Joe Orlando

Globally Experienced Cybersecurity Professional

STERIS CORPORATION, Director, Product Cybersecurity       2025 to Present

 Responsibilities include Cybersecurity Strategy & Leadership; Governance, Risk Management & Compliance (GRC); Secure Product Architecture; Vulnerability and Incident Management; Cross-functional Engagement; Metrics and Executive Reporting; Threat Intelligence & Industry Engagement

Represent the company in healthcare ISACs, AAMI cybersecurity working groups, and FDA cybersecurity workshops.

KERN HEALTH SYSTEMS, Director of Information Technology and Cybersecurity                           2022 - 2025

As a result of a contracted engagement, I was asked to join KHS to execute on recommendations made from the engagement. Reporting to the CIO, responsible for systems administration; help desk; networks and telecommunications; systems architecture; technical compliance and InfoSec.


Experience with MS Sentinel, ARCsight, Archer SIEM; Azure, Exchange Online and MS365. Team drives SCOM and SCCM; Rubrik and Nutanix environments; nearly a thousand VMs; switched network; and a majority of workforce is working remotely.


Highly disciplined AGILE framework from epics to stories to tasks; iteration management; SecDev; WBS; SCRUM Ceremonies and support of over 50 projects per year – above routine, ad hoc and planned maintenance.


Supported over 25% resources growth. Fostering a collaborative entrepreneurially minded team. NCQA, HIPPA, DHCS Compliant and driving to HiTRUST Certification. Responsible for infrastructure roadmap; an 8-figure annual budget; strategy; technology procurement, vendor management, risk management and regular reporting to C-Suite on Security Assessment and Risks. Priorities included the evaluation and implementation of  OpenAI/CoPilot and formalize cybersecurity and evaluation requirements for technology acquisitions across the enterprise.

 THE TORCHLITE GROUP, Managing Partner                                                                                  2004 – 2022  

Relied upon as a Digital Technologies SME providing insights and “hands on” direction for Private Equity portfolio companies and global enterprises. M&A Transaction Support, Emerging Technologies Assessments; Integration and Separation Initiatives; Resource and Budget Planning; Program Development and Implementation; Project Management, Tracking and Reporting. Work fixed contracts as W-2 employee within clients (Executive-in-Residence)

 Key Specialties in Cyber Strategy; Data Privacy; Compliance; Cloud (IaaS; SaaS; PaaS); Discovery and Assessments; interim and virtual CISO; DPO; Secure systems design and architecture; developing strategic Roadmaps; Resiliency and Remediation;  Project Management; Outsourcing; Vendor Risk Management; Compliance Strategies.

Key market segments include Financial Services; Telecommunications; Information Technologies; Utilities; Government and Health Care in these key areas:

Some client contribution examples:

 Leidos

Contracted as Senior Principal Cybersecurity and Compliance at Leidos, a team of 18 manage Governance and Policy; Risk Management and Compliance with DFARS; NIST: FISMA; FIPS; SOX; GDPR; CCPA; HIPAA; and ensure adherence to a series of security frameworks to include NIST 800-171 and 800-53; ISO 27001; and e1 HiTrust CSF.

Elster Solutions, Smart Grid,  

Developed a new strategic direction for secure products and services in the Advanced Grid Infrastructure (AGI). Created the concept, prototype and launched the Callisto™ UIX software strategy (web services based) that is providing Elster Global with a solid 1-3-5-year strategic plan. Designed a solution strategy for Distribution Automation; Smart Meters; Meter Data Management; OMS, CVR, encrypted communications; Signal Processing and more. Integrated new authentication technologies to enable secure mobile access.

Computer Sciences Corporation (CSC)

Product Owner for Cybersecurity Global Products at $16B global services provider. Integrated solutions from McAfee, Symantec, IBM, RSA, and others into Archer and ARCsight SIEM to establish a commercial MSSP with 7 logically connects SOCs. Established the ST & LT strategy and plan; compliance guided by NIST, DFARS, CNSSI; FedRAMP, and FISMA; developed overall budgets; created and managed PMO; channels & alliances programs; identified existing and potential security pain points (IoT) and market opportunities; training; reporting; launch plans; and actively built analyst involvement. Drove the transition to AGILE development of proprietary heuristic analysis tools to address APTs, stealth threats and provide threat intelligence/situational awareness through correlation and forensic analysis.

 PRICEWATERHOUSECOOPERS UK

Senior Director of Strategic Technologies,                                                                      2001 – 2004

Recruited to an ExPat contract to establish strategic technologies center called Menlo Park Europe.

Collaborated with private equity clients and global technology enterprises, including Sony Ericsson, Colt, British Telecom, Siemens, Nokia, Sony, Hitachi, Philips, Roche, Orange, Marconi, Shell Oil, and British Petroleum.
Engagement lead focused on cyber strategy development; technology operations and strategies; collaborated on transformation engagement with National Health Services UK to include adoption of EMR; telemedicine; and secure portal technologies. Leveraged support technologies to include ServiceNow for user support.

Represented PwC across UK, Europe, and Middle East as Cyber SME; DPA 1998; BS7799; COBIT 5 and PKI/PCI standards; Cloud migration; SLA constructs; PAM and data protection maturity. Viewed as GDPR SME before enacted.

MOTOROLA CORPORATION
Director, VP of Strategic Markets,                                                                                          1998 – 2000

Championed new market entries, strategic alliances, channels, and e-business development opportunities.  Provided proposals and outlined business cases for broadband services, unified messaging, digital data sharing and security; incremental revenue through commercializing products from R&D shelves; strategic acquisitions while exploring whitespace directions for Motorola (2G/3G/4G; DocSys set top; power systems; and more) Led rebranding (Hello Moto and Digital DNA)

 IBM GLOBAL SERVICES                                                                                                             1996 – 1998

Senior Executive Consultant

Served as a senior consultant for IBM Management Consulting (Data Warehouse and Data Security SME), resulting in superior service to IBM’s largest accounts, including GM, American Express, Motorola, and others.

Managing Consultant for the program management team at American Express PMO for database consolidation (SAP); security strategies; and data warehouse initiatives. Awarded Engagement Excellence Award.


Led Market Launch for Speech Recognition (ViaVoice) 
 
EDUCATION

Stetson University, Bachelor of Arts – Business Marketing & International Business  ​

Employment

My Resume