Justin has over twenty years of experience in system administration, software development,
and information security. His core skills include regulatory and contractual compliance,
program management, payment card standards, and general governance and privacy practices
and frameworks.

He founded episki, a cloud-based governance tool geared toward helping mid-market
organizations manage their security programs. Justin also performs fractional CISO and
security consulting services for various clients in multiple industries, including areas
involving GRC, DevSecOps, Privacy, and other matters.

Before his current roles, Justin consulted with Fortune 1000 companies in information
systems, audit, governance, and cybersecurity. He has led the governance and security
practices for leading eCommerce and large financial services companies. Additionally,
Justin has spoken at conferences concerning risk management, the payment card industry
(PCI), security leadership, and general information security practices.

• Governance, Risk Management, & Compliance
• Cloud Computing
• Application Development
• Privacy

• Former Board Member of the Pittsburgh chapter of ISACA
• Former Manager Security Governance & Compliance at Diebold
• Former Director of Security at GiftCards.com
• Former VP of Service Provider Management at BNY Mellon
• Former Practice Lead at TrustedSec.

• CISSP – (ISC)2
• Certified Information Systems Auditor (CISA) – ISACA
• Certified Ethical Hacker (CEH) – EC Council
• Certified ISO 27001 Auditor
• PCI Qualified Security Assessor (QSA) – PCI Council

In his free time, Justin enjoys spending time with his wife and 4 kids, dabbling at the piano, and is a tinkerer of projects.

Justin Leapline joined the IANS Faculty in 2017. He provides clients with deep domain-level expertise in the following areas: GRC, cloud computing, application development, as well as privacy.