JOSEPH G. ORLANDO
Orlando, FL
352-***-**** adobyu@r.postjobfree.com
www.linkedin.com/in/joe-orlando-cyber
GLOBAL CYBER TECHNOLOGY EXECUTIVE
Globally experienced executive with strong business and financial acumen. Strong ability to link security strategy and results directly to overall business strategy and goals. Keen abilities to develop strategy from in-depth analysis of risk management. Documented program development skills, from Governance, Risk and Compliance (GRC) across all functions and processes to address Vendor Risk Management; Updated Contract Constructs to Address Privacy and Cyber.
Possess excellent influencing skills and able to drive consensus.
Able to recognize and articulate security awareness; provide strategic direction, and have the ability to direct global and localized cyber teams, situational awareness; threat intelligence; SOC development and maturity; training and CIRT direction; while effectively managing budgets.
Current and direct experience with FISMA; FedRAMP (Cloud) and compliance tactics across entire systems ecosystem.
Demonstrated ability to forge strategic alliances with key stakeholders.
AREAS OF EXPERTISE
Risk Management
GDPR, CCPA, CPRP, ARRP
Cybersecurity Products
Regulatory Compliance
Governance Risk & Compliance
Legal & 3rd Party Risk Management
NIST, CMMI, DFARS
Policy Improvement
Business Continuity
Data Protection
Privacy
Emergency Response
PROFESSIONAL EXPERIENCE
TORCHLITE GROUP, Managing Partner 2004 – Present
Relied upon as a Digital Technologies SME providing insights and “hands on” direction for Private Equity portfolio companies and global enterprises. Proposal Writing; Resource and Budget Planning; SOW Development; Project Management, Tracking and Reporting.
Key Specialties in Cyber Strategy; Data Privacy; Compliance; Discovery and Assessments; interim CISO; DPO; Secure data “at rest” and “in motion;” BYOD; M2M, IoT, and mobile; Product Management; secure Cloud/SaaS; Outsourcing; Vendor Risk Management; Compliance Strategies.
Key market segments include Financial Services; Telecommunications; Information Technologies; Utilities; Government and Health Care in these key areas:
oCybersecurity (from logging to MFA to Heuristics; Situational Awareness and Threat Intelligence); Security Services Creation; Security Platform/Plans (COBIT5; BS7799; ISO 27001; NIST; ITIL; PCI); Scorecard Reporting; and more.
oReadiness / Compliance with GDPR; DPA; NIST 800.171; DFARS/FISMA/ FINRA; HIPAA; HiTRUST; AHCA; JCAHO.
oOutsourced and Managed Services (SaaS, MSSP); Product Development (AGILE, Software to SaaS, collaborative licensing agreements; path back); 3rd Party Privacy Amendments; DPIAs; DSAR Processes; Policies and Notices; assessments and Remediation; Training; Explicit Consent; Incident Response; Action Playbooks
Well documented experience
GDPR SME from Data Mapping to Incident Response; DPIA; Data Subject Requests; Application Registrations and more.
Experienced Global PMO Leader (Project and Program) Captured and Completed more than half dozen GDPR Programs.
Expertise in Business Analyst leading definition of required processes/procedures/notifications/ monitoring and reporting.
Some client contribution examples:
Steris Corporation, Medical Devices,
Key GDPR SME to Train; Coach; Guide and Lead Initiatives to Ensure Compliance with Regulation Pre and Post May 25 Deadline. Areas analyzed, and not limited to, DPIA; Data Flow Mapping; “Privacy by Design and Default;” Article 32 PII and PHI Readiness; Gap Discovery & Remediation Activities; Policies and Notifications; Vendor Assessments; Systems Registration; Subject Access Request Process; Consent Management; Incident Response; and much more. Set up the Communications Strategy and Tactics to Better Ensure Enterprise-wide Active Involvement; Reporting and Project Management. Also guided HIPAA and HiTrust efforts.
Elster Solutions, Smart Grid,
Developed a new strategic direction for secure products and services in the Advanced Grid Infrastructure (AGI). Created the concept, prototype and launched the Callisto™ UIX software strategy (web services based) that is providing Elster Global with a solid 1-3-5-year strategic plan. Designed a solution strategy for Distribution Automation; Smart Meters; Meter Data Management; OMS, CVR, encrypted communications; Signal Processing and more. Integrated new authentication technologies to enable secure mobile access.
JOSEPH ORLANDO – PAGE 2
Computer Sciences Corporation (CSC)
Product Owner for Cybersecurity Global Products at $16B global services provider. Integrated solutions from McAfee, Symantec, IBM, RSA, and others into Archer and ARCsight SIEM to establish a commercial MSSP with 7 logically connects SOCs. Established the ST & LT strategy and plan; compliance guided by NIST, DFARS, CNSSI; FedRAMP, and FISMA; developed overall budgets; created and managed PMO; channels & alliances programs; identified existing and potential security pain points (IoT) and market opportunities; training; reporting; launch plans; and actively built analyst involvement. Drove the transition to AGILE development of proprietary heuristic analysis tools to address APTs, stealth threats and provide threat intelligence/situational awareness through correlation and forensic analysis.
InDorse Technologies,
Successfully commercialized of innovative SaaS appliance for Enterprise Content Management (ECM), Digital Rights Management (DRM), Data Leakage Prevention (DLP), content authenticity and security. Developed a solution integrating eDiscovery and 2D bar code technology for secure document management. Became an industry resource to media and analysts around drivers impacting cyber issues.
Responsible for commercialization of disruptive technologies and a new dimension in MFA through location-based authentication.
PRICEWATERHOUSECOOPERS UK
Senior Director of Strategic Markets & Technologies, 2001 – 2004
Recruited to an ExPat contract to establish strategic technologies center called Menlo Park Europe.
Collaborated with private equity clients and global technology enterprises, including Sony Ericsson, Colt, British Telecom, Siemens, Nokia, Sony, Hitachi, Philips, Roche, Orange, Marconi, Shell Oil, and British Petroleum.
Engagement lead focused on cyber strategy development; digital security strategies (spanning monitoring and logging to actions co-ordinated by threat intelligence) and tactics (SME);collaborated on transformation engagement with National Health Services UK to include adoption of EMR; telemedicine; and secure portal technologies.
oSOC maturity, networking, mobile computing, emerging technologies, outsourcing, program and project management (PMO development); product localization, and acquisition integration.
Represented PwC across UK, Europe, and Middle East as Cyber SME; DPA 1998; BS7799; COBIT 5 and PKI/PCI standards.
MOTOROLA CORPORATION
Director, VP of Strategic Markets, 1998 – 2000
Championed new market entries, strategic alliances, channels, and e-business development opportunities. Provided proposals and outlined business cases for broadband services, unified messaging, digital data sharing and security; incremental revenue through commercializing products from R&D shelves; strategic acquisitions while exploring whitespace directions for Motorola (2G/3G/4G; DocSys set top; power systems; and more)
IBM GLOBAL SERVICES
Director 1996 – 1998
Served as a senior consultant for IBM Management Consulting (Data Warehouse and Data Security SME), resulting in superior service to IBM’s largest accounts, including GM, American Express, Motorola, and others.
Managing Consultant for the program management team at American Express PMO for database consolidation (SAP); security strategies; and data warehouse initiatives. Awarded Engagement Excellence Award.
EDUCATION
Stetson University, Bachelor of Arts – Business Marketing & International Business
Executive Courses at Harvard Business School and Sloane School of Management
COMFORTABLE WORKING REMOTE
ABLE TO RELOCATE GLOBALLY