Expert Focus: Fractional CISO Β· IT Director Β· AI Architect Core Value Proposition: Helping SMEs, PE-backed, and high-growth businesses build secure, scalable technology without sacrificing delivery pace. Expertise at the intersection of cyber security, IT leadership, cloud modernization, and practical AI adoption.
| Channel | Link |
|---|---|
| Website | richardham.co.uk |
| uk.linkedin.com/in/hamrichard | |
| GitHub | github.com/zebadee2kk |
- Secure AI & Agentic Workflows: Designing operating models with mandatory human approval gates, audit trails, cost control, and defined security boundaries.
- AI Control Planes: Building governed orchestration layers β deterministic substrate (systemd, scripts, CI) first; LLM orchestration (Hermes) above; frontier models (Perplexity, Claude Code, Codex) for research, build, and review.
- Multi-Model Orchestration: Routing work across local (LM Studio), cloud (OpenRouter), and specialist (Perplexity for research, Codex for review) providers based on task class and hardware constraints.
- Cyber Security & Compliance: Cyber Essentials, ISO 27001, SOC 2, GDPR β practical readiness with demonstrable evidence, not shelfware.
- Risk Management: Transforming security from reactive tasks into owned programs with clear accountability and audit trails.
- M&A Due Diligence: Assessing technology estates, security posture, operational risk, and integration readiness.
- Modernization: Microsoft 365, Azure, hosting, networking β secure, observable, maintainable.
- Homelab & VPS: Production-grade infrastructure management with NetBox-as-truth, Prometheus/Loki monitoring, and AI-assisted ops.
Recent concentrated work across the portfolio demonstrates the operating model in production:
- 15 parallel Claude Code sessions deployed via git worktrees, each tackling a dedicated GitHub issue β all branches pushed and bulk-merged.
- 23 issues closed across a single session: runtime config changes (fallback provider reordering, auxiliary vision pinning), security hardening (CVE-2026-48710 verified patched, gateway auth audited loopback-only), documentation refresh, and issue consolidation.
- Observability stack deployed: Langfuse v2 (port 3001), Langfuse v3 worker + ClickHouse + MinIO + Redis, Promptfoo (port 3002), PGAdmin β 9 containers, all smoke-tested.
- Current-state documentation: v0.16.0, 32 skills, fallback chain reordered, model/provider health verified.
- Architecture defined: Deterministic-substrate-first policy (ADR-0020), governed agent activation blueprint, 5-profile model (operator/research/builder/reviewer/ops).
- 4 live systemd-based ops agents with deterministic evidence collection.
- NetBox as infrastructure source of truth, Prometheus/Loki monitoring.
- Repository canonicalized as the home and VPS infrastructure automation platform.
hermes-community-editionβ Fully free/nearly free Hermes deployment with local installers for Windows, Mac, Linux.hamnetβ Public-facing HAMNET platform repo.hermes-enterprise-reference-architectureβ Public reference companion for enterprise Hermes deployments.client-agent-applianceβ Client-side agent deployment appliance.AI-Alpha-Radarβ AI alpha news aggregator.FlowFinderβ Agentic workflow finder from existing logs.
| Repository | Role / Purpose | Visibility |
|---|---|---|
hermes-mgmt |
AI control plane SSOT β governance, runbooks, architecture, observability | Private |
hermes-community-edition |
Free Hermes deployment with local installers (Win/Mac/Linux) | Public |
hermes-enterprise-reference-architecture |
Enterprise reference companion for Hermes deployments | Public |
hamnet |
Home/VPS infrastructure lab β hosting, NetBox, monitoring, automation | Private |
HamOS |
Secure-by-design personal operating environment | Private |
agent-toolkit |
Reusable agent tooling, skills, templates, workflow components | Private |
portfolio-management |
GitHub estate governance, repo lifecycle, prioritization | Private |
control-tower |
GitHub-native control plane for AI-assisted project work | Public |
best-practice-repo-template |
Secure, maintainable repo template with governance standards | Public |
ai-powertools |
Workflow accelerators and AI-assisted development utilities | Public |
ai-cost-tracker |
Multi-model API cost tracking and budget visibility | Public |
client-agent-appliance |
Client-side agent deployment appliance | Private |
AI-Alpha-Radar |
AI alpha news aggregator | Private |
FlowFinder |
Agentic workflow finder from existing logs | Private |
- Security first, delivery always β Controls must reduce risk without stopping useful work.
- Human approval at critical gates β Accountability remains explicit even with powerful automation.
- Deterministic substrate first β Scripts, systemd, CI own execution; LLMs research, draft, review, route.
- Evidence over aspiration β Governance leaves an auditable trail.
- Pragmatism over theatre β Small, well-controlled changes over large, fragile programs.
- Git as SSOT β All state changes committed before reporting.
- Organizations that have outgrown informal IT decision-making.
- Businesses under client/insurer security pressure.
- Companies adopting AI faster than their governance model safely supports.
- PE-backed and high-growth businesses needing fractional technology leadership.