Use code LIVING102 for a free 30-minute consultation
Leadership & Advisory

Senior security leadership, on contract.

Fractional vCISO · interim security director · strategic advisory · senior leadership contract. For organizations that need direction at the security-program level — without (or before) a full-time hire.

Edward Williams II — Founder & vCISO, Key 102
Edward Williams II
Founder · vCISO · CISA · CISM
Working with your team

What your program gets.

Security strategy & program leadership

Build and run security programs from the ground up. Set risk-based priorities. Align security investment to business objectives and regulatory obligations.

Team leadership & organizational maturity

Build the operating model that makes your security function sustainable — not heroic: develop talent, define roles, and stand up a structure a team of up to twenty can run without depending on a single hero.

Risk management & executive communication

Translate threat landscape and technical risk into terms leadership and boards act on. Own the security narrative to executives, auditors, and customers.

Transformation & modernization

Zero Trust adoption. EDR/XDR at enterprise scale. Secure-SDLC programs. Cloud security across AWS and Azure.

Governance, risk & compliance

Program-level command of NIST 800-53/800-171, CMMC, PCI-DSS, ISO 27001, SOC 2. Built and operates a compliance platform that puts the GRC discipline in software.

The differentiator

Strategy backed by hands-on command.

Bring in a fractional security leader and the usual risk is a mismatch — a strategist who's lost the technical thread, or an engineer who can't operate at the executive level. Here you get neither. You get a leader who sets program strategy with your executives, then sits with your engineers and architects the control itself: application security and code review inside SOX / GLBA / PCI DSS environments, a twenty-person vulnerability-management program at enterprise scale, Zero Trust adoption and EDR/XDR across thousands of endpoints, defense cyber operations anchored to NIST SP 800-53. The point isn't the résumé — it's that the strategy holds because whoever sets it has done the work, and will do it alongside your team.

Engagement modes

Three ways organizations engage.

Fractional / interim security leadership

vCISO, interim security director, or program lead for organizations that need senior security direction without a full-time executive hire.

Strategic security advisory

Security strategy, risk and maturity assessments, program design, board / executive guidance, regulatory-readiness leadership (CMMC, PCI).

Senior leadership contract

Lead a security function or major initiative on contract, hands-on.

Selected enterprise track record

The experience your program inherits.

The environments behind the advice your team gets — framed by regulatory domain and controls catalog rather than employer name. Specific organizations available on request and verifiable on LinkedIn.

Financial Services Security
SOX · GLBA · PCI DSS

Senior security leadership at multiple tier-1 financial institutions. Application security program build-out and secure-SDLC governance. Architecture and code review at enterprise scale. Twenty-person vulnerability-management program leadership. Cloud infrastructure security, reliability, and incident leadership — all inside the SOX, GLBA, and PCI DSS regulatory perimeter.

Government / Defense Cyber
NIST 800-53 · NIST CSF

US Army IT Specialist with deployed cyber-operations service in Afghanistan and Kuwait. Operating discipline tied directly to NIST SP 800-53 — the federal controls catalog underneath NIST 800-171, CMMC, and PCI DSS. Mission-critical operational security under deployed conditions, where controls only count if they hold when challenged.

Enterprise Security Transformation
Zero Trust · EDR/XDR · Cloud

Hands-on leadership of Zero Trust adoption, EDR/XDR rollout across 5,000+ endpoints, DLP and RBAC program design, and cloud security across major hyperscalers. Ten-person security team leadership. Strategy backed by personal architecture and engineering work — not slide-deck advisory.

Credentials & entity

CISA · CISM · CCNP · Microsoft

Key 102 Solutions LLC · Veteran-Owned Small Business · Phoenix, AZ.

Start a conversation.

If your organization needs senior security direction — for a quarter, a year, or a specific initiative — a discovery call is the right first step. Bring the question; I'll bring the framing.