Leviathan provides pragmatic guidance to help businesses protect themselves from cyber threats.
Leviathan was formed by the principals of @stake, Guardent, Symantec, and Foundstone when they decided to collaborate and combine the expertise from their decades of information security experience. Over the past 12 years, we have added research, education, and security strategy experts to expand our client offerings, training programs, and business structure.
The members of Leviathan are dedicated to integrated Risk Management and Information Security solutions that are not just patches, point-in-time fixes, or box-checking exercises. Rather, our methodology helps our clients to improve the processes that led to the issue. We help them take the next steps in their evolution and help them maintain or reclaim their reputations.
Frank Heidt, Chief Executive Officer
As the creator of Leviathan's innovative business structure, Frank is responsible for designing Leviathan and bringing together security professionals with diverse backgrounds from premier consultancies, industries, and government agencies.
Frank is a recognized expert in the fields of information assurance, network security, and systems penetration. Prior to forming Leviathan, Frank was a Managing Security Architect for @stake and headed up their Pacific Northwest practice. He also engaged in various computer security related work for the Department of Defense. In his capacity as one of the DOD's civilian Information Systems Security Officers (ISSO), he was responsible for securing several large networks for the Department of the Navy.
Frank has been a Visiting Lecturer at the United States Army War College, the United States Navy War College, and the Naval Post Graduate School on the subject of defensive information warfare and military computer systems security. TEDx Talk. LinkedIn.
Chad Thunberg, Chief Operating Officer
Chad is responsible for managing the Professional Services Organization and maintaining Leviathan's reputation for industry leading research and high quality consultative services. His responsibilities also include assisting Leviathan's fortune 100 customers with development of security strategies, implementation of large scale security initiatives, and integrating security into the development lifecycle.
Chad specialized in Information Security for more than a decade before joining Leviathan as a founding member. He came from Washington Mutual where he was responsible for translating regulatory and business requirements into enterprise security solutions. Chad also leads the team responsible for the proactive identification of process and technology vulnerabilities as part of the enterprise secure development lifecycle.
Previously, Chad was a Security Consultant with Guardent, where he was responsible for developing and improving Guardent's security methodologies and managed services platform. In addition, he acted as a mentor and leader for the west coast security practice. He also assisted Fortune 100 customers with innovative solutions for reducing their overall technology risk through the maturation of process and technology. LinkedIn
Irfan Chaudhry, Chief Strategy Officer
Irfan is responsible for the formalization of Leviathan’s strategic efforts, corporate transformation and identifying and supporting key priorities through their translation into comprehensive plans. Irfan’s role as CSO has been instrumental in increasing Leviathan’s contribution to the Information Security community and has witnessed the exploration of new partnerships and opportunities that continue to broaden Leviathan’s overall impact. Irfan’s years of experience have forged an ability to make quick informed decisions and assess whether strategic initiatives are in line with Leviathan’s organizational standards and objectives. He is responsible for formalizing strategic-planning processes and creating new working relationships and synergies both within the organization and externally.
Irfan has over 22 years’ experience in the Information Technology field including 15 years working with Microsoft. At Microsoft, Irfan held various IT roles which honed his ability to develop and critique strategy and provided him with a deep level of business leadership experience. His roles ranged from leading various teams across a range of IT disciplines including Security, Service Engineering, Service Operations, Test Engineering and Program Management to building Microsoft IT’s first centralized security/privacy assessment team. Irfan was also an original contributor to Microsoft IT’s Application Software Assurance Program (ASAP), which saw the adaptation of its best practices rolled into the SDL-IT.
Irfan holds a Bachelor of Science from Drexel University and a Master of Information Technology from Virginia Tech University.
Irfan is a continuous contributor to the Information Technology community; he has co-authored books for Microsoft Press, SAMS Publishing and other publications. He has spoken at industry leading events including Microsoft’s CSO Summit, Microsoft Academic Days at Tech-ED and the Microsoft US National Architect Forum. LinkedIn
Bill Gambardella, Director, Risk and Advisory Services
Bill's technical expertise includes a breadth of operational and application security experience. Bill’s responsibilities with Leviathan include security architecture guidance, auditing, SDLC, HIPAA, ISO 27001/2, SOC 2, establishing security and risk management programs, and maturing established programs.
Prior to joining Leviathan, Bill held positions ranging from Security Analyst to acting CISO. His experience spans multiple industries, including the financial services, higher education, and commercial software sectors and he has been responsible or the improved security at large, mature organizations and built elective programs at startups. Most recently, he created the Information Security Program at a venture-backed software startup which contributed to transforming the company into an industry leader in platform security, in just over a year, according to Forrester Research.
His years of operational security experience allow Bill to tailor security programs in a manner that best fits an organization. Bill has extensive experience writing policies and standards, running incident response programs, and conducting risk assessments.
Bill holds a Bachelor of Science degree in Management Information Systems with a minor in Technology and Management from the University of Illinois at Urbana-Champaign. LinkedIn
Join our team. Check out our careers page.