Melina Scotto is the Federal Health CISO for GDIT and leads over 100 cybersecurity engineers and analysts across 140 Federal Health contracts. Melina holds current CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), CEH (Certified ethical hacker) and PMP (Project Manager Professional) credentials. Her concentration is in Federal, international and domestic health care data security and privacy regulations as well as general FISMA requirements.
In 2004, Melina secured global health systems providing anti-retroviral drugs to PEPFAR countries with John Snow Inc. where she worked primarily in network security administration. She configured PKI for Linux servers and managed Cisco VoIP systems for a nationwide telecommunications project. In 2009, Melina moved from international HIV work to domestic healthcare at George Washington Medical Faculty Associates. The position as Network Security Engineer focused on maintaining technical requirements of HIPAA Security Rule and HITECH in a dynamic virtual server and mobile device environment and assessing OCR criteria for HIPAA/HITECH compliance and Meaningful Use eligibility. It was at GWU where Melina became an instructor for master classes in Health Informatics, HIPAA Security, Business Continuity Planning and Risk Assessment. In 2012, Melina moved to National Institutes of Health (NIH) where she held several security posts. Currently, she leads a team of engineers and auditors for National Institutes of Health, CMS, FDA and CDC where projects move quickly, and data must be secured for FISMA compliance using NIST SP 800-53 rev 4 technical controls, NIST Cybersecurity framework and Department of Homeland Security Continuous Diagnostics and Mitigation (DHS/CDM) requirements both on-premises and in FedRAMP cloud environments.
A Maryland resident and lifelong Orioles fan. When not securely linked into a server, Melina enjoys volunteering with the Girl Scouts of the Nation's Capital and local children's classical choirs.