IT Security Consulting · Operations · Governance · AI · EMEA

Ancient foundations.
Modern security.

IT security, operations and governance for small and mid-size companies across Europe. Structured methodology. Senior expertise. Accountable delivery.

0Years hands-on enterprise IT & security delivery

0Annex A controls across ISO 27001 engagements

0Retainer tiers — from €950/mo

0Months typical client tenure

What We Do

Three pillars. One consultancy.

Named after Trimontium — the Roman name for Plovdiv, "Three Hills." Every service maps to one of three pillars.

I

Security

Endpoint protection, email security, threat detection, NIS2 and ISO 27001 compliance. The citadel.

Learn more →

II

Operations & Infrastructure

Identity, device management, Azure infrastructure, Active Directory, cloud migration. The engine room.

Learn more →

III

Governance & AI

M365 governance, AI policy, ISO 27001 ISMS, IT operations frameworks, board reporting. The framework.

Learn more →

01 — Scoping

Discovery call

30 minutes. We understand your situation and tell you honestly whether we can help and what it would involve.

02 — Proposal

Fixed-price scope

A one-page proposal — exact deliverables, timeline, and fee — agreed and signed before any work begins.

03 — Delivery

Senior-led execution

The engagement lead is your direct contact. Structured milestone updates. No handoffs or junior relay.

04 — Handover

Documented & yours

All deliverables are editable, client-owned, and designed to operate without us after handover.

At a Glance

Retainers & Projects.

Security WatchRetainer

€950/mo→

IT Co-PilotRetainer

€1,900/mo→

Fractional IT LeadRetainer

€3,500/mo→

Enterprise GuardianRetainer

€5,000/mo→

IT Health CheckEntry

€1,800 fixed→

IT Security AuditProject

from €9,000→

NIS2 AssessmentProject

from €9,000→

AI Governance FrameworkProject

from €9,000→

Plans & PricingCompare

→

View all 11 projectsProjects

→

Industries

Companies like yours.

Small and mid-size companies facing IT compliance pressure, growth without governance, or a security incident they were not prepared for.

SaaS & Tech

Professional Services

Manufacturing

Healthcare & MedTech

Fintech & Regulated

Ready to talk? No sales pitch. No obligation.

Our Story

Founded in Plovdiv.
Trusted across Europe.

A specialist IT consultancy named after Trimontium — the Roman name for Plovdiv. Named for three hills; structured around three pillars of expertise. Built to last.

Who We Are

Senior expertise.
Direct accountability.

Trimontia takes its name from Trimontium — the Roman name for Plovdiv, meaning "Three Hills." Our name reflects our structure: three pillars of expertise, one unified consultancy, built on foundations that hold.

We are an IT security, operations and governance consultancy based in Plovdiv, Bulgaria, working with companies under 100 employees across the EMEA region. We combine deep technical expertise with structured consulting methodology — delivering the kind of work that enterprise firms charge enterprise prices for, at a price point that growing companies can actually justify.

Every engagement is led by a senior consultant from day one. Structured deliverables. Clear scope. Documented outcomes. No ambiguity about what you receive and when.

"Three hills built Plovdiv over 8,000 years — one stone at a time. Deep foundations outlast everything built on sand. We build the same way: structured, documented, defensible — so what we deliver holds up long after the engagement ends."

Our Approach

How we work.

Fixed scope, written before we start

Every engagement begins with a signed Statement of Work. Deliverables, timeline, and fee agreed in writing. No scope creep billed without a prior change request.

Everything documented and yours

Every deliverable is editable, client-owned, and designed so your team can operate independently after handover — without depending on us to stay involved.

Data protection before access

A DPA is signed before any system access is granted. Access is scoped, MFA-protected, logged, and revoked at engagement completion.

The Three Hills

Three pillars. One consultancy.

Every service we deliver maps to one of three pillars. Every retainer spans all three.

I

Security

The citadel. The oldest hill. The first line of defence.

CrowdStrike Falcon EDR — policy, triage, remediation

Microsoft Defender Suite — Endpoint, Identity, Office 365

Email security — SPF/DKIM/DMARC, anti-phishing

NIS2 readiness — gap analysis, risk register, roadmap

IT Security Audits — endpoint, identity, access, cloud

WiFi site surveys (EMEA) — Ekahau Sidekick

II

Operations & Infrastructure

The engine room. Where things get built and maintained.

Microsoft Entra ID — identity lifecycle, conditional access

Microsoft Intune / MDM — enrolment, compliance, Autopilot

Active Directory DS — GPO design, hybrid identity, tiering

Azure Virtual Machines — deployment, backup, Site Recovery

Azure Networking — VNet, Firewall, App Gateway, Bastion

Patch management, onboarding/offboarding SOPs

III

Governance & AI

The framework that makes everything else defensible.

M365 & Copilot governance — DLP, lifecycle, admin controls

AI Governance Frameworks — EU AI Act mapping

ISO 27001 — full ISMS build, internal audit, cert prep

NIS2 / ISO 9001 alignment and audit preparation

IT operations frameworks — escalation maps, RACI, SOPs

Monthly board-ready leadership & security summaries

The Basics

Three things worth knowing.

