Fractional CISO - Strategic Cybersecurity Executive
Resume:
Williams
Kayla M. Williams
****************@*****.*** +1-508-***-**** linkedin.com/in/kaylamwilliams1 Strategic Cybersecurity Executive Business-Driven Risk Leader Transformation Expert Cybersecurity executive with 15+ years of experience driving enterprise-wide risk management, compliance, and cyber resilience across global financial and technology organizations. Proven ability to enable board-level decision-making, investor confidence, and regulatory assurance through measurable security strategies. Recognized as SANS CISO of the Year 2024 for advancing innovation, achieving FedRAMP and StateRAMP authorizations, and strengthening cloud, product, and enterprise security. Skilled in building and leading global teams, managing complex M&A due diligence, and aligning cybersecurity programs with multi-industry regulations (NIST CSF, ISO27001, PCI DSS, etc.).
EXECUTIVE CORE COMPETENCIES
• Enterprise Risk Management &
Regulatory Compliance
• Multi-industry cybersecurity frameworks
• Board & Executive Risk Reporting
• M&A Cyber Due Diligence & Integration
• Third-Party & Vendor Risk Management
• Cloud & Product Security (AWS, GCP,
SaaS)
• Security Ops & Incident Response
Leadership
• Governance Committees & Executive
Presentations
SELECTED ACHIEVEMENTS
• SANS CISO of the Year (2024) — recognized for cybersecurity leadership, innovation, and measurable risk reduction.
• Supported >$30M in annual revenue renewals and accelerated sales cycles by establishing a Trust Center, SLAs, and customer due diligence processes aligned with investor expectations.
• Led Devo to FedRAMP and StateRAMP authorizations, increasing access to public sector and regulated industries.
• Designed and implemented global information security strategies that achieved >$700K in cost savings while strengthening resilience.
• Regularly briefed boards, audit, and risk committees on cyber risk, ensuring transparent governance and informed fiduciary decisions.
Field Chief Information Security Officer Feb 2025 – Current Cyera
• Serve as the public-facing executive security leader, representing Cyera at national and international industry forums, C-level community events, and other industry engagements.
• Travel extensively across the U.S. to deliver keynote and panel presentations at premier events, including:
o Gartner C-Level Community Events (multiple states) o Sapphire Ventures Hypergrowth Engineering Summit o Cyber Risk Alliance CISO dinners (multiple states) o DFIR speaking engagement at the Ctrl Alt Defend Conference in Chicago with Haystack ID
• Designed and launched Cyera’s AI Security Risk Assessment questionnaire and process, aligned with the company’s Data Risk Assessment methodology, enabling customers to evaluate AI-related risks alongside data security.
• Contributes extensively to the development of Cyera’s Security in AI Certification Course (launching September 2025), shaping curriculum and ensuring alignment with enterprise security practices. Williams
Page 2 of 3
• Partners with product and privacy teams to review and refine Cyera’s new privacy offering scheduled for release in September 2025.
• Supports sales enablement and onboarding by role-playing as a prospect CISO, challenging new sales hires with realistic cybersecurity scenarios and industry-specific questions to strengthen product positioning skills.
Chief Information Security Officer (Promotion) Jan 2022 – Feb 2025 Devo Inc.
• Promoted to lead global cybersecurity and risk management, establishing the firm’s first Security Operations Center (SOC) with 24x7x365 coverage.
• Built and executed enterprise cloud security strategy (AWS, GCP), integrating automation and AI to strengthen controls.
• Partnered with executive leadership and boards to set risk appetite and align security programs with business strategy and financial compliance.
• Conducted cyber due diligence for M&A transactions and integration, enabling seamless transitions while mitigating inherited risks.
• Produced board-level dashboards with KPIs and KRIs for ongoing monitoring of enterprise risk posture.
• Guided prospect and customer security reviews for major financial clients (Equifax, Capgemini, DOJ, Starling Bank), directly influencing deal success. VP, Governance, Risk and Compliance (GRC) Feb 2021 – Jan 2022 Devo Inc.
• Built the security risk management and compliance framework underpinning FedRAMP Moderate authorization.
• Established vendor risk management framework with continuous monitoring of critical suppliers, a key priority in financial services.
• Directed IAM program design and execution, ensuring alignment with regulatory expectations.
• Oversaw GRC, Vulnerability Management, and CMDB modules in ServiceNow. Director, Governance, Risk, and Compliance (GRC) Feb 2018 – Feb 2021 LogMeIn, Inc.
• Directed global compliance efforts across 20+ SaaS products, achieving ISO27001 certification and maintaining SOC2/C5 engagements.
• Designed enterprise-wide Identity Governance & Administration (IGA) strategy, strengthening access control in line with SOX and NYDFS expectations.
• Built the first global physical security framework aligned with ASIS standards.
• Partnered with product, finance, legal, and HR leadership to embed compliance into business processes. US Senior Risk Manager Global Program Manager Jan 2016 – Dec 2017 Computershare US/UK
• Drove development of the Global Risk Framework for a leading financial services provider.
• Led major incident response program and change risk management framework, ensuring operational resilience across international markets.
• Managed global risk portfolio with executive reporting to senior leadership and audit committees.
• Controlled $19M GISRG budget, ensuring strategic alignment of investments with financial and regulatory requirements.
Prior to 2016, Kayla held roles in security consultancy, internal audit, and external audit Williams
Page 3 of 3
Board & Executive Engagement
• Regularly briefed boards and governance committees on enterprise risk, financial regulatory exposure, and cyber resilience.
• Translated complex technical issues into business and fiduciary impacts, influencing executive decision- making.
• Facilitated informed debate at the board level, ensuring clarity in risk acceptance and investment prioritization.
Certifications
• NYU Tandon School of Engineering – CISO Program
• CIPM, certification 2020
• CRISC, certification 2020
• GRCP, certification 2018
• GIAC Information Security Fundamentals, certification 2013 Featured Articles, Podcasts, & Webinars
• How to Measure Cybersecurity Spending: WSJ Readers Weigh In. Kim S. Nash. Wall Street Journal Pro
(08.12.2025).
• Charting a Course for Women Leadership in Cyber. RSAC Earned Speaker Presentation (04.29.2025)
• Unchartered Minds: Exploring Neuroscience, Burnout, and Cognitive Strengths. BSidesSF (04.26.2025)
• The Perilous Role of the CISO: Navigating Modern Minefields. Security Week. (06.19.2024)
• How CISOs Can Improve Organizational Communication. Security InfoWatch. (06.17.2024)
• Evolution of the CISO. Unspoken Security Podcast. (05.13.2024)
• CISOs in the Hot Seat RSAC Panel Discussion. (05.08.2024)
• Burnout in Cyber: The Intersection of Neuroscience, Gender, and Wellbeing. RSAC Earned Speaker Presentation. (05.07.2024)
Contact this candidate