IT Security · Operations · Governance · Plovdiv, Bulgaria · EMEA

Ancient foundations.
Modern security.

Enterprise-grade IT security, operations and governance for European companies under 100 employees. Structured methodology. Senior expertise. Accountable delivery.

Explore Services Get in Touch
0Years enterprise IT experience
0ISO 27001 controls we assess
8–48hResponse SLA by retainer tier
<100Target company size, employees
Why Trimontia

Enterprise IT expertise —
at a price that makes sense.

Growing companies under 100 employees carry the same IT security and compliance obligations as large enterprises — but have never had access to the same quality of expertise. Enterprise consultancies price them out. Freelancers lack methodology. MSPs focus on reactive support, not strategic oversight.

Trimontia fills that gap. We are IT security, operations and governance specialists with a decade of hands-on enterprise experience in the exact tools your company runs — Microsoft 365, Azure, Entra ID, Intune, Defender, CrowdStrike — delivering structured, documented, senior-level work at a price sub-100 companies can justify.

One point of contact. No handoffs. No junior analysts reviewing senior work. Every deliverable comes directly from the specialist who scoped and built it.

"Three hills built Plovdiv over 8,000 years — one stone at a time. Deep foundations outlast everything built on sand."
⚖️
NIS2 compliance exposure
Deadlines passed October 2024. Enforcement is active. Most EU SMBs remain non-compliant with no documented risk register.
🔓
Unknown security posture
No endpoint governance, no audit trail, no answer when investors or enterprise clients ask about security.
🤖
AI deployed without governance
Copilot and generative AI tools across the team with no usage policy, no data controls, no EU AI Act mapping.
💶
Unaffordable alternatives
Big4 firms start at €15,000+. MSPs are reactive. No structured mid-market option has ever existed for this segment — until now.
The Three Hills

Three pillars. One consultancy.

Named after Trimontium — the Roman name for Plovdiv, meaning "Three Hills." Every service we deliver maps to one of three pillars. Every retainer spans all three.

I
Security
The citadel. The first line of defence.
CrowdStrike Falcon EDR — policy, triage, remediation
Microsoft Defender Suite — Endpoint, Identity, Office 365, Cloud Apps
Email security — SPF/DKIM/DMARC, anti-phishing, Safe Links
NIS2 readiness — gap analysis, risk register, roadmap
IT Security Audits — endpoint, identity, access, cloud
WiFi site surveys (EMEA) — Ekahau Sidekick
II
Operations & Infrastructure
The engine room. Where things get built.
Azure Entra ID — identity lifecycle, conditional access, MFA
Microsoft Intune / MDM — enrolment, compliance, Autopilot
On-premises & hybrid Active Directory — AD DS, GPO, security tiering
Azure Virtual Machines — deployment, backup, Site Recovery, migration
Azure Networking — VNet, VPN Gateway, Firewall, App Gateway, Bastion, Private Link
Patch management, onboarding/offboarding SOPs
III
Governance & AI
Where structure, policy and control converge.
M365 & Copilot governance — admin controls, DLP, lifecycle
AI Governance Frameworks — EU AI Act mapping, risk classification
ISO 27001 — full ISMS build, internal audit, certification preparation
NIS2 / ISO 9001 alignment and audit preparation
IT operations frameworks — escalation maps, RACI, SOPs
Monthly board-ready leadership & security summaries
Monthly Retainers

Four tiers. Cancel anytime.

Monthly rolling contracts. Async-first delivery. Structured outputs delivered on a fixed schedule — not when you ask, when they are due. All three pillars. One relationship.

Tier 01 · Oversight

Security Watch

Visibility without the overhead

€800/month
  • Monthly security posture report — executive-ready PDF
  • Patch compliance summary, gaps ranked by severity
  • Endpoint health overview (Defender / CrowdStrike)
  • 2 async Q&A sessions per month
  • IT hygiene checklist with action priorities
Up to 50 users · ~1.5h/month · Response: 48h
Get Started
Most Popular
Tier 02 · Active

IT Co-Pilot

Ongoing IT operations, handled

€1,600/month
  • Everything in Security Watch
  • M365 & Copilot governance oversight
  • Microsoft Defender Suite monitoring
  • 1 policy document per quarter
  • NIS2 compliance gap tracking
  • Quarterly IT roadmap call (30 min)
Up to 100 users · ~4h/month · Response: 24h
Get Started
Tier 03 · Leadership

Fractional IT Lead

Your IT lead, on retainer

€2,800/month
  • Everything in IT Co-Pilot
  • Azure infrastructure advisory
  • On-prem / hybrid AD oversight
  • Monthly board-ready leadership summary
  • NIS2 / ISO 9001 alignment support
  • IT operations framework maintenance
Up to 100 users · ~7h/month · Response: 16h
Get Started
Tier 04 · Enterprise

