Justin Graham is a cofounder and architect of Steadfast Partners’ vCISO services. Justin possesses two decades of security experience, specifically in the Healthcare and Federal spaces, and has contributed to the industry through speaking engagements and service on the HITRUST external assessor council. 

Justin is a seasoned security executive with extensive experience serving in a vCISO capacity with a focus on risk, compliance, and security program development initiatives.  Justin provides strong leadership skills and exceptional analytical thinking to be able to analyze complex security threats and develop strategic plans to mitigate those risks, while communicating these initiatives in a way that is crystal clear for executives to digest – no matter how security savvy they may be.      

Justin holds the following certifications and degrees: Certified CSF Practitioner (CCSFP), Certified HITRUST quality Professional (CHQP), CMMC Registered Practitioner (RP), ISO 27001 Lead Auditor. In addition to Justin’s certifications, he attended and graduated from Texas State University and obtained his undergraduate degree in Computer Information Systems. 

Marc Sabelli is the Co-Founder of Steadfast Partners, a cybersecurity consultancy dedicated to delivering hands-on security leadership, GRC automation support, and AI-driven security program development. With over two decades of sales leadership experience and eight years focused on cybersecurity advisory, Marc is a trusted partner to clients navigating complex security and compliance landscapes.

Marc began his career as one of the original SOX auditors at PwC, where he developed a deep understanding of regulatory frameworks and risk management. His guiding principle—“Keep it simple and do the right thing”—has shaped a career defined by integrity, strategic insight, and client success. This philosophy has earned him six consecutive President’s Club awards and a reputation for being a reliable, results-driven advisor.

Marc holds an MBA from Cleveland State University and a bachelor’s degree in Accounting from Ohio University. At Steadfast Partners, he leads business development and operations, helping organizations build resilient, forward-thinking cybersecurity programs that align with their business goals.

David Grazer is a Principal and vCISO at Steadfast Partners with over 15 years of experience building and leading security, privacy, and trust programs for high growth technology organizations. With a product driven background, David specializes in integrating security into fast moving environments that support innovation while maintaining strong controls and customer trust.

David brings deep expertise in Trust by Design programs, enterprise identity and access management, fraud prevention, privacy program development, and ISO 27001 readiness and certification. He has led security and privacy initiatives for a two billion dollar creator platform, supported regulated fintech environments, and partnered closely with product and engineering teams to deliver secure, compliant, and enterprise ready capabilities.

At Steadfast Partners, David serves as a fractional security leader, helping organizations navigate complex security reviews, unblock enterprise deals, and translate technical risk into clear business decisions without the overhead of a full time executive.