Cybersecurity · New York & Nationwide

Protect what you've built —
before someone takes it from you.

Cithrex delivers hands-on cybersecurity services for growing businesses. Real experts, real outcomes — no offshore ticket queues, no generic software.

Get a free risk call See our services
SOC 2 ready HIPAA compliant CMMC 2.0 24/7 IR retainer
Our highest-roi services

Three services. Fast time-to-value.
Recurring protection.

Each service is designed to solve a specific, urgent problem — and to feed naturally into the next.

01 — Compliance
Highest ROI

Compliance-as-a-Service

SOC 2, HIPAA, and CMMC 2.0 readiness from gap analysis to certified. We handle the paperwork, controls, and audit prep — you focus on your business.

$4,000–$12,000 project + $1,500/mo maintenance
  • Gap analysis & risk register
  • Policy & procedure writing
  • Control implementation support
  • Audit prep & auditor liaison
  • Continuous compliance monitoring
02 — Identity
Fast payback

Phishing sim + identity hardening

Monthly phishing simulations paired with a full IAM audit. Eliminate credential risk at the source — both human and technical — in one bundled service.

$800–$3,000/mo · seat-based pricing
  • Monthly phishing campaigns
  • Click-rate dashboards for HR
  • MFA gap & privilege audit
  • Orphaned account cleanup
  • Role-based follow-up training
03 — Training
Lead magnet

Cybersecurity training academy

Role-specific security awareness training for finance, HR, developers, and executives — not one-size-fits-all click-throughs. Live workshops included quarterly.

$500–$2,500/mo · per company
  • Tailored tracks per department
  • Quarterly live workshops
  • Custom phishing content
  • HR compliance dashboard
  • Converts to retainer clients
How it works

From first call to ongoing protection —
in four clear steps.

No vague proposals. No endless scoping phases. We move fast because your security posture can't wait.

Free risk call

30 minutes, no pitch, no pressure. We identify your top three security exposures at zero cost.

Gap assessment

We audit your environment — cloud, identity, compliance — and deliver a written findings report.

Tailored roadmap

A fixed-scope, fixed-price engagement plan. No surprise invoices, ever. You approve before we start.

Ongoing protection

Monthly retainer or project basis. We grow with you as your team, product, and threat surface evolve.

Why Cithrex

Why companies choose Cithrex

There are dozens of cybersecurity vendors. Here's what makes us different in practice, not just on paper.

No offshore ticket queues

You talk directly to the expert doing the work — not a project manager relaying messages to an overseas team.

Fixed-scope projects

We quote a fixed price before we start. No hourly billing creep, no scope surprises, no retroactive charges.

Industry-specific expertise

Deep knowledge of HIPAA for healthcare, CMMC for defense contractors, and SOC 2 for SaaS — not generic advice.

Built for growth

Our services are modular and designed to scale as your headcount, infrastructure, and compliance obligations grow.

48-hour response SLA

Retainer clients receive a guaranteed 48-hour SLA on all incident reports. Active incidents average under 2 hours.

Privacy-first structure

Cithrex is a New Mexico LLC — a jurisdiction that protects member privacy. We extend that same discretion to our clients.

Pricing

Transparent pricing.
No long-term contracts required.

All plans include a 30-day onboarding sprint. Cancel anytime after that.

Starter
$1,500/mo
Up to 25 seats
  • Monthly phishing simulations
  • Click-rate reporting dashboard
  • MFA audit (quarterly)
  • Email support
  • Onboarding sprint included
Most popular
Professional
$4,500/mo
Up to 100 seats
  • Everything in Starter
  • IAM hardening service
  • Compliance monitoring (SOC 2 or HIPAA)
  • Monthly IR review call
  • Priority Slack channel
  • Onboarding sprint included
Enterprise
Custom
Unlimited seats
  • Everything in Professional
  • Full CMMC 2.0 program
  • Dedicated vCISO
  • 24/7 IR retainer
  • Quarterly tabletop exercises
  • Vendor risk management

All plans include a 30-day onboarding sprint · No long-term contract required · Cancel anytime

Client outcomes

What our clients say

Real results from growing businesses who chose Cithrex for their cybersecurity needs.

"Cithrex got us SOC 2 Type II certified in under four months. Their team handled everything — we just answered questions and signed documents. Best vendor experience we've had."
M. Rodriguez
VP Engineering, Series B SaaS company
"After our phishing simulation showed a 34% click rate we were embarrassed. Three months with Cithrex's training and we're under 4%. Their approach actually changes behavior."
J. Torres
COO, Regional Healthcare Group
"We needed CMMC 2.0 compliance to keep a $2M DoD contract. Cithrex delivered on time and on budget. I don't know what we would have done without them."
D. Kim
CEO, Defense Technology Firm
FAQ

Common questions

If something isn't answered here, email us at hello@cithrex.com and we'll reply within one business day.

No. All Cithrex services are month-to-month after the initial 30-day onboarding sprint. We earn your business every month — there are no termination fees or lock-in periods.
Retainer clients receive a guaranteed 48-hour response SLA. For active incidents during business hours, our average first response is under 2 hours. Enterprise clients on the 24/7 retainer receive round-the-clock coverage.
Not at all. Our Starter plan was designed specifically for companies with 10–25 employees. Small teams are often the most targeted because attackers assume weaker defenses. Starting early is the smartest move you can make.
Yes. All Cithrex services are delivered remotely. We serve clients nationwide with the same SLAs, response times, and quality of service regardless of location.
SOC 2 Type I & II, HIPAA, CMMC 2.0 (Levels 1–2), ISO 27001 readiness, NIST CSF, and PCI-DSS. If your framework isn't listed, contact us — chances are we can support it.
Software finds problems. Cithrex fixes them. Most tools generate alerts that nobody has the time or expertise to act on. We provide the human expertise to interpret, prioritize, and remediate — not just more dashboards to ignore.
Get in touch

Book your free
30-minute risk call

No pitch. No pressure. We'll identify your top three security exposures at zero cost.

Email hello@cithrex.com
Phone +1 (212) 000-0000
Location New York, NY — serving nationwide
Response time Within 1 business day