Justin Leapline

Practice Lead, PCI


Justin Leapline has over twenty (20) years of experience involving system administration, software development, and information security. His core skills include regulatory and contractual compliance within the information security realm, security program management, and general governance practices and frameworks. Before joining TrustedSec, Justin consulted with numerous Fortune 1000 companies in the areas of information systems, audit, governance and information security. He has also led the governance and security practices for leading eCommerce and large financial services companies. Additionally, Justin has spoken at numerous conferences concerning risk management, payment card industry (PCI), and general information security practices.

Education & Certifications

Certified Informational Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified ISO 27001 Auditor, PCI Qualified Security Assessor (QSA), and Certified Ethical Hacker (CEH), AWS Certified Cloud Practitioner.

Recent Blog Posts

Big Changes in Store for PCI DSS v4.0, and More!

This week I attended the PCI North American Community Meeting. If you are in the payment security space and haven’t been to a community meeting, I would recommend that you put this on your conference schedule. It’s great to connect with like-minded individuals, including card brands, banks, large customers, vendors, and yes, assessors – both internal (ISAs)...
TrustedSec Blogs + Articles logo

How to Choose a PCI QSA

As of writing this article, there are currently 378 PCI QSA Companies worldwide that are certified by the PCI Council. That is quite a selection to narrow your choices. So what do you look for in good qualities to partner with? What attributes do you form that basis on? Throughout this blog, we are going...
TrustedSec Blogs + Articles logo

New PCI Controls and What You Should Know

It is finally here: the forward-dated controls that have been in existence since the release of version 3.2 of the PCI Data Security Standard, from April 2016. Hopefully, by now, you have had a chance to review them, but if you haven’t we are going to take a deep dive on each of the new...
View all posts from Justin

Recent Webinars

PCI Ask Me Anything (AMA) with Justin Leapline

TrustedSec’s PCI Practice Lead Justin Leapline hosted an ‘Ask Me Anything’ event on Wednesday, February 10th from 1 – 2 p.m. ET. He covered everything from PCI DSS 4.0 Work from home (WFH) COVID-19 impacts on PCI Segmentation and the...

Answering Tough Questions on the Future of Security

Recorded on January 20, 2021. Do You Have Security Questions That Never Get Answers? A lot of research organizations are putting out predictions for security, but some don’t make much sense. TrustedSec CEO David Kennedy and Advisory Practice Lead Justin...

Resilience in the Middle of the Storm—Preparing Security Teams for Disaster

This webinar was recorded on 3/19/20. As populations are affected by disaster, what can you and your organization do now to mitigate security risk? Preparing for the worst For those who aren’t fully prepared, what are the major areas that...
View all webinars from Justin
Justin Leapline

Want to work with Justin Leapline or someone like him?

The TrustedSec team is comprised of experienced and qualified security professionals. Contact us to learn more about our services, our team, and how we can help you.
Contact Us