William F Leach Jr.

***** ********* ******, ************, ** 70769 • 225-***-**** • ad2dtw@r.postjobfree.com • WWW: Bold Profile LinkedIn: https://www.linkedin.com/in/william-leach-jr-590a6614/ Professional Summary

Dynamic Chief Information Security Officer and Cybersecurity Professional boasting over 20 years of multifaceted experience in finance, healthcare, and government sectors. Renowned for expertise in Data Governance, Risk Management, and Compliance, adept at integrating cybersecurity strategies for driving digital transformation and enhancing profitability. Proven track record in leading over 100+ audits and thousands of assessments, demonstrating exceptional prowess in information security management. Decorated U.S. Navy veteran with advanced Electronic Warfare, Cybersecurity Management, and IT Service Management skills. Esteemed as a visionary strategic adviser to C-suite executives, offering innovative solutions and leadership in high-stakes environments.

Skills

• Business Process Improvement

• Information Technology Strategy

• IT Service Management (ITIL)

• Cybersecurity Risk Management

• Compliance Governance

• Incident Response

• Cloud Security Infrastructure

• Digital Transformation

• Network Security

• Application Security

• Disaster Recovery Planning

• Business Continuity Planning

Work Experience

Chief Information Officer June 2022 to November 2023 First Guaranty Bank Hammond, LA

• Promoted to CIO and Senior Vice President (SVP) to create methods for organizational focus/priority and implement scalable processes across all business units to bolster revenue and increase margins. Received the highest "Distinguished Performance" ratings from the CEO for management skills/initiative/adaptability. Completed the 1st year at the LSU Graduate School of Banking as part of continual learning and advancement as a senior bank executive. Demonstrated excellent board reporting, budget management, and management team leadership.

• Strategic and Tactical Leadership. Orchestrated development and implementation of an innovative and adaptable IT Strategic Plan, encompassing budgeting and road mapping for 600+ employees, 840 endpoints, and 27 banking applications across 38 branches in 5 states, serving over 40,000 customers. Directed the IT department, overseeing 4 direct reports and 23 personnel, administrating an $8.4M budget, and cultivating 18 strategic vendor relationships. Streamlined operations, implemented IoT Security Management, and eliminated redundant hardware/software, achieving $1.4 million in annual cost savings for First Guaranty Bank through strategic vendor negotiations.

• Process Improvements. Streamlined IT operations by consolidating systems and implementing process improvements, spearheaded transformative digital initiatives, elevating the customer experience to an impressive >97% satisfaction rate, and innovatively implemented online deposit solutions and overhauled loan origination processes. Reduced the number of service requests by over 68% and improved operational efficiency through process improvement.

• Digital Transformation. Pioneered the digital transformation initiative, integrating over 80 IT projects and 48 sprints, resulting in a 34% increase in operational efficiency and turnaround of deliverables. Increased revenue generation by identifying opportunities such as the FIS Online Deposits for IT-enabled growth and driving related projects. Led the project successfully implementing online deposits within 4 months compared to over 3 years of unsuccessful attempts. Provided innovative integration solutions for rapidly assessing prospective CORE systems.

• Robotic Process Automation and Integration Platform as a Service. Successfully deployed 34 bots, saved over 15,000 hours of manual labor, and further streamlined banking and Business Process Review (BPR) as a part of the go-to-market strategy - successfully executed and directed IT Operations, focusing on process documentation and automation to drive efficiency by over 20% and reduce manual overhead by 14 jobs. Implemented MuleSoft iPaaS with a noteworthy achievement of 11 successful integration use cases.

Chief Information Security Officer March 2022 to June 2022 First Guaranty Bank Hammond, LA

• As SVP, CISO worked closely with senior management to identify over 150 security requirements, mitigate cyber security risks, enhance security architecture, and ensure regulatory compliance requirements at 98%.

• Strategic Leadership. Developed and enforced the bank's InfoSec/Cybersecurity strategy and roadmap for 2022-2023. Directed a $1.8M annual cybersecurity budget, maximizing resource allocation and cost- effective security operations.

• Cybersecurity Initiatives. Developed and enforced policies, procedures, and guidelines. Led the project teams, applied, and acted as administrator for enterprise-grade cybersecurity controls such as Rapid 7 InsightVM and InsightIDR, Shodan, Zscaler, Ironscales, Proofpoint, KnowBe4, CyLance, SpyCloud, and Keeper.

• Compliance. Satisfied hundreds of control requirements within 98% (physical, technical, and administrative) and ensured cybersecurity measures across 800+ endpoints and ensured compliance with regulatory requirements and industry regulations (e.g., FFIEC/FDIC, GLBA, PCI DSS, ISO, and NIST compliance frameworks).

