quarter's slide deck.
Designs that survive contact with production.
Hexagonal, event-driven, microservices. Cloud-native default. Boring on purpose: boring scales, and boring is still legible at 3am when an agent is hammering it at machine speed.
Every business is a vector.
I help you point it up.
Simon Van den Bossche. Independent technical architect. Cybersecurity, IAM, AI security.
The systems you ship now will be operated partly by AI agents. I make sure the security, identity, and architecture decisions hold up when that traffic arrives.