Enterprise Guardian

Continuous oversight, full stack

€4,000/month
  • Everything in Fractional IT Lead
  • Multi-tenant governance
  • Full Azure networking & VM oversight
  • Continuous NIS2/ISO audit readiness
  • Priority 8-hour response SLA
  • Annual IT strategy roadmap
Up to 100 users · ~10h/month · Response: 8h
Enquire

All retainers: Monthly rolling · 30 days written notice to cancel · Unused hours do not roll over · Overage at €120/hr standard · €180/hr emergency · Annual prepay: 10% discount · Project-to-retainer conversion: 50% off Month 1

One-Time Projects

Fixed scope. Defined deliverables.

No retainer required. Priced at 60–75% below Western European equivalents. Same methodology, same quality, same deliverable standard. 40% of project clients convert to a monthly retainer within 30 days.

Bundle · Best Value

Security Audit + NIS2 Bundle

Both projects combined. Same discovery data powers two full deliverables — one engagement fee, two board-ready reports. The most common entry point for compliance-pressured clients.

€10,000–18,0006–9 weeks · Remote
Security

IT Security Audit

Full endpoint, identity and access review against industry benchmarks. Prioritised remediation report P1–P4 with fix timeline and executive summary.

€5,500–9,5003–4 weeks
Compliance

NIS2 Readiness Assessment

Gap analysis against all NIS2 requirements, risk register, governance mapping, prioritised remediation roadmap, and board-ready executive summary.

€6,500–12,0003–5 weeks
Governance

M365 & Copilot Governance

Tenant review, roles and permissions, sharing policies, DLP, lifecycle controls, Copilot governance framework, compliance baseline, and full policy set.

€4,000–8,5002–4 weeks
AI Governance

AI Governance Framework

Risk classification, model lifecycle governance, data governance controls, EU AI Act compliance mapping, policy creation, and implementation roadmap.

€7,500–18,0005–8 weeks
Operations

Intune / MDM Implementation

Device enrolment, compliance policies, app deployment, Autopilot integration, baseline hardening, conditional access, and full handover documentation.

€3,500–9,0002–4 weeks
New

Defender Suite Deployment

Full Microsoft Defender Suite setup — Endpoint, Office 365, Identity, Cloud Apps, Vulnerability Management. Policy configuration, ASR rules, unified portal, and tuning report.

€2,800–6,5002–3 weeks
New

Active Directory Modernisation

AD health check, OU & GPO redesign against CIS benchmarks, tiered admin model, LAPS deployment, Entra Connect / hybrid identity setup, and architecture documentation.

€3,500–9,0003–5 weeks
New

Azure VM & Infrastructure Setup

VM deployment and sizing, Azure Backup policy, Site Recovery for DR, on-prem to Azure migration via Azure Migrate, Update Manager, and operations runbook.

€3,500–9,5003–5 weeks
Infrastructure

Azure Network Architecture

VNet design, VPN Gateway, ExpressRoute, Firewall, NSGs, Load Balancer, Application Gateway, Front Door, Private Link, Bastion, DNS, Zero Trust segmentation.

€4,500–11,0003–5 weeks
Operations

IT Ops Framework Build

ITSM processes, escalation flows, monitoring strategy, service catalogue, RACI, reporting & KPIs, onboarding/offboarding SOPs. Complete editable documentation set.

€9,000–20,0006–10 weeks
Security

CrowdStrike / EDR Health Check

Sensor coverage audit, policy tuning, detection gap analysis, response workflow review, and prioritised remediation report with SLA methodology.

€2,800–6,0001–2 weeks
On-Site

WiFi Site Survey — EMEA

Professional survey using Ekahau Sidekick. Coverage heatmaps, AP placement, interference analysis, full PDF report. Travel at cost, zero markup. All EMEA countries.

€1,200–8,0001–3 days on-site
Working Model

Async-first. Reliable SLA.

Structured async delivery — not helpdesk, not meetings, not noise. Fixed deliverables, fixed deadlines, a published response SLA that is honoured. Every working day, 18:00–22:00 EET (17:00–21:00 CET).

TierPriceResponse SLA
Enterprise Guardian€4,000/mo8 hours
Fractional IT Lead€2,800/mo16 hours
IT Co-Pilot€1,600/mo24 hours
Security Watch€800/mo48 hours

"Response" means a substantive reply — not an acknowledgement. SLA is measured in calendar hours from receipt. Operating every day including weekends.

