Industrial & Defense Cybersecurity

Executive Security
Leadership Without
the Full-Time Cost.

Axiom Cyber Consulting provides CISO-level cybersecurity leadership and compliance advisory to industrial manufacturers and defense contractors — organizations that can't afford to get security wrong.

30+Years Experience
CISSPGold Standard Cert
TS-SCIClearance History
OT/ICSSpecialized Expertise
CMMCDIB Compliance
Framework Expertise
CMMC 2.0 NIST SP 800-171 ISO 27001:2022 NIST RMF NIST CSF 2.0 DIV 25 05 11 IEC 62443 EU CRA
What We Do

Five Service Lines.
One Trusted Advisor.

From ongoing fractional CISO retainers to CMMC preparation, ISO compliance, and workforce training — every service is built around your specific regulatory environment and risk profile.

01
Fractional CISO

Dedicated monthly retainer providing executive cybersecurity leadership, compliance oversight, risk management, and strategic advisory.

02
Compliance Readiness Assessment

Structured gap analysis against CMMC 2.0, NIST SP 800-171, or ISO 27001:2022 with risk register, POA&M, and remediation roadmap.

03
CMMC 2.0 Preparation

End-to-end preparation for defense contractors facing C3PAO assessment — documentation, SSP development, and 90-day advisory support.

04
ISO 27001 Compliance

Full-cycle ISO 27001:2022 implementation and certification support — from gap assessment through ISMS design, controls implementation, and audit readiness.

05
Security Awareness Training

Industry-specific training built for OT/ICS operators and DIB contractors — not generic phishing slides. Custom delivery, real retention.

Why Axiom

Credentials Built in the Field, Not the Classroom.

  • CISSP Certified — The gold standard credential in information security, held and actively maintained.
  • Former Director of Cybersecurity Compliance, Schneider Electric (US) — Real enterprise OT/ICS security leadership at scale.
  • NIST RMF, IEC 62443, DIV 25 05 11 & CMMC Subject Matter Expert — Built compliance programs, not just audited them.
  • US Air National Guard Veteran — TS-SCI — Gray hat techniques, national security discipline, and mission-first mindset.
  • Current ISO 27001:2022 & SOC 2 Program Manager — Actively managing compliance programs today, not decades ago.
  • 30+ Years of Operational Experience — Military, law enforcement, industrial, and cybersecurity backgrounds in one advisor.
Our Philosophy

Security is a Principle, Not a Product.

Most organizations don't have a tools problem — they have a strategy and accountability problem. The right frameworks, the right policies, and the right leadership make compliance achievable for any organization willing to commit to it.

Axiom Cyber Consulting exists to provide that leadership to organizations that have outgrown their current approach but aren't ready — or don't need — a full-time CISO on payroll.

"Security built on axioms — foundational truths — holds under any pressure. We help you build it right the first time."

— Axiom Cyber Consulting
About

Experience That Spans Every Layer of Security.

Axiom Cyber Consulting was founded on a simple observation: small and mid-size organizations in industrial and defense sectors face the same regulatory pressure as large enterprises — without the same resources. Our principal brings 30+ years of hands-on experience across military service, law enforcement, industrial cybersecurity leadership, and compliance program management.

This isn't advisory work built on certifications alone. Every recommendation we make is grounded in decades of operational reality — what works in practice, not just on paper.

