Profile
Justin has over twenty years of experience in system administration, software development, and information security. His core skills include regulatory and contractual compliance, program management, payment card standards, general governance, privacy practices and frameworks. He founded episki, a cloud-based governance tool geared toward helping mid-market organizations manage their security programs. Justin also performs fractional CISO and security consulting services for various clients in multiple industries, including areas involving GRC, DevSecOps, Privacy, and other matters. Before his current roles, Justin consulted with Fortune 1000 companies in information systems, audit, governance, and cybersecurity. He has led the governance and security practices for leading eCommerce and large financial services companies. Additionally, Justin has spoken at conferences concerning risk management, the payment card industry (PCI), security leadership, and general information security practices. Justin is one of the hosts of the monthly podcast, Distilled Security Podcast.
Expertise
- Governance, Risk Management, & Compliance
- Cloud Computing
- Application Development
- Privacy
Qualifications
Achievements & Contributions
- Former Board Member of the Pittsburgh chapter of ISACA
- Former Manager Security Governance & Compliance at Diebold
- Former Director of Security at GiftCards.com
- Former VP of Service Provider Management at BNY Mellon
- Former Practice Lead at TrustedSec.
Certifications & Credentials
- CISSP – (ISC)2
- Certified Information Systems Auditor (CISA) – ISACA
- Certified Ethical Hacker (CEH) – EC Council
- Certified ISO 27001 Auditor
- PCI Qualified Security Assessor (QSA) – PCI Council