ROB HORNBUCKLE
CIO & COO | Board Director | Cybersecurity & Risk Leader
📍 Vienna, VA 📞 919-946-7235 ✉ rhornbuc@gmail.com 🌐 robhornbuckle.com 🔗 linkedin.com/in/robhornbuckle
BOARD VALUE PROPOSITION
Experienced board advisor with public company board experience and dual-role CIO/COO with over two decades of leadership in technology, cybersecurity, and operations across public, private, and PE-backed organizations. Brings cross-sector expertise and a governance lens—spanning defense, aerospace, retail, hospitality, and transportation—with a focus on cybersecurity oversight for boards, enterprise risk oversight, digital innovation, and regulatory compliance at scale.
CORE GOVERNANCE COMPETENCIES
Enterprise Risk Oversight & Mitigation
Cybersecurity Strategy & Crisis Response
Regulatory Compliance & Governance (CMMC, GDPR, HIPAA, SOX)
Digital Transformation & AI Integration
IT Modernization & Resilience
ESG (Environmental, Social, Governance)
Talent Development & Neurodiversity Advocacy
Board Governance & Fiduciary Oversight
M&A Oversight and Post-Merger Integration
EXECUTIVE EXPERIENCE
CIO & COO – IDT | 2023—Present
Mid-sized government contractor specializing in advanced software testing & development for the DoD
Engaged by IDT to restructure and scale the Chief Information Officer (CIO) and Chief Operating Officer (COO) functions, aligning departmental operations with strategic business objectives to support significant growth. Led the transformation of critical areas including IT Operations, Security (Physical, Information, and Government), Internal Development (DevSecOps, Platform Delivery), Operations (Facilities, Logistics, Procurement, Government Property), and Compliance (Internal, External, Audit). Successfully scaled internal capabilities to enable revenue expansion from $96 million to $160 million annually.
Crisis Management and Business Continuity | Oversaw flood response for a lab facility—mitigated damage, enabled temporary operations, and ensured fully restored site within one month with zero business disruption.
Critical Infrastructure Recovery | Directed the expedited recovery of a private data center after catastrophic electrical failure. Leveraged strategic vendor relationships to mitigate equipment replacement time from 6–8 weeks to under 2 weeks, ensuring rapid resumption of full operations.
Operational Efficiency, Financial Stewardship & Capital Allocation | Championed a new tasking and billing methodology for government support services—improving capital allocation, increasing direct revenue by 15%, and driving accountability and operational efficiency.
Executive Relocation Strategy | Advanced the seamless relocation of executive and support staff to a new headquarters location, completing the move on time and without incident.
Data Resilience and Disaster Recovery | Supported the development of an offline disaster recovery backup program for classified data, boosting organizational resilience against fire, flood, and blast threats.
Information Security Excellence | Positioned Mount Laurel Laboratory’s information security program for regional distinction, earning the only “Superior” rating from the Defense Counterintelligence and Security Agency (DCSA).
Technology Modernization and Remote Work Optimization | Directed an enterprise-wide VPN hardware upgrade based on employee feedback, reducing remote development build times from 5 hours to under 3 minutes, significantly boosting productivity.
IT Infrastructure Standardization & IT Governance | Executed an 18-month initiative to standardize IT systems under full manufacturer support, advancing IT governance, reducing infrastructure complexity, and lowering IT operational labor by 10%
Regulatory Compliance Leadership | Established Compliance Department and led successful effort to achieve Cybersecurity Maturity Model Certification (CMMC) Level 2 within 12 months—mitigating compliance risk, reinforcing ethical leadership, and positioning organization for expanded government contracting opportunities.
Enterprise Security Leadership & C-Suite Advisory | Advocated for and launched Chief Information Security Officer (CISO) role, unifying cybersecurity practices across classified and unclassified environments and enhancing board-level cybersecurity oversight to strengthen organizational risk posture.
Secure Facility Construction Oversight | Guided the design and construction of two classified environments and large-scale corporate office spaces, delivering secure, mission-ready facilities on time and within budget.
AI Integration for Workforce Optimization | Pioneered the full deployment of Microsoft CoPilot and GitHub AI tools across the organization, increasing task completion rates by 45% during agile sprint cycles and enhancing developer productivity.