Retainer capacity
6 + 1
Maximum 6 concurrent retainer clients plus one active project engagement at a time. Hard ceiling — not a soft guideline. Protects deliverable quality for every existing client.
Pricing advantage
60–75% below
Western European market rates for equivalent specialist work. Bulgarian operations base, EU entity, VAT-compliant EUR invoicing. The cost advantage is structural — not a discount, not a compromise on quality.
Geography
EMEA
All services delivered remotely. On-site WiFi surveys across all EMEA countries. Primary markets: Netherlands, Sweden, Germany, Denmark, Ireland, UK. EU entity (Bulgarian ЕООД).
Technical Expertise

We work in this stack every day.

Every service Trimontia delivers is built on hands-on production experience in the tools listed below — not theoretical knowledge, not certification-only familiarity. These are the platforms we use, configure and troubleshoot in live environments.

Security
CrowdStrike Falcon Microsoft Defender for Endpoint Defender for Office 365 Defender for Identity Defender for Cloud Apps Microsoft Sentinel Proofpoint SPF · DKIM · DMARC NIS2 · ISO 27001 Zero Trust
Identity & Cloud
Microsoft Entra ID Microsoft Intune Azure AD Connect / Cloud Sync Active Directory DS Conditional Access Azure Virtual Machines Azure Backup Azure Site Recovery Azure Migrate Microsoft 365
Azure Networking & Governance
Azure VNet · NSGs VPN Gateway · ExpressRoute Azure Firewall Application Gateway + WAF Azure Bastion Private Link · Private Endpoints Azure DNS · Front Door Microsoft Purview / DLP ManageEngine Endpoint Central Ekahau Sidekick
Common Questions

Before you get in touch.

Every retainer includes a monthly security posture report delivered by the 5th of each month. From Tier 2: async support hours, M365 and Copilot governance oversight, Microsoft Defender monitoring, and NIS2 gap tracking. From Tier 3: monthly board-ready leadership summary, Azure infrastructure advisory, and on-prem/hybrid AD oversight. Tier 4 adds multi-tenant governance, full Azure networking oversight, continuous audit readiness, and an annual IT strategy roadmap. All tiers include a published response SLA, monthly rolling contracts, and 30 days written notice to cancel.
No. Trimontia delivers IT leadership and strategic oversight — not frontline support. There are no password resets, printer configurations, or L1 helpdesk tickets. Clients who work with us are typically companies that need their IT environment properly architected, governed, and secured — not day-to-day reactive support. If you need helpdesk services alongside strategic oversight, we can recommend a complementary MSP partner.
For reporting and monitoring: read-only access to your M365 Admin Portal (Global Reader role) and endpoint management platforms. For implementation work: temporary delegated admin access to specific workloads, revoked immediately after the task is complete. All access is MFA-protected, logged, and subject to quarterly self-audit. A signed Data Processing Agreement (DPA) is required before any system access is granted. Every access credential is recorded in a client access log and reviewed quarterly.
A senior IT security specialist in Western Europe costs €55,000–90,000 per year plus benefits, employment overheads, and onboarding time. Trimontia's Tier 2 retainer (€1,600/month) is €19,200/year — for senior-specialist expertise with no headcount commitment, no notice period, and the ability to cancel with 30 days written notice. The cost advantage comes from our Bulgarian operations base — structural, not a temporary discount.
Yes. We deliver the complete ISO 27001:2022 ISMS build — gap analysis against all 93 Annex A controls, risk assessment and treatment plan, full policy library (12+ documents), Statement of Applicability, technical controls implementation in your M365/Azure environment, internal audit, and management review preparation. We also prepare your internal ISMS owner for the Stage 1 and Stage 2 certification body audits. The certification body itself (Kiwa, Bureau Veritas, BSI, TÜV) is a separate engagement — we help you select the right one and prepare for them.
Trimontia is based in Plovdiv, Bulgaria and registered as a Bulgarian ЕООД — a full EU legal entity. All services are delivered remotely and async. Our working hours (18:00–22:00 EET) align with the end of the Western European business day, covering CET 17:00–21:00 and GMT 16:00–20:00. For on-site work such as WiFi site surveys, we travel across all EMEA countries. Travel and accommodation are billed at cost with zero markup. Being Bulgaria-based is the reason our pricing is 60–75% below Western European equivalents — not a reflection of experience level, methodology, or output quality.
Get in Touch

Start the conversation.

A short conversation is enough to establish fit. Tell us about your company and your IT situation — we'll tell you what Trimontia would do about it. No sales calls. No obligation.

Emailcontact@trimontia.io
Websitetrimontia.io
LocationPlovdiv, Bulgaria · EMEA
ResponseWithin 24–48 hours
MarketsNL · DE · SE · IE · UK · DK
Mention Security Checklist in your message and we'll include a free 15-point IT hygiene checklist in our reply.

Goes directly to contact@trimontia.io. We reply personally within 24–48 hours.