William Janness

Security & Compliance Executive · Fractional CISO · Infrastructure Architect

Three decades building and securing production systems — currently leading Information Security & Compliance at an enterprise AI company. I design compliance programs (SOC 2 Type II, HIPAA, GDPR) and personally build the infrastructure and code that satisfy them: $152K/yr in eliminated vendor spend, 1,450+ days of continuous production uptime, and security programs taken from placeholder policies to full certification. Own a private-suite AI co-location buildout (~$5M of GPU/CPU compute — ~2,900 CPU cores, ~34 TB RAM, A100/B300-class GPUs, 48 VMs across 35 hosts; six racks growing toward eleven), Zero Trust architecture, and incident response; co-architecting a second hot-hot facility connected over dark fiber. Career spans nearly three decades co-founding and running Indigo Productions, a five-person IT consultancy ($70M+ in managed IT budgets; built early software including InfoExchange, a CAD-file exchange CRM for construction firms), co-founding a seven-brand creative-tech LLC as CEO/CTO/CISO, and cybersecurity mentorship. Known for combining board-level strategy with the ability to write the code that implements the controls.

Executive
Compliance Program Design (SOC 2 · HIPAA · GDPR) Audit Management & Coordination Board & Executive Reporting Vendor & Third-Party Risk Budget Oversight ($70M+ career) Incident Response Leadership Policy Development Team Leadership & Mentoring Security Awareness Programs
Hands-On
Python / TypeScript FastAPI / React / Next.js BGP / VLT / Spine-Leaf Fabric Design GPU Cluster Operations Proxmox / VMware / Docker SIEM (Graylog · Wazuh · Zabbix) Zero Trust / Fortinet Claude / AI APIs & Agent Orchestration PostgreSQL / Redis
Head of Information Security & Compliance · Infrastructure Lead
Enterprise AI Technology Company — Chicago, IL
2021 – Present
  • Lead all information security, compliance, infrastructure, and co-location operations for a rapidly growing AI technology company specializing in document intelligence and redaction systems
  • Led the organization through SOC 2 Type II and HIPAA compliance from inherited placeholder policies to full certification — policy development, control implementation, evidence collection, and auditor coordination; serve as primary responder for customer security questionnaires (some 1,500–2,000 questions)
  • Designed and secured the AI infrastructure supporting GPU and CPU processing environments; scaled the co-location footprint from half a rack to six full racks (~2,900 CPU cores, ~34 TB RAM, NVIDIA A100/B300-class GPUs, 48 VMs across 35 hosts), now leading migration into a private suite built for up to eleven racks — roughly 90% achieved with open-source software and used equipment
  • 1,450+ days of continuous uptime across multiple production systems; purchased, installed, and operationalized the company's first enterprise 4-GPU server ($130K) and the majority of the compute fleet since
  • Co-architecting a second hot-hot facility connected to the primary site over dark fiber — designed for active-active workload distribution, failover, and disaster recovery at AI-compute scale
  • Architected a 3-spine / 6-leaf, all-100G data center network fabric for the GPU server fleet — BGP underlay, VLT peer pairs, ECMP across spines, Anycast Gateway per zone; deployed the organization's first 100G switching
  • Implemented Zero Trust and endpoint security strategies using Fortinet technologies; designed segmented VPN, VLAN, and security policies, and a SIEM/monitoring stack (Graylog, Zabbix, Wazuh, OpenVAS/Greenbone) supporting production AI systems
  • Eliminated up to $152K/year in license spend by building an enterprise ITSM platform from scratch — 10-container Docker stack with an autonomous, self-healing AI remediation agent, Slack-integrated approval workflows, and Active Directory sync
  • Designed and built a suite of internal platforms: a federated CMDB, live inventory and network dashboards with daily auto-generated reports, an AI infrastructure assistant, rack-PDU power monitoring, and a self-healing event-log analysis pipeline that triages and tickets its own findings
  • Manage regulatory and compliance programs including GDPR and ISO 27001-aligned controls, vulnerability management, penetration-testing coordination, and security awareness training; serve as security and compliance liaison for executive leadership
CIO · CTO · Business Consultant
Indigo Productions — Chicago, IL
1992 – 2021
  • Co-founded and ran a five-person IT and technology-consulting company providing fractional CIO/CTO leadership for small and mid-sized businesses — $70M+ in managed enterprise IT budgets across the engagement portfolio
  • 2010s — cloud and security practice: delivered virtualization, cloud-migration, and cybersecurity programs; streamlined client operations through automation and workflow improvements
  • 2000s — network and server infrastructure: designed and implemented secure business infrastructure across healthcare, finance, professional services, and technology verticals — each with distinct compliance and uptime requirements
  • 1990s — foundational systems: built custom software where the market had none, including InfoExchange, one of the first CRM-style applications enabling construction companies to securely exchange CAD files with partners
  • Led teams of consultants, developers, and IT professionals on multi-year transformation programs; served as trusted technical advisor to executive leadership teams across the client base
Co-Founder · CEO / CTO / CISO
Mad Monkey Creative LLC — Chicago, IL
2020 – Present
  • Co-founded a Chicago-area creative technology LLC operating seven live product brands across apparel, SaaS, music, and education
  • Designed and operate all shared infrastructure — Apache vhosts per brand, PM2 process management, SSL via reverse proxy, internal VLAN segmentation, on-prem hardware
  • Architected and built Time To Plate (timetoplate.com) — a production SaaS recipe manager and event-execution engine — as the LLC's flagship software product
  • Designed and built additional applications and services across the portfolio, plus a multi-agent AI workflow layer that coordinates operations and powers self-healing automation
  • Manage all technical operations: server provisioning, domain/SSL management, deployment pipelines, monitoring, backup chains, and incident response across all active brands
Sr. Tutor · Cybersecurity Mentor
Trilogy Educational Services
2020 – 2021
  • Mentored cybersecurity students in Security+, CISSP preparation, penetration testing, security architecture, compliance frameworks, and threat analysis
  • Provided one-on-one instruction and technical guidance for cybersecurity career development
Enterprise AI Infrastructure & Internal Platforms Production