Security Incident Management | Collaborated proactively with CIA, FBI, and NCIS personnel to investigate and resolve security concerns, maintaining a clean record with no major reportable incidents through anticipatory risk management.
VP & CISO – Allegiant Travel Company | 2020—2023
Ninth largest commercial airline in the US with over 5,000 employees and 2B in revenue
Oversaw transformation of Information Security and Compliance function—aligning it with enterprise strategy, scaling headcount by 2x, embedding succession planning, and deploying AI-enabled processes that tripled productivity and elevated security as a strategic business enabler.
Strategic Technical Vision and Cybersecurity Oversight for Boards | Influenced enterprise security strategy redesign—advancing zero trust architecture, aligning risk posture with business goals, and strengthening board-level communication through direct engagement with the CEO and public company directors on cybersecurity oversight.
Crisis Leadership and Business Continuity | Monitored security and risk programs through COVID-19, enabling uninterrupted operations and contributing to the airline’s industry-first return to cash-flow positive status post-crisis.
Financial Stewardship and Data Privacy Oversight | Oversaw $25M security and risk management budget. Negotiated strategic vendor partnerships to reduce costs by 53%, while delivering next-generation customer identity solutions and advancing enterprise-wide data privacy oversight.
Enterprise Risk and Regulatory Governance | Developed integrated IT risk strategies aligned with enterprise risk management frameworks. Partnered with legal leadership to shape the organization’s legal and regulatory strategy, build a corporate risk program supporting SOX, PCI-DSS, FAA, SOC 2, and GDPR compliance, strengthen internal controls, and enhance board cybersecurity oversight.
Agile Transformation and Application Security Leadership | Designed and scaled a world-class application security program enabling increased release velocity from 30 to 250 annual releases across 22 teams, with no known security vulnerabilities, supporting rapid business expansion.
Industry Recognition and Thought Leadership | Recognized among CISOs Connect Top 100 CISOs in 2020 and 2021. Delivered keynote addresses on cybersecurity innovation, workforce development, and leadership effectiveness at major industry conferences.
Strategic Communication and Stakeholder Alignment | Advised stakeholders regarding complex technical and security concepts, translating into business terms for board reporting and executive briefings to facilitate informed decision-making, enterprise-wide alignment, and stakeholder trust.
Strategic Risk Management and Threat Mitigation | Built a comprehensive risk assessment framework, aligning IT threat models with enterprise risk tolerance. Designed and implemented proactive mitigation strategies to protect business operations and intellectual property.
IT and Product Innovation Alignment | Drove IT strategic planning to accelerate product delivery cycles, embedding security into DevOps pipelines and reducing time-to-market while maintaining regulatory compliance and system reliability.
Technology Innovation and Strategic Foresight | Directed cross-functional innovation sessions to identify emerging technology opportunities, resulting in advancements across ERP, CRM, cloud, SSO, RBAC, and cybersecurity infrastructures.
Corporate Governance and Compliance Mapping | Facilitated enterprise-wide regulatory analysis and policy mapping across security domains including IDS/IPS, WAF, DLP, SIEM, and cloud security. Led gap analysis, project prioritization, and governance oversight initiatives to enhance compliance posture and reduce enterprise risk exposure.
Public Company Board Experience | Engaged regularly with board members and executive leadership at Allegiant (NASDAQ: ALGT), contributing to cybersecurity oversight, risk posture realignment, and strategic technology planning
Interim CISO – UTC Aerospace Systems | 2017—2019
Fortune 100 leading global provider of airplane parts
Recruited to launch a dedicated security division at UTC Aerospace, resolving compliance gaps tied to government contracting. Provided strategic leadership through merger and Day 1 integration.
Customer Trust and Compliance Leadership | Oversaw all compliance and security-focused customer engagements, enhancing client trust and satisfaction across heavily regulated industries. Benchmarked cybersecurity posture against industry frameworks such as DFARS, FIPS, NIST, GDPR, CCPA, and SEC/FINRA standards, ensuring alignment and regulatory accountability on a global scale.