Based in Plovdiv, Bulgaria

Registered as a Bulgarian LTD — a full EU legal entity. VAT-compliant invoicing in EUR. All services delivered remotely. On-site across EMEA where needed.

Senior consultants, not an agency

Every engagement is led by a senior consultant from scope through delivery. No account manager layers. No hand-off to juniors. Direct access to the expertise you hired at every stage.

Guaranteed response SLA

A substantive reply — not an acknowledgement. SLAs range from 3 business days (Security Watch) to same business day (Enterprise Guardian). Published, contractual, and honoured. Mon–Fri CET.

Who We Help

Companies that need this.

We work with small and mid-size companies across EMEA — typically 20 to 100 people — that face real IT security, compliance, and governance pressure but don't have the internal capacity to address it.

The Problem

Your IT is held together
by whoever has time.

No risk register. No incident response plan. No internal lead who owns it — and no board-ready answer when someone asks.

The NIS2 or ISO 27001 deadline is not abstract. It is already affecting your deals.

Here is where we come in.

We bring a decade of production IT security and infrastructure experience to companies that need it most. No agency overhead. No account manager layer. No enterprise price tag.

01

NIS2 & ISO 27001 deadlines

Enforcement is active. Clients and auditors are asking for documented compliance. Most companies have nothing to show.

02

No internal IT or security lead

No one owns it. No risk register. No incident response plan. Just the hope that nothing goes wrong.

03

Rapid growth, no governance

New people, new tools, new clients — with no identity governance, no device management, no baseline keeping pace.

04

A breach or phishing incident

Something happened. Now: what do we actually have in place, and who is responsible for fixing it?

Industries

Companies like yours.

Five sectors where we most commonly work — each with their own compliance pressures and timelines.

Primary markets we serve:

🇳🇱 Netherlands 🇩🇪 Germany 🇸🇪 Sweden 🇮🇪 Ireland 🇬🇧 United Kingdom 🇩🇰 Denmark 🇧🇪 Belgium 🇫🇮 Finland

SaaS & Tech

Security questionnaires, ISO 27001, investor due diligence. Security is now a sales blocker.

Talk to us →

Professional Services

Law firms, accounting, consulting — sensitive client data under GDPR and NIS2.

Talk to us →

Manufacturing

Supply chain audits, OT/IT boundary controls, NIS2 obligations for critical sector suppliers.

Talk to us →

Healthcare & MedTech

Strict data handling, device security requirements, sector-specific compliance.

Talk to us →

Fintech & Regulated

DORA, PCI-DSS adjacent, regulated client requirements before onboarding.

Talk to us →

What We Do

Three pillars. One firm.

IT security, operations, and governance — structured as a consultancy, not an agency. Every engagement is senior-led, fixed in scope, and documented for you to own.

I

Security

The citadel. Identifying and closing exposure before it becomes an incident.

IT Security Audit

Endpoint, identity, cloud, email — prioritised findings with a remediation roadmap.

NIS2 Readiness

Gap analysis, risk register, and board-ready documentation against the EU directive.

Endpoint & Threat Protection

EDR and email security properly deployed and tuned — CrowdStrike, Defender, Proofpoint.

Security Watch Retainer

Monthly posture report, patch compliance summary, endpoint health overview.

II

Operations & Infrastructure

The engine room. Identity, devices, cloud, and directory — built to be maintained independently.

Device Management

Every company device enrolled, compliant, and centrally managed via Microsoft Intune.

Identity & Directory

Active Directory and hybrid identity assessed, redesigned, and hardened.

Cloud Infrastructure Setup

Azure VMs, networking, backup, and disaster recovery — designed, built, and documented.

IT Operations Framework

Complete IT ops documentation — escalation flows, incident procedures, onboarding SOPs.

III

Governance & AI

The framework. Making everything defensible — documented, auditable, board-ready.

Cloud Governance & AI Policy

DLP, access controls, Copilot governance, and EU AI Act-aligned acceptable use policy.

AI Governance Framework

Risk classification, data handling rules, approved tools register, EU AI Act alignment.

ISO 27001 ISMS Build

Complete information security management system — gap analysis through certification prep.

Fractional IT Lead Retainer

Board-ready monthly leadership summary, vendor review, IT ops framework maintenance.

One-Time Projects

Fixed scope. Defined deliverables.

No retainer required. Fixed-price, fixed-scope. Agreed in writing before work begins. 40% of project clients move to a retainer within 30 days.

Preparing for ISO 27001 certification?

We deliver the complete ISMS build — gap analysis against all 93 Annex A controls, full risk register, 12+ policy documents, Statement of Applicability, internal audit, and Stage 2 prep.

Not sure where to start?

Our IT Health Check is a fixed-price, 5-day remote assessment — a structured snapshot of your current security posture, top 5 priorities, and a clear recommended next step. No commitment beyond the engagement. Converts to a full project or retainer in over 60% of cases.

Bundle · Best Value

Security Audit + NIS2 Bundle

Two board-ready reports from one engagement. The most common entry point for companies facing investor scrutiny and compliance pressure simultaneously.

€12,000–22,0006–9 weeks · Remote

Security

IT Security Audit

Structured review — endpoints, identity, access, cloud — with a prioritised remediation plan your team can act on.