Credentials
CISSP
Certified Information Systems Security Professional
TS-SCI
Top Secret / Sensitive Compartmented Information (History)
MCSE
Microsoft Certified Systems Engineer
SME
NIST RMF · DIACAP · CMMC · ISO 27001:2022
Career Timeline
1982 — 1986
Machinist Mate — US Navy (Active Duty)
Technical discipline, mechanical systems expertise, and military operational experience forming the foundation of a career built on precision and accountability.
1986 — 1994
Police Officer — San Diego PD
Eight years in law enforcement developing investigative discipline, risk assessment, and the judgment to act decisively under pressure.
1994 — 2004
MCSE — Software & Technology Firm
Technical transition into IT — earning MCSE certification and developing foundational systems knowledge while building enterprise-level technical expertise.
2004 — 2022
US Air National Guard (1B4X / 3D0X)
Gray hat cybersecurity techniques, national security operations, and TS-SCI clearance. Serving in parallel with civilian career throughout this period.
2004 — 2022
Director of Cybersecurity Compliance (US) — Schneider Electric
Subject matter expert in NIST RMF, DIACAP, and CMMC. Director of Cybersecurity Compliance for the United States — leading enterprise OT/ICS security programs for one of the world's largest industrial automation companies.
2022 — Present
Cybersecurity Program Manager — Delta Intelligent Business Technologies
Active management of ISO 27001:2022 and SOC 2 compliance programs. Current, hands-on regulatory compliance leadership.
2025
Founder & Principal — Axiom Cyber Consulting LLC
Bringing three decades of operational cybersecurity experience to small and mid-size organizations in the industrial and defense sectors.
Services

Built for Industrial & Defense Organizations.

Every engagement is scoped to your specific regulatory environment, risk profile, and operational reality. Click any service to expand details.

01 Fractional CISO Retainer Ongoing / Monthly

Your organization gets a dedicated CISO-level advisor who learns your environment, owns your security program, and provides consistent monthly leadership — without the cost of a full-time executive hire.

  • 20–30 dedicated advisory hours
  • Monthly written security posture report
  • Policy and procedure governance
  • Regulatory compliance oversight
  • Risk register and POA&M maintenance
  • Vendor and third-party risk advisory
  • Incident response plan maintenance
  • Quarterly executive security briefing
Small Org (under 50)
$3,500
per month · 12-month initial term
Mid-Size (50–250)
$4,500
per month · 12-month initial term
Complex / 250+
Custom
scoped after discovery call
02 Compliance Readiness Assessment Fixed Scope / Fixed Price

A structured, framework-aligned assessment of your current security posture delivered as a fixed-scope engagement. Know exactly where you stand — and what to do about it — before you spend another dollar on tools or infrastructure.

Available frameworks: CMMC 2.0 / NIST SP 800-171 · ISO 27001:2022 · NIST CSF 2.0

  • Pre-assessment intake & document review
  • Structured personnel interviews
  • Control-by-control gap analysis
  • Risk register development
  • POA&M development
  • Executive summary & findings report
  • Prioritized remediation roadmap
  • 30-day post-delivery support
CMMC 2.0 / NIST 800-171
$8–12K
fixed fee · confirmed after discovery
ISO 27001:2022
$9–14K
fixed fee · confirmed after discovery
Multi-Framework
Custom
scoped after discovery call
03 CMMC 2.0 Preparation Package Defense Contractors

Full-spectrum CMMC Level 2 preparation for organizations in the Defense Industrial Base. We guide you from gap to assessment-ready — documentation, evidence organization, SSP development, and 90 days of advisory support through the C3PAO process.

  • Full 110-practice gap assessment
  • System Security Plan (SSP) development
  • POA&M development and management
  • Policy documentation — all 14 domains
  • Evidence collection guidance
  • 90-day C3PAO advisory support
  • Pre-assessment mock review
  • C3PAO partner referrals
Standard (under 100 users)
$15–20K
single enclave · fixed fee
Complex Environment
$20–28K
multiple enclaves / MSP / cloud
04 ISO 27001:2022 Compliance Program Certification Readiness

Full-cycle ISO 27001:2022 implementation support — from initial gap assessment through Information Security Management System (ISMS) design, controls implementation, internal audit preparation, and certification audit readiness. Whether pursuing initial certification or maintaining an existing program, we provide the expertise to get it done right.

  • Gap assessment against ISO 27001:2022
  • ISMS scope and boundary definition
  • Risk assessment and treatment plan
  • Statement of Applicability (SoA)
  • Policy and control documentation
  • Internal audit program support
  • Management review preparation
  • Certification audit readiness review
Gap Assessment Only
$9–14K
fixed fee · report & roadmap
Full Implementation
$18–30K
gap through audit-ready
Program Maintenance
Custom
ongoing retainer support
05 Security Awareness Training Workforce Development

Generic security training doesn't work for industrial environments or defense contractors. Our programs are built around the actual threats your workforce faces — OT/ICS-specific risks, CUI handling, and the social engineering tactics targeting your sector.

