Description

A focused course, tailored for you

Building the Zero Trust + IAM Engagement Practice for Independent Cyber Consulting (Reference Architecture + IAM Modernisation + Sector Overlays + Compliance + Engagement Economics)

Build the Zero Trust + IAM engagement practice for independent cyber consulting in 10 weeks. Reference architecture + IAM modernisation + sector overlays + compliance + engagement economics.

Independent cyber consultants compete with Big4 cyber practices and hyperscaler partners on Zero Trust + IAM engagements. Customers ask for reference architecture, IAM modernisation, sector overlays, compliance integration, and engagement economics that work. Consultants who build the practice take the senior customer work. Here is the 10-week build.

$199 one-time

Tailored to your situation. Access within 24 hours. 30-day money-back.

Includes a hand-built implementation playbook delivered alongside course access, generated for your specific situation.

Why this course

Independent cyber consultants (boutique cyber consultancies, solo cyber practitioners, mid-tier security firms, fractional CISOs) compete with Big4 cyber practices (the firm Cyber, the firm Cyber, the firm Cyber, the firm Cyber) and hyperscaler partners on Zero Trust + IAM engagements.

Customers (SMB modernising identity, mid-market with hybrid identity environments, enterprise with multi-IDP environments, regulated-sector customers with strong compliance overlay, public-sector customers with FedRAMP requirements, EU customers under NIS2 and DORA) ask for Zero Trust reference architecture (NIST SP 800-207 alignment, ZTMM CISA Zero Trust Maturity Model alignment, DoD Zero Trust Reference Architecture for federal customers), IAM modernisation (Okta, Microsoft Entra ID, Ping Identity, ForgeRock, Auth0, Saviynt, SailPoint, OneLogin, in-house IAM consolidation), sector overlays (FFIEC for FS customers, NAIC Model Bulletin for insurance, HIPAA for HC customers, FedRAMP for federal, IRAP for AU, EU DORA + EU AI Act for EU customers), compliance integration (PCI DSS 4.0, NIST 800-53, ISO 27001), and engagement economics that work for independent practice.

Consultants who build the practice take the senior customer work. Consultants who stay on classic checklist patterns watch the senior work shift to peers.

This course teaches the 10-week build of the Zero Trust + IAM engagement practice for independent cyber consulting: reference architecture, IAM modernisation framework, sector overlays, compliance integration, engagement economics, and the customer engagement model. Twelve modules with deliverables. Plus a hand-built implementation playbook for your specific practice and customer mix.

What you walk away with

A documented Zero Trust reference architecture.
An IAM modernisation framework.
Sector overlays for FS + insurance + HC + federal + EU + AU.
A compliance integration framework.
An engagement economics framework.
A customer engagement model.
A 10-week build plan.

The 12 modules

Module 1. Zero Trust + IAM landscape 2026

Detailed walkthrough of the Zero Trust + IAM landscape in 2026: NIST SP 800-207 Zero Trust Architecture, CISA ZTMM 2.0, DoD Zero Trust Reference Architecture v2, IAM vendor consolidation (Okta, Microsoft Entra ID, Ping Identity, ForgeRock, Auth0, Saviynt, SailPoint, OneLogin, CyberArk Identity, BeyondTrust Identity), ZTNA vendor landscape (Zscaler ZPA, Netskope ZTNA, Cloudflare Access, Palo Alto Prisma Access, Cisco Duo, Twingate, Tailscale Enterprise, Banyan, in-house), and the strategic-level decisions facing independent consultants.

Module 2. Zero Trust reference architecture

Build the Zero Trust reference architecture: NIST SP 800-207 component decomposition (Policy Decision Point, Policy Enforcement Point, Policy Engine), CISA ZTMM 2.0 maturity pillars (Identity, Devices, Networks, Applications/Workloads, Data, with Governance + Automation + Visibility crosscutting), DoD Zero Trust Reference Architecture v2 component decomposition for federal customers, and the integration with broader cyber strategy. Three reference architecture patterns from peer engagements.

