About

Merrison De Freitas was set up to make principal-engineer-grade AI security available to companies that have realised they need it.

Why we exist

There is a growing gap between the AI security work that scaling-up technology companies need and what the fractional security market is set up to deliver. Most fractional security people came up through governance, risk and compliance. They are good at programmes, audits and policy — and that work has its place — but they are not the people you want reviewing your sub-agent's identity design or deciding which tools an autonomous workflow should be allowed to call.

The companies shipping AI into product right now need something more specific: someone who can sit in an engineering review and tell them what is wrong with the architecture before they ship it, in the language the engineers are already using. That is the gap we were built for. We pair principal-engineer-grade security work with enough regulatory fluency to keep you out of trouble, and we deliver it as engineering rather than paperwork.

We are deliberately a small firm.

Founders

Paul Merrison

Principal

Paul leads delivery. He authored the agentic risks in the FINOS AI Governance Framework and received the FINOS Newcomers Award in 2025. His career has been in security engineering and platform infrastructure — service mesh and identity-aware proxies (Istio, Envoy), observability (OpenTelemetry), and model-context protocols — the same foundations modern AI systems are built on, and he leads information security at a venture-backed infrastructure company today. His engagement work is hands-on with production agent, MCP and LLM systems. He writes regularly on paulmerrison.io and speaks at industry events.

Paula De Freitas

Business Operations

Paula leads the commercial and operational side of the firm: engagement structure, contracts, and client relationships. She makes sure engagements are scoped, run and closed out cleanly, so the principal-engineering work has room to happen.

Credentials

  • Co-author of the agentic risks in the FINOS AI Governance Framework.
  • 1,300+ lines of code contributed to the FINOS AI Governance Framework.
  • Recipient of the FINOS Newcomers Award, 2025.
  • Speaker on AI governance — APIDays London and the FINOS Open Source in Finance Forum, New York (2025).
  • Co-led FINOS agentic reference-architecture workshops with 30+ financial-services practitioners.
  • Built the FINOS CALM architecture-as-code visualiser.
  • Security engineering on service mesh, identity-aware proxies and observability (Istio, Envoy, OpenTelemetry).
  • "SR 11-7 just wrote itself out of the GenAI conversation" — reblogged by FINOS, April 2026.
  • Regular writing on AI and agent security at paulmerrison.io.
  • Hands-on AI and agent security for venture-backed companies shipping AI into product.

For the longer biography and our writing, see paulmerrison.io.

How we expand

We hire engineers as engagement volume warrants. The firm is principal-led: every engagement has a principal engineer who owns the work end to end, and the team grows to meet demand rather than ahead of it. Engagements are confidential by default, and we are comfortable being substituted by another principal of equivalent seniority where a client's procurement or contracting needs require it — the work is owned by the firm, not tied to a single name.