• Security Education Training and Awareness (SETA). Led security awareness and training programs for 100% compliance for bank employees along with KnowBe4 and Ironscales, decreasing phishing attacks/incidents by over 70% and structuring relevant threat intelligence using Cyber Kill Chain, MITRE ATT&CK Framework, and Diamond Model of Intrusion Analysis.

• Enhanced company security posture by implementing 4 risk assessments, 2 penetration tests, and vulnerability management enhancements to prepare for 2 FFIEC/FDIC Examinations. Vice President of Cybersecurity October 2017 to March 2022 Lockstep Technology Baton Rouge, LA

• As Vice President of Cybersecurity, demonstrated mission and vision, developed and executed comprehensive cybersecurity strategies and controls for our company and clients while successfully building and managing a Managed Security Service Provider (MSSP) practice that generated $3.4 million in revenue over three years. This achievement included creating additional revenue streams, such as penetration testing and consulting, and establishing high-value, low-cost MSSP offerings. Strategic partnerships with key industry players, including ArcticWolf, A-Lign, HITRUST, SentinelOne, Ironscales, and Rapid 7, were instrumental in this growth.

• Additionally innovated an automated solution for mapping and implementing over 1,000 cybersecurity controls for our diverse client base. Managed cybersecurity programs for the company and provided client engagement for over 600 former MSP clients, addressed complex compliance requirements through risk assessments, penetration testing, vulnerability management, and incident response. Ensured adherence to industry standards and regulations, such as CIS, ISO, NIST 800-171, CMMC, FedRAMP, PCI DSS, and SOC- II. Successfully met HITRUST objectives through advanced automation and IT governance. Demonstrated superior policy development, process development, and governance. Chief Information Security Officer September 2013 to October 2017 eQHealth Solutions (Kepro) Baton Rouge, LA

As the Executive Director and CISO for a private SaaS company focused on Care Coordination/Population Management, initiated, and led the establishment of a new cybersecurity unit and business management line, handling 700 HITRUST controls, data architecture, and comprehensive data management. Before this role, managed the IT PMO, collaborating with four teams on over 50 projects centered on security, data quality, product development, testing, and quality management. Within the first year as CISO, successfully installed and managed key security systems like ArcticWolf (SIEM), Rapid 7, Palo Alto Firewalls, CarbonBlack, and ForcePoint, significantly enhancing the Software Development Life Cycle (SDLC). Leading a dedicated team of 5, fostered a culture of innovation and collaboration, instituting a continuous improvement framework for security control assessment and conducting regular audits to ensure full compliance with standards like HITRUST, effectively reducing potential fines to zero.

Director of IT Sourcing December 2011 to September 2013 Amedisys Home Health Baton Rouge, LA

At Amedisys, a publicly traded SaaS provider, adeptly oversaw IT contracts and budgets totaling $110 million, achieving over $4 million in savings through strategic negotiations. The role involved streamlining procurement operations, vendor risk management, overseeing over 100 contracts, 20 proposals, and 40 projects, including key negotiations with major vendors like Microsoft, IBM, and Oracle. Led cross-functional teams to deliver IT sourcing projects on time and within budget, crafting 8 comprehensive RFPs to secure competitive bids for optimal value. Collaborating closely with executives, including the CTO and CIO of Shared Services, leveraged market intelligence for cost-saving opportunities, and conducted detailed spending analyses across IT categories. This approach significantly reduced the total cost of ownership and enhanced procurement efficiency by forging strong partnerships with internal stakeholders and external suppliers. Education

• Master of Science, Cybersecurity/Information Assurance, Regis University (12/2018)

• Master of Science, Data Science & Applied Technology, SLU, Hammond, LA (05/2004)

• Bachelor of Science, Business Administration, MIS, Auburn University (12/1996) Certifications and Licenses

• CISSP, ISC2 - Certified Information System Security Professional

• PMP, PMI - Project Management Professional

• CRISC, ISACA - Certified in Risk & Information Systems Control

• CGEIT, ISACA - Certified in the Governance of Enterprise Information Technology

• CSF, HITRUST - Certified Compliance Framework

• CSM, Scrum Alliance - Certified Scrum Master

• CEH, EC-Council - Certified Ethical Hacker

• CCP, NICCS, CISA - Certified Cybersecurity Maturity Model Certification (CMMC) Qualifications

• Rapid 7 Insight Vulnerability Management - Advanced

• Rapid 7 Insight Detection & Response - Intermediate

• SentinelOne—Advanced and CyLance—Advanced

• Nmap, LANSweeper—Advanced

• Rapid 7 Metasploit—Advanced

• Kali Linux—Intermediate

• Ironscales—Advanced

• Zscaler - Intermediate

• Veracode (Fortify)—Advanced

• TOP SECRET Clearance

Contact this candidate