Melina Scotto

VP and CISO
Hilton

Formerly of GDIT, National Institutes of Health, George Washington Medical Faculty Associates

Melina Scotto serves as Vice President and Chief Information Security Officer (CISO) of Hilton. She leads cybersecurity programs where innovation for customer experience drives a fast pace. She secures data to a variety of commercial and international privacy controls (ISO/PCI-DSS/GDPR/PIPL) across traditional data centers and cloud environments.

The journey to CISO began as a database manager in the 90’s when she managed and secured the network of a transportation non-profit. Melina had the honor of serving on the President’s Y2K security committee, specializing in disaster recovery for US city transportation systems. This team became the underpinning of the Department of Homeland Security post 911. Melina moved to securing global health systems providing life-saving anti-retroviral drugs to PEPFAR countries with John Snow Inc.

In the early 2000’s, Melina moved to securing global health systems providing life-saving anti-retroviral drugs to PEPFAR countries with John Snow Inc. in the early 2000’s. She transitioned to domestic healthcare at George Washington Medical Faculty Associates. The position as Network Security Engineer focused on maintaining technical in a dynamic virtual server and mobile device environment. At GW, Melina began speaking and teaching more regularly on cybersecurity topics and became an instructor for master classes in Health Informatics, HIPAA Security, Business Continuity Planning and Risk Assessment.

In 2012, Melina moved to National Institutes of Health (NIH) where she held several engineering security and leadership posts. In 2018, she accepted the post of Federal Health CISO for GDIT, leading cybersecurity engineers and analysts across 140 Federal Health and State/Local Health contracts (FISMA/FedRAMP).

Melina holds several cybersecurity credentials including CISSP (Certified Information Systems Security Professional), CCSP (Certified Cloud Security Professional), HISPP (Privacy and Health Data Security). Her concentration is securing to Federal, Public and Private data security and privacy regulations as well as general FISMA, PCI-DSS and ISO best practice.