About
LemurSec

About Us

Lemur Security (LemurSec) is a boutique, high-trust consultancy founded in 2025.

We bridge governance and deep technical assurance to help organizations meet desired security maturity goals. We translate risk into business language, aligned with your controls, compliance and testing efforts, to achieve measurable business outcomes.

Pragmatic & Measurable Results | Tailored GRC Advisory | Senior-Only Delivery

Startups & Nonprofits

Right-sized GRC that scales with mission, funding, and customer expectations.


SaaS / Tech Scaleups

Pen tests and code/network reviews aligned to agile release cycles and enterprise sales.


Enterprises

Board-ready insights and technical validation that connect risk to business outcomes.

CapabilityService Delivery
Risk & GovernanceAssessments, program development, audit/readiness
NIST CSF, SOC 2, COBIT, OpenFAIR
Technical AssuranceApplication & API security testing, source-code review,
external network assessments, cloud posture
OT/ICS SecurityFramework-aligned discovery and pragmatic control hardening
Purdue Model, NIST CSF, COBIT
EnablementBoard/exec briefings, KPIs/KRIs,
roadmaps tying security spend to business value

Leadership Team

Rachel Schutt-Hinsch

CRISC • OpenFAIR • SEPP • COBIT

Co-Founder

Rachel advises boards and executive teams on risk, governance, and business alignment. She brings a decision-ready lens to security—translating complex risk into clear trade-offs, roadmaps, and KPIs/KRIs that accelerate maturity without derailing delivery.

  • Risk quantification (OpenFAIR), audit/readiness, policy/evidence programs
  • Executive communication, board reporting, control optimization
  • Sector experience: tech, finance, insurance, logistics, manufacturing
LinkedIn

Nicholas Hinsch

OSCP • CCSK

Co-Founder

Nicholas leads technical assurance across application, network, and cloud, bringing an operator’s eye to threat modeling, testing, and remediation. He connects engineering realities with governance requirements to deliver secure velocity—especially in multi-cloud and OT/ICS environments.

  • Application & API testing, source-code review, external network assessments
  • Cloud security (CCSK) and practical OT/ICS segmentation & exposure reduction
  • Enablement: developer coaching, DevSecOps workflows, evidence-at-source
LinkedIn
Schedule a 20-minute Intro

Prefer email? contact@lemursec.com

© Lemur Security LLC. All rights reserved.

Based on Chirpy for Jekyll.