€7,500–14,0003–4 weeks

Compliance

NIS2 Readiness Assessment

Gap analysis, risk register, remediation roadmap, and board-ready documentation in plain language.

€7,500–14,0003–5 weeks

Security

Endpoint & Threat Protection

EDR and email security properly deployed and tuned. Tool-agnostic — we work with your existing stack or recommend the right fit.

€3,500–7,5002–3 weeks

Operations

Device Management

Every company device enrolled, compliant, and centrally managed — with full handover documentation your team can operate independently.

€4,500–10,0002–4 weeks

Governance

Cloud Governance & AI Policy

Governance framework for your cloud environment and AI tools — DLP, access controls, and EU AI Act-aligned acceptable use policy.

€6,500–12,0002–5 weeks

Infrastructure

Identity & Directory Modernisation

Active Directory and hybrid identity assessed, redesigned, and hardened — with full architecture documentation included.

€5,500–11,0003–5 weeks

Infrastructure

Cloud Infrastructure Setup

Cloud infrastructure designed, deployed, and documented — VMs, storage, backup, disaster recovery, and networking with an operations runbook.

€7,000–14,0003–6 weeks

Operations

IT Operations Framework

IT operations documented from scratch — escalation flows, incident procedures, SOPs, and leadership reporting. Everything editable.

€11,000–24,0006–10 weeks

AI Governance

AI Governance Framework

Standalone AI governance — risk classification, data handling rules, approved tools register, and EU AI Act alignment.

€9,000–22,0005–8 weeks

On-Site · By Request

WiFi Site Survey — EMEA

Professional wireless assessment using Ekahau Sidekick — coverage heatmaps, interference analysis, full action plan. Available across EMEA. Quote on request based on site size and location.

Quote on request1–3 days on-site

Client Outcomes

What clients actually achieve.

Specific outcomes tied to specific project types. Every figure is real.

18 weeks

ISO 27001 Certified

A 20-person SaaS startup with no prior ISMS documentation. Gap analysis to Stage 2 certification in under five months — on time, no major non-conformities at the certification audit.

20-person SaaS startup · Netherlands · Q4 2024

34% → 71%

Microsoft Secure Score

A 45-person company on Microsoft 365 Business Premium. Conditional Access, Defender configuration, DLP, DKIM and DMARC implemented across a four-week engagement. Documented before and after.

45-person company · EMEA · Q1 2025

6 weeks

NIS2 Gap Closed

A professional services firm with active regulatory pressure and an enterprise client requiring evidence of NIS2 compliance. Full risk register, policy library, and board-ready assessment delivered.

Professional services firm · EU · Q2 2025

sub-40 min

New hire IT onboarding

IT Ops Framework implementation for a 55-person company that previously had no documented onboarding process. New hire laptop-to-productive time reduced from half a day to under 40 minutes with zero IT involvement required.

55-person company · Belgium · Q3 2024

Outcomes reflect the environments and starting conditions of each engagement. Individual results vary based on your infrastructure complexity, team availability, and the current maturity of your IT setup. We provide a realistic assessment of expected outcomes before any engagement begins — never a guarantee we cannot keep.

Scope & Approach

What we do —
and how we do it.

We are an IT consulting firm. Not a helpdesk, not a managed service provider, not a software reseller. Clear scope means better outcomes for both sides.

✓ What Trimontia does

IT security audits — endpoint, identity, access, cloud, email

NIS2 readiness — gap analysis, risk register, remediation roadmap

ISO 27001 — complete ISMS build, internal audit, certification preparation

Microsoft 365 and Copilot governance — DLP, lifecycle, admin controls

Azure infrastructure — virtual machines, networking, backup, migration

Active Directory — on-premises and hybrid, GPO design, security tiering

Microsoft Defender Suite — full deployment, tuning, and monitoring

Monthly oversight retainers — structured reports, async advisory

AI governance frameworks — EU AI Act mapping, acceptable use policy

WiFi site surveys — professional RF assessment, EMEA on-site

Outside our standard scope

L1 IT support and helpdesk. Password resets, printer issues, and service desk tickets are not what we do. Trimontia provides IT governance and consulting — not reactive frontline support. We can refer you to a complementary MSP partner who operates that layer.

Operations centre and 24/7 monitoring. We are not a Security Operations Centre or managed service provider. We do not staff continuous monitoring infrastructure. Incident response advisory is available under retainer during business hours.

Legal interpretation of compliance obligations. We identify gaps and document controls — specific legal obligations under GDPR, NIS2, or sector regulation require qualified legal counsel. We work alongside lawyers, not in place of them.

Certification body audit. ISO 27001 and NIS2 certificates are issued by independent certification bodies. We prepare you — the audit is conducted by the body you engage directly.

Software and licence procurement. We are tool-agnostic and earn no commissions on tools we recommend. Procurement happens directly between you and the vendor.

+Available on request — subject to separate scoping and pricing: Penetration testing and red team exercises · Phishing simulations · Out-of-hours emergency advisory · Extended SLA windows · Security awareness training · Software procurement coordination. Contact us to discuss scope and fee.

Not sure if your situation fits? Send a short description to contact@trimontia.io and we will tell you honestly whether we are the right fit — or point you toward someone who is.

What We Work With

The tools. Used daily, not just listed.