Module 3. IAM modernisation framework

Build the IAM modernisation framework: IAM-vendor selection (Okta, Microsoft Entra ID, Ping Identity, ForgeRock, Auth0, Saviynt, SailPoint, OneLogin, CyberArk Identity, BeyondTrust Identity), legacy-IAM consolidation pathway, identity-federation pattern, customer-IAM (CIAM) pattern where applicable, multi-IDP federation pattern, identity-governance-and-administration (IGA) integration, identity-threat-detection-and-response (ITDR) integration, and the integration with broader identity strategy.

Module 4. Privileged Access Management (PAM)

Build the PAM framework: PAM-vendor selection (CyberArk, BeyondTrust, Delinea, ARCON, Wallix, Saviynt PAM, ManageEngine PAM, One Identity Safeguard, Senhasegura, Thycotic), session-recording pattern, just-in-time access pattern, privilege-elevation pattern, secrets-management integration (HashiCorp Vault, AWS Secrets Manager, Azure Key Vault, Google Secret Manager, Doppler, in-house), and the integration with broader access management.

Module 5. Multi-factor and phishing-resistant authentication

Build the MFA and phishing-resistant authentication framework: FIDO2 / WebAuthn deployment pattern, hardware-security-key pattern (YubiKey, Google Titan, Feitian, in-house), platform-authenticator pattern (Touch ID, Face ID, Windows Hello, Android device-bound), passkey pattern, SMS-OTP deprecation pathway, push-notification MFA pattern, and the integration with broader authentication strategy.

Module 6. Sector overlays

Build the sector overlays: FFIEC for FS customers (Authentication Guidance, Cybersecurity Assessment Tool), Fed SR 17-7 for banks, NAIC Model Bulletin for insurance customers, HIPAA for HC customers, FedRAMP Moderate and High for federal customers, ICD 503 for IC customers, IRAP for AU customers, EU DORA + EU AI Act for EU customers, and the integration with broader sector strategy.

Module 7. Compliance integration framework

Build the compliance integration framework: PCI DSS 4.0 IAM requirements, NIST 800-53 IAM requirements, ISO 27001:2022 IAM control mapping, SOC 2 Type II IAM coverage, CMMC 2.0 IAM requirements, EU NIS2 IAM requirements, and the integration with broader compliance management.

Module 8. Engagement economics framework

Build the engagement economics framework: assessment-engagement structure, design-engagement structure, implementation-oversight engagement structure, retainer engagement structure, fractional-CISO engagement structure, AI-augmented audit-productivity, sub-contractor model, and the practice-economics framework.

Module 9. Customer engagement model

Build the customer engagement model: customer-CISO engagement framework, customer-CIO engagement, customer-CTO engagement, customer-Compliance-Officer engagement, executive-business-review framework, assessment-finding-presentation framework, remediation-roadmap framework, and the integration with broader account management.

Module 10. Practice positioning and case studies

Build the practice positioning: positioning statement, demo (showing Zero Trust reference architecture, IAM modernisation framework, sector overlays), ROI calculator (cost vs Big4-only sourcing, time-to-Zero-Trust-maturity improvement, incident-reduction estimate), case studies (3 minimum), and the discovery-conversation guide. Sales materials that win the next engagement.

Module 11. Talent and operating model

Build the talent and operating model: consultant career-track design, AI-augmented consultant skill development, sub-contractor and contractor-to-perm pattern, near-shore and off-shore mix, and the integration with broader people strategy.

Module 12. Your 10-week build plan

Week-by-week plan with weekly deliverables. Weeks 1-2: Zero Trust + IAM landscape + Zero Trust reference architecture. Weeks 3-4: IAM modernisation framework + Privileged Access Management. Weeks 5-6: MFA and phishing-resistant authentication + sector overlays. Weeks 7-8: compliance integration framework + engagement economics framework. Weeks 9-10: customer engagement model + practice positioning + talent and operating model. Deliverable: Zero Trust + IAM engagement practice.