Enterprise Risk Management and Mitigation | Directed enterprise risk identification and mitigation initiatives through ISO, NIST, CSA CCM, and SOX frameworks—strengthening governance oversight, improving risk posture, and aligning IT security architecture with organizational goals.
Global Regulatory Strategy and Cost Optimization | Pioneered innovative approach to meet complex regulatory requirements across China, Russia, and the European Union. Negotiated international agreements to drive compliance while significantly reducing operational and regulatory costs.
Industrial IoT Innovation and Operational Efficiency | Architected and led the deployment of an IoT-driven performance analytics system for industrial control environments enabling data-driven decision-making leading to operational efficiencies and reduced production costs across operations.
Cross-Functional Business Integration and Technology Advisor | Developed trusted partnerships across Legal, Compliance, Business Development, Internal Audit, and IT leadership. Served as a strategic advisor on technology selection, cybersecurity governance, and regulatory compliance.
CISO/Head of Information Security – Arby’s Restaurant Group | 2015—2017
Arby’s Restaurant Group is the franchisor of the Arby’s brand, owning 1100 locations with an additional franchisee base of 2400.
Following its divestiture from Wendy’s, recruited to establish a comprehensive security program. Third security and compliance program ‘architecture to launch’ opportunity.
Executive Leadership Collaboration | Engaged regularly with C-level executives, including the Chief Legal Officer, CIO, COO, CFO, and Chief People Officer, to align enterprise security strategy with broader corporate objectives through the Executive Security Council.
Board and Committee Leadership | Chaired the Executive Security Council and served as an active member of Arby’s Policy Review Board, Change Management Board, and Enterprise Operational Risk Committee, contributing to audit oversight, providing strategic advisory to governance committees, and shaping organizational risk and governance frameworks.
Strategic Board Communication | Delivered clear, tailored presentations to the Board, Senior Executives, and Executive Security Council, translating complex cybersecurity issues into actionable business insights that supported informed decision-making and upheld fiduciary responsibility.
Talent Development and Culture Enhancement | Enhanced organizational effectiveness by embedding career development initiatives within the security program, significantly increasing staff engagement, retention, and performance outcomes.
Enterprise Security Program Development | Architected and scaled a comprehensive, enterprise-wide information security program—building strategic technology roadmaps, embedding information security governance, and leading policy development to drive sustainable growth and operational efficiency.
Secure Product Innovation (DevOps Partnership) | Partnered with internal and external development teams to integrate secure design principles, delivering Arby’s first mobile app on time and within budget while minimizing cybersecurity risks.
Financial Stewardship | Directed departmental budgets and large outsourced security functions, prioritizing investments based on ROI, and ensuring alignment with corporate financial goals.
Vendor Risk and Contract Governance | Collaborated cross-functionally to negotiate vendor contracts and employee policies, ensuring risk mitigation and protection of critical information assets.
Enterprise Resilience Leadership | Led disaster recovery and business continuity planning, ensuring enterprise-wide preparedness and recovery capabilities across critical infrastructure and applications.
Strategic Technology Adoption | Selected and implemented cutting-edge technologies across the retail environment, including end-to-end encryption, mobile applications, point-of-sale innovations, and identity management solutions.
Insurance Risk Optimization | Partnered with the CIO and CFO to enhance security posture, resulting in consistent year-over-year reductions in cybersecurity insurance premiums.
Global Compliance Leadership | Directed strategies to ensure compliance with global digital asset protection standards, including PCI-DSS and U.S. state data privacy regulations.
CISO / Head of Information Security– Steritech | 2013—2015
B2B service provider specializing in brand standardization
BOARD & ADVISORY ROLES
Board of Advisors – Quantum Falcon 2023—Present
Board Member | Independent Director – JN Managed Services | 2021–Present
Board of Advisors – AttackIQ | 2020–2024
Board of Advisors – CionSystems Inc. | 2019–2022
EDUCATION & BOARD CREDENTIALS
MBA | Temple University
MS | Information Security, East Carolina University
BS | Computer Networking, East Carolina University
Certifications | CISSP-ISSMP, CISM, CRISC, ITIL V3
Top Secret Security Clearance | TS/SCI Eligible | Cleared for classified DoD work
Board Certification | QTE – Board Readiness