Every service Trimontia delivers is backed by hands-on production experience — grouped by what it does.

Cybersecurity

Identity & Devices

Cloud Infrastructure

Azure Networking

WiFi & On-Site

CrowdStrike FalconEDR — endpoint detection, policy tuning, alert triage, remediation tracking
Microsoft Defender SuiteEndpoint, Identity, Office 365, Cloud Apps — unified threat platform
Microsoft SentinelSIEM — log aggregation, threat detection, incident correlation
Proofpoint · MimecastEmail security gateway — filtering, sandboxing, threat intelligence
Email AuthenticationSPF, DKIM, DMARC — anti-spoofing and deliverability hardening
Zero TrustArchitecture framework — never trust, always verify, least privilege
NIS2 · ISO 27001Compliance frameworks — gap analysis, risk register, certification prep

Microsoft Entra IDCloud identity — user lifecycle, SSO, external access, Privileged Identity Management
Conditional AccessPolicy engine — enforce MFA, device compliance, location and risk-based rules
Microsoft IntuneMDM/MAM — device enrolment, compliance policies, app deployment, Autopilot
Active Directory DSOn-premises directory — OU design, GPO hardening, security tiering, LAPS
Entra Connect · Cloud SyncHybrid identity — sync on-prem AD to cloud, password hash, SSPR
MFA & PasswordlessAuthentication hardening — Authenticator app, FIDO2, phishing-resistant MFA
ManageEngine Endpoint CentralEndpoint management — patching, software deployment, remote control

Azure Virtual MachinesIaaS compute — sizing, deployment, image management, OS hardening, availability sets
Azure BackupData protection — VM backups, retention policies, restore testing and documentation
Azure Site RecoveryDisaster recovery — VM replication, failover testing, DR runbooks
Azure MigrateMigration platform — on-premises to cloud assessment, planning, and execution
Azure Update ManagerPatch management — scheduled patching, compliance reporting across VM fleet
Microsoft PurviewData governance — sensitivity labels, DLP policies, compliance centre

Azure VNet · NSGsNetwork foundation — address spaces, subnet structure, traffic rules, route tables
VPN Gateway · ExpressRouteHybrid connectivity — site-to-site, point-to-site, private circuits
Azure Firewall · App GatewayPerimeter security — L4/L7 filtering, WAF, DDoS protection, TLS termination
Azure Bastion · Private LinkSecure access — browser-based RDP/SSH, private service endpoints, zero public IP
Azure DNS · Front DoorName resolution and global routing — private DNS zones, CDN, global load balancing
Zero Trust SegmentationNetwork micro-segmentation strategy — least-access networking across hybrid environments

Ekahau SidekickRF survey hardware — passive and active site surveys, professional-grade measurement
Coverage HeatmapsSignal strength and data rate maps per floor, per band (2.4GHz / 5GHz / 6GHz)
AP Placement PlanningOptimal access point positioning before hardware is installed — prevents costly rework
Interference AnalysisIdentify RF interference sources, channel congestion, and neighbouring network impact
Post-Deployment ValidationVerify installed network performs to design spec — active throughput and roaming testing

Common Questions

Before you get in touch.

Twelve questions we hear most often — answered plainly. If yours is not here, send it to contact@trimontia.io.

Getting started

How do we get started? What does the first step look like?

Send a short message via the contact form or directly to contact@trimontia.io. Describe your situation in a few sentences — what you are dealing with, what your company does, and roughly how many people you have. That is enough.

We will reply within two business days with one of three things: a direct proposal if your situation is clear, a short list of follow-up questions, or an honest note if we are not the right fit and who might be.

If there is likely a match, we schedule a 30-minute discovery call — no pitch, no deck, no obligation. We understand your situation and you understand whether we can help. From there, we produce a one-page proposal with fixed scope, fixed fee, and a start date. Nothing starts until the proposal is signed.

Not sure where to start — we just know something needs fixing?

The IT Health Check exists precisely for this situation. It is a fixed-price, 5-day remote assessment — €1,500 — that gives you a structured picture of where your security and compliance posture actually stands, the top 5 priorities you should address, and a clear recommended next step.

It is not a sales tool. If the answer is that your environment is in reasonable shape and you do not need anything urgently, we will tell you that. Around 60% of Health Check clients move to a follow-on project or retainer — because once you can see the gaps clearly, the decision is usually obvious.

Services & scope

What exactly is included in a monthly retainer?

Every retainer begins with a baseline assessment of your environment delivered within 7 days of signing — so you start with a documented picture, not a blank page.

Security Watch (€950/mo): Monthly security posture report delivered by the 5th of each month, patch compliance summary, endpoint health overview, and two async advisory sessions per month.

IT Co-Pilot (€1,900/mo): Everything above, plus Microsoft 365 and Copilot governance oversight, Microsoft Defender Suite monitoring, NIS2 compliance gap tracking, Entra ID oversight, one policy document per quarter, and a quarterly IT roadmap call.

Fractional IT Lead (€3,500/mo): Everything above, plus Azure infrastructure advisory, on-premises and hybrid Active Directory oversight, monthly board-ready leadership summary, ISO 9001/NIS2 audit preparation support, IT operations framework maintenance, and vendor rationalisation advice.

