Bill La Duca, Cissp, Cisa, Ccp
About Bill La Duca, Cissp, Cisa, Ccp
Bill La Duca is a FedRAMP Senior Associate with over six years of experience in IT compliance and audit. He holds multiple certifications, including CISSP, CISA, and CCP, and has worked for notable companies such as Danone, JPMorgan Chase & Co., and Deloitte.
Current Role at Schellman
Bill La Duca currently serves as a FedRAMP Senior Associate at Schellman, a position he has held since 2021. In this role, he focuses on compliance and audit processes related to the Federal Risk and Authorization Management Program (FedRAMP). His work involves ensuring that cloud services meet stringent federal security requirements, contributing to the overall security posture of government agencies.
Previous Experience at Schellman
Prior to his current role, Bill worked at Schellman as a SOC Senior Associate from 2020 to 2021. His responsibilities included managing and executing System and Organization Controls (SOC) audits, which assess the effectiveness of internal controls related to security, availability, and confidentiality of data.
Professional Background
Bill La Duca has over six years of experience in IT compliance and audit. His career includes roles at notable organizations such as Deloitte, where he served as an Advisory Consultant from 2018 to 2020, and JPMorgan Chase & Co. as an Operations Specialist in 2016. He also worked at Danone as an IS/IT Internal Controls Analyst for eight months in 2018, focusing on governance.
Education and Certifications
Bill studied at the State University of New York College at Oneonta, where he earned a Bachelor’s Degree in Business Economics and a concentration in Finance from 2011 to 2015. He holds several professional certifications, including CISSP, CISA, and CCP, which reflect his expertise in cybersecurity and compliance. Additionally, he is certified as a CMMC Professional, indicating his knowledge in Cybersecurity Maturity Model Certification.
Expertise in Compliance Frameworks
Bill possesses significant expertise in various compliance frameworks, including FedRAMP, NIST, SOX, SOC 1, and SOC 2. His knowledge in these areas enables him to effectively navigate the complexities of IT compliance and audit, ensuring organizations meet regulatory requirements and maintain robust security practices.