  • Custom content for your industry
  • Virtual or on-site delivery
  • Up to 50 participants per session
  • OT/ICS threat-specific content
  • CUI handling for DIB employees
  • Executive non-technical briefing option
  • Annual program packages available
  • Post-training assessment available
Virtual Half-Day (25 participants)
$2,500
virtual delivery
Virtual Full-Day (50 participants)
$3,500
virtual delivery
Executive / Board Briefing
$1,500
90 minutes · virtual

Every engagement begins with a complimentary 30-minute discovery call.

We'll listen first — then tell you honestly what we think you need.

Pricing

Transparent Pricing. No Surprises.

All engagements are fixed-fee or retainer-based. We don't bill by the hour for retainer work, and we don't change scope without your written approval.

Fractional CISO

Ongoing monthly retainer — executive security leadership for your organization.

$3,500
Per month · starting price · 12-month initial term
  • 20–30 advisory hours per month
  • Monthly security posture report
  • Policy & procedure governance
  • Regulatory compliance oversight
  • Risk register & POA&M management
  • Quarterly executive briefing
  • Incident response advisory
Most Popular

CMMC 2.0 Preparation

Full-spectrum preparation for defense contractors facing C3PAO assessment.

$15,000
Starting price · fixed fee · single enclave
  • Full 110-practice gap assessment
  • System Security Plan (SSP)
  • POA&M development
  • Policy docs — all 14 CMMC domains
  • Evidence collection guidance
  • 90-day C3PAO advisory support
  • Pre-assessment mock review

Compliance Assessment

Point-in-time gap analysis with risk register, POA&M, and remediation roadmap.

$8,000
Starting price · fixed fee · CMMC / NIST 800-171
  • Control-by-control gap analysis
  • Risk register development
  • POA&M development
  • Executive summary report
  • Prioritized remediation roadmap
  • 30-day post-delivery support

ISO 27001:2022 Compliance

Full-cycle ISO 27001 implementation from gap assessment through certification readiness.

$9,000
Starting price · gap assessment · full implementation from $18K
  • Gap assessment & risk treatment
  • ISMS design & documentation
  • Statement of Applicability (SoA)
  • Policy & control framework
  • Internal audit support
  • Certification audit readiness

Security Awareness Training

Industry-specific workforce training for OT/ICS and defense environments.

$2,500
Starting price · virtual half-day · up to 25 participants
  • OT/ICS-aware threat content
  • CUI handling for DIB employees
  • Virtual or on-site delivery
  • Executive & board briefing option
  • Annual program packages available
  • Up to 50 participants per session
Assessment → Retainer Conversion CreditOrganizations that complete a Compliance Readiness Assessment and convert to a Fractional CISO retainer within 60 days receive a $1,500 credit applied to their first retainer invoice.
Overage RateRetainer hours in excess of your monthly allotment, pre-approved in writing, are billed at $200/hour. We'll always flag when you're approaching your limit before going over.
Contact

Let's Talk About Your Security Program.

Every engagement starts with a complimentary 30-minute discovery call. No sales pitch — just an honest conversation about where you are and what it would take to get you where you need to be.

Organization
Axiom Cyber Consulting LLC
Las Vegas, Nevada · Serving clients nationally
Principal
James Wiegand, CISSP
Founder & Principal Consultant
Email
jwiegand@axiomcyberconsulting.com
Phone
559-326-3333
Available Mon–Fri, 8am–6pm PT
Website
axiomcyberconsulting.com
Get In Touch

Schedule Your Discovery Call

Message received. We'll be in touch within one business day.

🔒
Secure Access

Client Portal

Access your monthly security reports, POA&M tracker, policy documents, and assessment deliverables. Current clients only.

Access credentials are provided to active retainer clients upon engagement kickoff.
Not a current client? Contact us to get started.

For portal access issues, contact jwiegand@axiomcyberconsulting.com