Enterprise Guardian (€5,000/mo): Everything above, plus multi-tenant M365 governance, full Azure networking oversight, continuous NIS2/ISO audit readiness, same-business-day response SLA, quarterly executive security briefing, and an annual IT strategy roadmap.

All tiers: monthly rolling contract, 30 days written notice to cancel, no minimum term. Unused advisory hours do not carry over. Overage at €150/hr (business hours).

Do you provide IT helpdesk or day-to-day IT support?

No. Trimontia provides IT governance, security consulting, and infrastructure advisory — not frontline support. We do not handle password resets, printer issues, application errors, or Level 1 service desk requests.

If you need both governance consulting and a helpdesk, the most effective model is to run both in parallel: a dedicated MSP for reactive support, and Trimontia for the strategic and compliance layer above it. We are happy to advise on what to look for in an MSP partner if needed.

We have NIS2 obligations. Can you help, and how long does it take?

Yes, NIS2 readiness is one of our core services.

The NIS2 Readiness Assessment (€6,500–12,000, 3–5 weeks) delivers: a gap analysis against all applicable NIS2 requirements with a RAG rating (Red / Amber / Green) per control, a formal risk register, a risk treatment plan with named owners and deadlines, a prioritised remediation roadmap, and a board-ready executive report suitable for leadership presentation or regulatory dialogue.

If you also need an IT Security Audit at the same time — which most companies do — the Security + NIS2 Bundle (€10,000–18,000) combines both into one engagement. The same discovery work powers both deliverables, saving time and reducing the disruption to your team.

On timelines: most companies doing this for the first time are at least partially non-compliant. We set realistic expectations at the scoping stage — compliance remediation typically takes 3–12 months depending on where you start. The assessment tells you exactly where you stand; the roadmap tells you what to prioritise.

Can you take us through ISO 27001 certification?

Yes. We deliver the complete ISO 27001:2022 ISMS build — gap analysis against all 93 Annex A controls, risk assessment and treatment plan, full policy library (12+ documents), Statement of Applicability, technical controls implementation guidance, internal audit, and management review preparation ahead of Stage 2.

The certification body (Kiwa, Bureau Veritas, BSI, TÜV, or your preferred body) is engaged and paid directly by you — we help you choose the right one for your context and prepare you thoroughly for Stage 1 and Stage 2 audits.

Realistic timeline from engagement start to certification: 14–22 weeks for a company with some existing controls in place; longer if starting from scratch. We will give you an honest estimate after the initial gap analysis — never a guarantee we cannot keep.

What system access do you need and how is it managed?

A signed Data Processing Agreement (DPA) is required before any system access is granted. This is non-negotiable and not a formality — it governs exactly what data we access, why, and what happens to it.

For monitoring and reporting (retainer): Read-only access to your admin portals — typically Global Reader role in Microsoft 365 and equivalent read-only roles in Azure and other platforms. No write access, no configuration changes under this level.

For implementation work (projects): Temporary, scoped delegated access to the specific workloads involved — for example, Intune administrator during a device management project. This access is: granted for the duration of the task only, protected by multi-factor authentication, logged, and revoked in writing when the task is complete.

We never retain persistent broad administrative access beyond what is needed for the current engagement. Client admins retain full control and can revoke access at any moment.

Pricing & commercial

How does the cost compare to hiring someone in-house?

A senior IT security or governance specialist in the Netherlands, Germany, or UK typically costs €70,000–110,000 per year in salary — before employer contributions, benefits, equipment, onboarding time, and management overhead. Total employment cost is usually 1.3–1.5× the gross salary figure.

Trimontia's IT Co-Pilot retainer (€1,900/mo) runs €22,800 per year. Fractional IT Lead (€3,500/mo) runs €42,000 per year. Either is a fraction of a comparable in-house hire, with no headcount commitment, no notice period beyond 30 days, and no risk of the person leaving mid-project.

The other difference: a single in-house hire covers one person's knowledge. Trimontia brings a breadth of specialisms — security, cloud infrastructure, compliance, identity, AI governance — that no single hire realistically covers.

Annual prepay option: pay 12 months upfront and receive 10% off the total. For IT Co-Pilot, that means €20,520 instead of €22,800 — saving €2,280.

How much time will this require from our team?

Less than you would expect. The entire model is built around minimising the time burden on your team.

For a retainer: Typically 30–60 minutes per month for your point of contact — reviewing the monthly report, answering our questions asynchronously, and a brief call each quarter. The work happens on our side; you review and decide.

For a project: The main requirement is a 60–90 minute kick-off call to understand your environment, access to the relevant systems, and availability for a final delivery call. For a security audit, for example, we work from the admin consoles — we do not need to interview every staff member or run sessions that pull your team away from their work.

We will always tell you upfront what we need from you and when. Surprises in both directions — unexpected time demands, or deliverables that arrive without any context from your team — are avoidable with clear upfront scoping, which is why every engagement starts with a signed SoW.

Practicalities

Who will be doing the actual work?

Every engagement is led by a senior IT consultant from scoping through delivery. You will have a named engagement lead who is responsible for all deliverables and who you contact directly — not a rotating team, not a junior analyst who escalates to a senior for sign-off.

