About Anchor Cyber Security
Enterprise Security. SMB Friendly.
Founded by a practitioner who has spent 25+ years on the inside — leading GRC programs, responding to incidents, building security teams, and sitting across the table from auditors. Anchor brings that experience to Maine SMBs through products and consulting that actually work.

Jonathan Carpenter
Founder & Principal Consultant, Anchor Cyber Security
Director of GRC, Kevel · BS in Information Technology
Jonathan has spent 25+ years working across every layer of security — from network administration and Linux systems engineering to leading GRC programs at scale. He has held Director, Principal, and Lead roles at organizations ranging from startups to mid-market SaaS companies.
In his current day role as Director of GRC at Kevel, he leads compliance programs spanning SOC 1, SOC 2, and third-party vendor risk. Prior to Kevel, he served as Lead Security Engineer at Formstack, where he drove PCI DSS compliance and led the security engineering function. Anchor Cyber Security is where he applies that same breadth of experience to the SMBs that need it most — without the enterprise price tag.
Jonathan built Anchor's products to solve problems he experienced firsthand: security training employees ignore, incident response plans that have never been tested, CPE tracking that lives in a spreadsheet, and sensitive data leaking into AI tools without anyone noticing.
Areas of Expertise
Career highlights
25+ years spanning network administration, Linux systems engineering, security engineering, and executive GRC leadership.
What colleagues say
LinkedIn recommendations from professional roles prior to Anchor Cyber Security.
I have had the absolute pleasure of working with Jonathan at two different organizations. He provides so much value to our team, using his deep understanding of security best practices and risk management to provide very practical advice. An invaluable asset to our compliance function — an incredible partner to the legal team as well, assisting in everything from the pre-sales process, to redlining, to eDiscovery, to audit activity.
Jonathan was instrumental in standing up our Information Security Program and was essential to the successful completion of our annual SOC audits. He not only drove key initiatives within the organization, he also educated our staff about security best practices and helped to shift the culture. Jonathan was a strong partner and a true professional, even in the most challenging situations.
Recommendations via LinkedIn — reflecting work performed in professional roles prior to Anchor Cyber Security.
Our Philosophy
Security should be practical, not theatrical.
Practitioner-Built
Everything we create comes from real experience. We've been in your shoes — dealt with auditors, responded to incidents, and presented to boards.
Business-Aligned
Security exists to enable business, not block it. We help you find the right balance between protection and productivity.
No Checkbox Mentality
Compliance is a byproduct of good security, not the goal. We focus on what actually reduces risk.
What We've Built
Products designed to solve real problems we experienced as security practitioners.
BitDrip↗
Self-hosted AI data loss prevention. Blocks employees from sending sensitive data to ChatGPT, Claude, Gemini, and 12+ other AI tools — at the network level, in real time. Runs entirely in your infrastructure.
Visit Site →TL;CR Portal↗
AI-powered CPE tracking for security professionals — never miss a certification deadline.
Visit Site →Based in Maine
Anchor Cyber Security is based in Biddeford, Maine. We work with clients across the United States and internationally.
Biddeford, Maine 04005
[email protected]Ready to work together?
Whether you need products, consulting, or both—let's talk about your security goals.
Get in Touch