Multi-year data-center buildout (half a rack → six racks; ~2,900 cores, ~34 TB RAM, 48 VMs / 35 hosts) plus a suite of internal software built from scratch: a federated CMDB, live inventory and network dashboards with daily auto-generated reports, rack-PDU power monitoring (pysnmp/InfluxDB/FastAPI/React), an AI infrastructure assistant, and a self-healing event-log pipeline. Mostly open-source/custom-coded.

Enterprise IT Service Management Platform Production

Self-hosted ITSM replacing commercial tools quoted at up to $152K/year. 10-container Docker stack, 41 ticket types, autonomous self-healing AI remediation agent (Claude API), Active Directory sync, Slack interactive approvals. Python/FastAPI · React/TypeScript · PostgreSQL · Redis · Celery.

3-Spine / 6-Leaf Data Center Network Fabric Design Complete

Complete data center fabric design for AI company GPU fleet. Dell S5232F-ON / OS10, eBGP underlay, VLT pairs, ECMP across 3 spines, Anycast Gateway, all-100G links, Fortinet NGFW. Replaces flat Layer 2 network; implementation in progress.

Time To Plate — SaaS Recipe & Event Execution Engine timetoplate.com

Full-stack SaaS product — sole architect and developer. Backward-planning scheduler with appliance lanes, human bandwidth constraints, allergen safety, PWA push notifications, and pluggable AI assistance. Next.js 14 · Fastify/TypeScript · PostgreSQL · Redis · BullMQ · Drizzle · Lucia Auth.

Self-Healing Systems & AI Workflow Architecture In Operational Use

Self-healing applications built with scripting and AI — autonomous remediation, container auto-healing, and a log-analysis pipeline that opens its own tickets. Plus a multi-agent orchestration layer coordinating specialized agents across my own applications and brands: durable session memory, vault-based handoff, cross-host execution, scheduled routines, browser automation, and a custom skill library. Claude Agent SDK foundation with custom orchestration on top.

AI Infrastructure Buildout — Private Suite + Hot-Hot Dark-Fiber Site Production / In Progress

Owned the multi-year infrastructure scale-up for an AI technology company: half a rack → six full colocation racks → migration into a private suite (built for up to eleven racks) housing ~$5M of AI infrastructure. Co-architecting a second, geographically separate facility connected to the primary suite over dark fiber for active-active hot-hot workload distribution, failover, and DR at AI-compute scale.

Networking & Data Center
BGP / OSPF Spine & Leaf VLT / ECMP VLAN / 802.1Q Dell OS10 Cisco IOS Fortinet (NGFW / VPN) IPSec / WireGuard
AI Infrastructure & Operations
GPU Compute Co-location Operations Proxmox / VMware Linux Enterprise NFS / SMB / iSCSI SIEM / Observability Zabbix / Graylog High Availability / DR
Software & Product Engineering
TypeScript / Python React / Next.js 14 FastAPI / Fastify PostgreSQL / Redis Docker / Compose Drizzle / Zod BullMQ / Celery Apache / PM2
Enterprise IT & Identity
Microsoft Infrastructure Active Directory / LDAP AWS / Azure Vendor Management Budget Oversight Audit Coordination
AI Workflow & Integrations
Claude API / Agent SDK Multi-Agent Orchestration AI-Integrated Systems Slack API / Block Kit REST / Webhooks
Northwestern University
Cybersecurity Bootcamp Certificate Program (Security+) — Evanston, IL · 2021
DeVry University (formerly DeVry Institute of Technology)
Electrical Engineering
CompTIA Security+
CompTIA
CISSP — In Progress
(ISC)²
HIPAA & Compliance Training Programs
Various
Ongoing Cybersecurity & Compliance Education
Continuous