Trimontia operates as a specialist consultancy. The people doing your work have production-level, hands-on experience with the specific tools and environments your engagement involves. If a particular engagement requires a specialist outside our core capability, we will tell you that at the scoping stage rather than proceeding and delivering substandard work.

What happens if something goes wrong during an engagement?

There are two scenarios worth being clear about:

If a deliverable is not what was agreed: We fix it at no extra cost. Every engagement is governed by a signed SoW that defines deliverables precisely. If what we deliver does not match what was agreed, the SoW is the reference point and we are accountable to it.

If scope changes mid-engagement: Nothing happens without a written change request agreed by both parties first. We will not expand scope without your approval, and we will not charge for work outside the original SoW without that same approval in writing.

In the event of a security incident during an engagement: All access is immediately revoked on request. We carry professional indemnity insurance. A Data Processing Agreement governs what data we accessed and how. Full cooperation with any investigation is provided as standard.

If at any point during an engagement you have a concern — about scope, quality, or approach — we expect you to raise it directly. Problems raised early are solved. Problems that accumulate in silence are not.

You are based in Bulgaria — does that affect anything?

Trimontia is registered in Bulgaria as a private limited company (LTD) — a full EU legal entity. Invoicing is in EUR with valid EU VAT documentation. All engagements are governed by Bulgarian law, which is EU law.

All services are delivered remotely and asynchronously. Time zone: Eastern European Time (EET, UTC+2 / UTC+3 summer). Business hours overlap comfortably with Western and Northern Europe across the entire working day.

For on-site engagements (WiFi surveys, specific infrastructure work), we travel to the client site. Travel and accommodation are billed at cost with zero markup.

On pricing: being based in Bulgaria is why our rates are structured the way they are — lower operational costs than a Western European firm, passed directly to clients. The methodology, deliverables, and depth of expertise are identical to what a London or Amsterdam boutique firm would deliver at 2–3× the price.

Where can I read your full terms and privacy policy?

Both are published in full on this site:

The Terms cover: scope of services, fees and invoicing, IP ownership, confidentiality, system access, liability limitations, governing law, and contact.

The Privacy Policy covers: what data we collect and why, retention periods, who we share data with, DPA obligations, your GDPR rights (access, rectification, erasure, portability, restriction, objection), and how to complain.

Get a Proposal

Get in Touch

Tell us what's happening.
We'll tell you what we'd do.

No pitch, no deck, no obligation. A short description of your situation is enough to get a meaningful first response from our team within 2 business days.

Direct Contact

Start the conversation.

If none of the packages are quite right, or you are not sure where to start — describe your situation and we will tell you honestly what we would do about it.

Emailcontact@trimontia.io

ResponseWithin 2 business days (Tier 2+: faster)

RegionEMEA · Remote delivery

Mention Security Checklist in your message and we'll include a free 15-point IT hygiene checklist with our reply.

✓

Message received.

Thank you for getting in touch. You'll hear from us personally within 24 hours.

Full Name *

Work Email *

Company & Size

I'm interested in

What's the situation? *

We reply personally within 24 hours. Your data is never shared or sold.

Plans & Pricing

Straightforward pricing. No surprises.

Monthly retainers with structured deliverables. Fixed-price projects. Every engagement starts with a signed scope. All prices in EUR, invoiced monthly in advance.

Monthly Retainers

Choose your coverage level.

Monthly rolling contracts. Cancel with 30 days written notice. All tiers include an onboarding baseline report within 7 days of signing.

Security Watch

Visibility without the overhead

€950 /month

Response SLA3 business days

Advisory hours~2h/mo

UsersUp to 50

What's included

Monthly security posture report — executive-ready PDF, by the 5th

Patch compliance summary — gaps flagged, priorities ranked

Endpoint health overview (CrowdStrike / Defender / ManageEngine)

2 async Q&A sessions per month — email or Slack

IT hygiene checklist with action priorities

Onboarding baseline report within 7 days of signing

IT Co-Pilot

Ongoing IT ops, handled

€1,900 /month

Response SLA2 business days

Advisory hours~4.5h/mo

UsersUp to 100

What's included

Everything in Security Watch, plus:

M365 & Copilot governance — admin controls, DLP, lifecycle

Microsoft Defender Suite monitoring — endpoint, identity, cloud

1 policy document per quarter — tailored to your environment

NIS2 compliance gap tracking against current obligations

Quarterly IT roadmap call (30 min) — months 3, 6, 9, 12

Save more when you commit more.

Every discount is designed to reward a specific behaviour — longer commitment, faster payment, introductions, or bundling. No discounts are given without a reason, and none are stackable beyond what is stated.

10%

12-Month Commitment

Commit to a 12-month retainer and receive 10% off every monthly invoice. Rate is locked for the full term — no increases during the committed period.

RequirementsSigned 12-month addendum to MSA · Quarterly invoicing · 90-day early-exit notice with 2-month penalty

12%

Full Annual Prepayment

Pay your full 12-month retainer in a single upfront payment and receive 12% off the total — the maximum discount available on any retainer. Rate locked for the year.

Requirements12-month commitment signed · Single payment at contract start · Non-refundable after 30 days of service

3%

Project Full Prepayment

Pay the full project fee upfront instead of the standard 40% on signing / 60% on delivery, and receive 3% off the total project fee.

