JOSEPH G. ORLANDO

Orlando, FL

352-***-**** adobyu@r.postjobfree.com

www.linkedin.com/in/joe-orlando-cyber

GLOBAL CYBER TECHNOLOGY EXECUTIVE

Globally experienced executive with strong business and financial acumen. Strong ability to link security strategy and results directly to overall business strategy and goals. Keen abilities to develop strategy from in-depth analysis of risk management. Documented program development skills, from Governance, Risk and Compliance (GRC) across all functions and processes to address Vendor Risk Management; Updated Contract Constructs to Address Privacy and Cyber.

Possess excellent influencing skills and able to drive consensus.

Able to recognize and articulate security awareness; provide strategic direction, and have the ability to direct global and localized cyber teams, situational awareness; threat intelligence; SOC development and maturity; training and CIRT direction; while effectively managing budgets.

Current and direct experience with FISMA; FedRAMP (Cloud) and compliance tactics across entire systems ecosystem.

Demonstrated ability to forge strategic alliances with key stakeholders.

AREAS OF EXPERTISE

Risk Management

GDPR, CCPA, CPRP, ARRP

Cybersecurity Products

Regulatory Compliance

Governance Risk & Compliance

Legal & 3rd Party Risk Management

NIST, CMMI, DFARS

Policy Improvement

Business Continuity

Data Protection

Privacy

Emergency Response

PROFESSIONAL EXPERIENCE

TORCHLITE GROUP, Managing Partner 2004 – Present

Relied upon as a Digital Technologies SME providing insights and “hands on” direction for Private Equity portfolio companies and global enterprises. Proposal Writing; Resource and Budget Planning; SOW Development; Project Management, Tracking and Reporting.

Key Specialties in Cyber Strategy; Data Privacy; Compliance; Discovery and Assessments; interim CISO; DPO; Secure data “at rest” and “in motion;” BYOD; M2M, IoT, and mobile; Product Management; secure Cloud/SaaS; Outsourcing; Vendor Risk Management; Compliance Strategies.

Key market segments include Financial Services; Telecommunications; Information Technologies; Utilities; Government and Health Care in these key areas:

oCybersecurity (from logging to MFA to Heuristics; Situational Awareness and Threat Intelligence); Security Services Creation; Security Platform/Plans (COBIT5; BS7799; ISO 27001; NIST; ITIL; PCI); Scorecard Reporting; and more.

oReadiness / Compliance with GDPR; DPA; NIST 800.171; DFARS/FISMA/ FINRA; HIPAA; HiTRUST; AHCA; JCAHO.

oOutsourced and Managed Services (SaaS, MSSP); Product Development (AGILE, Software to SaaS, collaborative licensing agreements; path back); 3rd Party Privacy Amendments; DPIAs; DSAR Processes; Policies and Notices; assessments and Remediation; Training; Explicit Consent; Incident Response; Action Playbooks

Well documented experience

GDPR SME from Data Mapping to Incident Response; DPIA; Data Subject Requests; Application Registrations and more.

Experienced Global PMO Leader (Project and Program) Captured and Completed more than half dozen GDPR Programs.

Expertise in Business Analyst leading definition of required processes/procedures/notifications/ monitoring and reporting.

Some client contribution examples:

Steris Corporation, Medical Devices,

Key GDPR SME to Train; Coach; Guide and Lead Initiatives to Ensure Compliance with Regulation Pre and Post May 25 Deadline. Areas analyzed, and not limited to, DPIA; Data Flow Mapping; “Privacy by Design and Default;” Article 32 PII and PHI Readiness; Gap Discovery & Remediation Activities; Policies and Notifications; Vendor Assessments; Systems Registration; Subject Access Request Process; Consent Management; Incident Response; and much more. Set up the Communications Strategy and Tactics to Better Ensure Enterprise-wide Active Involvement; Reporting and Project Management. Also guided HIPAA and HiTrust efforts.

Elster Solutions, Smart Grid,

Developed a new strategic direction for secure products and services in the Advanced Grid Infrastructure (AGI). Created the concept, prototype and launched the Callisto™ UIX software strategy (web services based) that is providing Elster Global with a solid 1-3-5-year strategic plan. Designed a solution strategy for Distribution Automation; Smart Meters; Meter Data Management; OMS, CVR, encrypted communications; Signal Processing and more. Integrated new authentication technologies to enable secure mobile access.

JOSEPH ORLANDO – PAGE 2

Computer Sciences Corporation (CSC)

Product Owner for Cybersecurity Global Products at $16B global services provider. Integrated solutions from McAfee, Symantec, IBM, RSA, and others into Archer and ARCsight SIEM to establish a commercial MSSP with 7 logically connects SOCs. Established the ST & LT strategy and plan; compliance guided by NIST, DFARS, CNSSI; FedRAMP, and FISMA; developed overall budgets; created and managed PMO; channels & alliances programs; identified existing and potential security pain points (IoT) and market opportunities; training; reporting; launch plans; and actively built analyst involvement. Drove the transition to AGILE development of proprietary heuristic analysis tools to address APTs, stealth threats and provide threat intelligence/situational awareness through correlation and forensic analysis.

InDorse Technologies,

Successfully commercialized of innovative SaaS appliance for Enterprise Content Management (ECM), Digital Rights Management (DRM), Data Leakage Prevention (DLP), content authenticity and security. Developed a solution integrating eDiscovery and 2D bar code technology for secure document management. Became an industry resource to media and analysts around drivers impacting cyber issues.

Responsible for commercialization of disruptive technologies and a new dimension in MFA through location-based authentication.

PRICEWATERHOUSECOOPERS UK

Senior Director of Strategic Markets & Technologies, 2001 – 2004

Recruited to an ExPat contract to establish strategic technologies center called Menlo Park Europe.

Collaborated with private equity clients and global technology enterprises, including Sony Ericsson, Colt, British Telecom, Siemens, Nokia, Sony, Hitachi, Philips, Roche, Orange, Marconi, Shell Oil, and British Petroleum.

Engagement lead focused on cyber strategy development; digital security strategies (spanning monitoring and logging to actions co-ordinated by threat intelligence) and tactics (SME);collaborated on transformation engagement with National Health Services UK to include adoption of EMR; telemedicine; and secure portal technologies.

oSOC maturity, networking, mobile computing, emerging technologies, outsourcing, program and project management (PMO development); product localization, and acquisition integration.

Represented PwC across UK, Europe, and Middle East as Cyber SME; DPA 1998; BS7799; COBIT 5 and PKI/PCI standards.

MOTOROLA CORPORATION

Director, VP of Strategic Markets, 1998 – 2000

Championed new market entries, strategic alliances, channels, and e-business development opportunities. Provided proposals and outlined business cases for broadband services, unified messaging, digital data sharing and security; incremental revenue through commercializing products from R&D shelves; strategic acquisitions while exploring whitespace directions for Motorola (2G/3G/4G; DocSys set top; power systems; and more)

IBM GLOBAL SERVICES

Director 1996 – 1998

Served as a senior consultant for IBM Management Consulting (Data Warehouse and Data Security SME), resulting in superior service to IBM’s largest accounts, including GM, American Express, Motorola, and others.

Managing Consultant for the program management team at American Express PMO for database consolidation (SAP); security strategies; and data warehouse initiatives. Awarded Engagement Excellence Award.

EDUCATION

Stetson University, Bachelor of Arts – Business Marketing & International Business

Executive Courses at Harvard Business School and Sloane School of Management

COMFORTABLE WORKING REMOTE

ABLE TO RELOCATE GLOBALLY

Contact this candidate