How this addresses your situation

Specific modules that map to what you said you are dealing with.

Module 1 covers the landscape.

Module 2 produces the Zero Trust reference architecture.

Modules 3 to 5 cover IAM modernisation, PAM, and phishing-resistant MFA.

Module 6 covers sector overlays.

Module 7 covers compliance integration.

Module 8 covers engagement economics.

Module 9 covers customer engagement.

Module 10 covers practice positioning.

Module 11 covers talent and operating model.

Module 12 covers the 10-week build plan.

What you get with this course

The 12-module course delivered as text plus downloadable templates.
Templates and worked examples for Zero Trust reference architecture, IAM modernisation framework, PAM framework, MFA and phishing-resistant authentication framework, sector overlays, compliance integration framework, engagement economics framework, customer engagement model, practice positioning, talent and operating model.
A hand-built implementation playbook generated for your specific practice and customer mix.
Three worked examples of Zero Trust + IAM engagement practices at peer independent practices.
Scripted talking points for the customer CISO engagement.

What you will have in hand by Day 1, Week 1, Month 1

Day 1: Zero Trust reference architecture scaffold drafted.

Week 4: IAM modernisation + PAM designed.

Week 8: Phishing-resistant MFA + sector overlays + compliance integration operational.

Week 10: Practice in operation.

Before and after

Before

Your independent practice loses Zero Trust + IAM engagements to Big4 cyber practices. Reference architecture is reactive. IAM modernisation is patchy. Sector overlays are thin. Senior customer work goes to peers.

After

A Zero Trust + IAM engagement practice is in place. Zero Trust reference architecture, IAM modernisation framework, PAM framework, MFA and phishing-resistant authentication framework, sector overlays, compliance integration framework, engagement economics framework, customer engagement model, practice positioning, talent and operating model are all designed.

What happens if you do not address this

Independent consultants without the practice lose engagements to Big4 cyber. CISA ZTMM 2.0 and DoD Zero Trust Reference Architecture v2 set the federal baseline.

Who it is for

For independent cyber consultants, principals at boutique cyber consultancies, senior consultants at mid-tier security firms, and fractional CISOs.

Who this is NOT for. Pure SOC analysts without consulting scope. Consultants at firms with no Zero Trust or IAM business. Pure compliance consultants without architecture scope.

How it arrives

Text-based course via LMS, plus downloadable templates and worked examples and the hand-built implementation playbook.

Time investment. Roughly 18 hours of reading and 60 to 120 hours of consultant effort across the 10-week build.

Why $199 is the right number

External Zero Trust + IAM consultants (Big4 cyber practices, specialist firms like Optiv, GuidePoint Security, Trace3, Mandiant, Coalfire, NCC Group, Bishop Fox) charge $200K-$1M for Zero Trust programmes. IAM-modernisation programmes run $200K-$2M. $199 buys the focused playbook plus the implementation document for your specific practice.

FAQ

Will this replace hiring a Zero Trust specialist?

Partially. It teaches the engagement practice. You may still want specialist input for complex multi-IDP federation.

What if my customers are primarily federal (FedRAMP-anchored)?

Modules 2 and 6 cover federal-anchored patterns.

Does this cover CIAM (customer IAM) specifically?

Module 3 covers CIAM patterns.

What about Microsoft-Entra-anchored customers?

Module 3 covers Microsoft-Entra-anchored patterns.

What is in the implementation playbook for me specifically?

Zero Trust reference architecture tailored to your typical customer; IAM modernisation framework matched to your customer mix; a 10-week build plan.

30-day money-back guarantee. If after a week of working through the materials this is not what you needed, reply to the receipt email and a full refund is processed. No questions, no forms.

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.