RequirementsFull fee paid within 5 days of SoW signing · Applies to fixed-price project engagements only · Not combinable with other project discounts

Month 1 free

Project-to-Retainer

Complete a project engagement and sign a retainer within 60 days of final delivery, and receive Month 1 of the retainer free. The faster you decide, the better the offer.

RequirementsIT Health Check → 50% off Month 1 (within 30 days) · Projects €3,500–8,000 → Month 1 free (45 days) · Projects over €8,000 → Month 1 free + Month 2 at 50% (60 days)

€500–€3,800

Client Referral Credit

Introduce a company that signs any engagement, and receive a credit against your next invoice. Credits scale with the size of the introduced engagement.

RequirementsYou must be an active retainer client for 2+ months · Referral must sign and complete first payment · Credit applied within 30 days · Project lead: €500 · Retainer Tier 1–2: 1 month free · Retainer Tier 3–4: 2 months free

2%

Early Invoice Settlement

Pay any invoice within 5 calendar days of the issue date and receive 2% off that invoice. Stackable on top of commitment discounts.

RequirementsPayment confirmed received within 5 calendar days of invoice date · Applies to any invoice — retainer or project · Credited on next invoice or deducted immediately

Not included in any discount

Overage hours (€150/hr) Out-of-hours advisory (€210–240/hr) Travel & accommodation (billed at cost) Third-party costs & licence fees The IT Health Check (€1,800 fixed)

Working Model

Async-first. Reliable SLA.

Fixed reports, fixed deadlines, a published response SLA that is contractually honoured. A substantive reply — not an automated acknowledgement — every business day.

Tier	Monthly Fee	Response SLA	Advisory Hours
Enterprise Guardian	€5,000/mo	Same business day	~10h/mo
Fractional IT Lead	€3,500/mo	Next business day	~7h/mo
IT Co-Pilot	€1,900/mo	2 business days	~4h/mo
Security Watch	€950/mo	3 business days	~1.5h/mo

Response means a substantive reply — not an auto-acknowledgement. SLA runs Mon–Fri CET. Advisory hours are included in the monthly fee; overage at €120/hr (business hours). Out-of-hours emergency advisory available on request for Tier 3–4 at €180/hr.

Pricing

Structured & fair

Bulgarian operations base — EU country. Lower cost structure passed directly to clients, not absorbed as margin.

Response SLA

3BD → Same Day

3 business days at Tier 1, rising to same business day at Tier 4. Contractually defined in every MSA. Mon–Fri CET. Out-of-hours advisory available for Tier 3–4 on request.

Coverage

EMEA

Remote delivery across EMEA. On-site for surveys and implementation. Travel at cost, zero markup.

One-time projects

Need a project, not a retainer?

All project engagements are fixed-price, fixed-scope. Agreed in writing before work begins. 40% of project clients move to a retainer within 60 days.

Legal

Terms & Conditions

Effective 1 June 2026 · Trimontia LTD · Plovdiv, Bulgaria

1. Parties

These Terms govern all services provided by Trimontia LTD, a limited liability company registered in Plovdiv, Bulgaria ("Trimontia", "we", "us") to its clients ("Client", "you").

By signing a Statement of Work or Master Services Agreement referencing these Terms, or by commencing an engagement, the Client agrees to be bound by these Terms.

2. Scope of Services

Trimontia provides IT security consulting, governance advisory, infrastructure consulting, and related professional services as specified in a signed Statement of Work (SoW). Work begins only after a signed SoW is in place. Work outside the agreed SoW requires a written Change Request signed by both parties before it commences.

Trimontia does not provide: Level 1 IT helpdesk; 24/7 security operations centre or continuous monitoring; legal advice; software or hardware procurement; or managed IT services — unless separately and specifically agreed in a signed SoW.

3. Fees, Invoicing & Payment

Retainers: Invoiced monthly in advance on the 1st of each month. Payment due within 14 calendar days. Unused advisory hours do not carry over.

Projects: 40% of the total fee invoiced on contract signing. 60% invoiced on delivery. Payment due within 14 calendar days of each invoice.

Overage: Time in excess of the agreed monthly allocation is billed at €120/hour (standard, business hours) or €180/hour (emergency or out-of-hours, subject to prior written approval). Overage is added to the following month's invoice.

Currency: All fees invoiced in EUR. Wire transfer to the account specified on the invoice.

Late payment: Invoices unpaid after 30 calendar days accrue interest at 0.5% per month on the outstanding balance. Trimontia reserves the right to suspend services for accounts more than 30 days overdue.

4. Retainer Cancellation

Monthly retainer agreements may be cancelled by either party with 30 calendar days' written notice. The Client remains liable for retainer fees accrued during the notice period.

5. Intellectual Property

Upon full payment, all client-specific deliverables become the property of the Client. Trimontia retains ownership of all methodologies, templates, frameworks, and processes used to produce deliverables.

6. Confidentiality

Both parties agree to hold in strict confidence all non-public information disclosed by the other party. This obligation continues for three (3) years after termination of the engagement.

7. System Access

A Data Processing Agreement (DPA) is signed before any system access is granted. All access is scoped to what is strictly necessary, MFA-protected, logged, and revoked immediately upon engagement completion or at the Client's request.

8. Limitation of Liability

Trimontia's total cumulative liability shall not exceed the total fees paid in the three (3) months immediately preceding the event giving rise to the claim.

Trimontia shall not be liable for indirect, consequential, special, or punitive damages.

9. Governing Law

These Terms are subject to the laws of the Republic of Bulgaria. Disputes are submitted first to good-faith mediation, then to the competent courts of Plovdiv, Bulgaria.

10. Contact

Questions regarding these Terms: contact@trimontia.io

Trimontia LTD · Plovdiv, Bulgaria · Effective 1 June 2026

Legal

Privacy Policy

Effective 1 June 2026 · Trimontia LTD · Plovdiv, Bulgaria

1. Who We Are

Data controller: Trimontia LTD, Plovdiv, Bulgaria.

Contact: contact@trimontia.io

This Privacy Policy explains what personal data we collect, why we collect it, how we use it, and your rights under GDPR and applicable Bulgarian data protection law.

2. Data We Collect and Why

Contact enquiries

What: Name, work email, company name, and message content from our contact form.

Why: To respond to your enquiry and deliver requested services.

Legal basis: Legitimate interests (responding to a business enquiry); performance of a contract where services are engaged.

Service delivery

What: Contact person names and emails, contractual information (MSA, SoW, invoices), and any data shared to enable delivery of agreed services.

Legal basis: Performance of a contract.

Website analytics

This website does not use cookies, tracking scripts, or third-party analytics. Contact form submissions are processed via Formspree (formspree.io) — see their privacy policy at formspree.io/legal/privacy-policy.

3. Retention

Enquiry data (no contract): Deleted within 12 months of last contact.

Client data (active engagement): Retained for the duration of the engagement plus 5 years for statutory compliance.

System access credentials: Revoked immediately upon engagement completion.

4. Who We Share Data With

We do not sell or rent personal data. We share data only where strictly necessary with: Formspree Inc. (contact form processor); our accountant (invoicing data for statutory compliance); law enforcement where required by law or court order.

5. Data Processing Agreements

Where Trimontia accesses or processes the Client's personal data, a DPA is signed before any access is granted. The DPA governs categories of data accessed, purpose, security measures, sub-processors, and deletion obligations.

6. Your GDPR Rights

Contact contact@trimontia.io to exercise any right. We respond within 30 calendar days.

Right of access

Request a copy of the personal data we hold about you.

Right to rectification

Ask us to correct inaccurate or incomplete data.

Right to erasure

Ask us to delete data where there is no lawful basis for continued processing.

Right to restrict

Suspend processing while a dispute is resolved.

Right to portability

Receive your data in a structured, machine-readable format.

Right to object

Object to processing based on legitimate interests.

7. Security

We apply MFA on all business accounts, end-to-end encryption where applicable, and minimum necessary access to all data. Data breaches are reported to the CPDP within 72 hours and to affected individuals where required.

8. Complaints

If unhappy with how we handle your data, contact contact@trimontia.io. You may also lodge a complaint with the Bulgarian supervisory authority: CPDP — www.cpdp.bg.

9. Changes to This Policy

Material changes notified to active clients by email at least 14 days before taking effect.

Trimontia LTD · Plovdiv, Bulgaria · Effective 1 June 2026 · contact@trimontia.io

Ancient foundations.Modern security.

Three pillars. One consultancy.

Retainers & Projects.

Companies like yours.

Founded in Plovdiv.Trusted across Europe.

Senior expertise.Direct accountability.

How we work.

Three pillars. One consultancy.

Three things worth knowing.

Companies that need this.

Your IT is held togetherby whoever has time.

Companies like yours.

Three pillars. One firm.

Security

Operations & Infrastructure

Governance & AI

Fixed scope. Defined deliverables.

Security Audit + NIS2 Bundle

IT Security Audit

NIS2 Readiness Assessment

Endpoint & Threat Protection

Device Management

Cloud Governance & AI Policy

Identity & Directory Modernisation

Cloud Infrastructure Setup

IT Operations Framework

AI Governance Framework

WiFi Site Survey — EMEA

What clients actually achieve.

What we do —and how we do it.

The tools. Used daily, not just listed.

Before you get in touch.

Tell us what's happening.We'll tell you what we'd do.

Start the conversation.

Message received.

Straightforward pricing. No surprises.

Choose your coverage level.

Save more when you commit more.

Async-first. Reliable SLA.

Need a project, not a retainer?

Terms & Conditions

1. Parties

2. Scope of Services

3. Fees, Invoicing & Payment

4. Retainer Cancellation

5. Intellectual Property

6. Confidentiality

7. System Access

8. Limitation of Liability

9. Governing Law

10. Contact

Privacy Policy

1. Who We Are

2. Data We Collect and Why

3. Retention

4. Who We Share Data With

5. Data Processing Agreements

6. Your GDPR Rights

7. Security

8. Complaints

9. Changes to This Policy

Ancient foundations.
Modern security.

Founded in Plovdiv.
Trusted across Europe.

Senior expertise.
Direct accountability.

Your IT is held together
by whoever has time.

What we do —
and how we do it.

Tell us what's happening.
We'll tell you what we'd do.