Overview
Jody Angelini is an accomplished technology and cybersecurity executive with over 40 years of experience leading IT, information security, and risk management programs across the public and private sectors. A seasoned practitioner in Information Technology, InfoSec, Compliance, Governance, and Risk frameworks, she assesses organizational security and technology environments, identifies gaps, and develops targeted solutions to meet business, audit, and regulatory requirements.
She takes a holistic, integrated approach to technology management—aligning IT, security, and business strategy to strengthen enterprise performance and resilience.
At C&A Consulting, Ms. Angelini leads cybersecurity governance, compliance, and technology risk-management initiatives, advising financial-services organizations on designing and implementing sustainable, regulatory-ready infrastructures. Her work emphasizes practical risk mitigation, operational transparency, and alignment with executive-level strategic goals.
Experience & Leadership
Ms. Angelini’s career spans key technology leadership and consulting roles with Clarus Consulting LLC, Clearing House Payments, the Pennsylvania Higher Education Assistance Agency (PHEAA), and multiple state agencies, including the Commonwealth of Pennsylvania’s Office of Administration, Office of Budget, and Department of Revenue, as well as the PA Air National Guard.
Throughout her career, she has built IT and InfoSec offices from the ground up, serving as Chief Security Officer / Vice President and Vice President of Network Technology & Client Support Services at PHEAA, reporting directly to the CIO/SVP. She has worked closely with C-level executives to ensure IT and information security initiatives align with organizational strategy.
Ms. Angelini provides technology leadership across IT/IS operations, policy, and planning, leveraging deep subject-matter expertise to advise senior and executive management in the financial-services sector. She holds certifications as a Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).
Core Expertise
- IT Audit and Compliance Management
- Security Incident Response Programs
- Asset Management and Data Classification
- Configuration Management and SDLC
- Identity and Access Management
- Vendor and Client Management
- Vulnerability and Gap Analysis
- Risk Management
- IT & IS Management
- Contingency Plans and Business Resumptions
- IT Governance, Security and Privacy
- Security and Privacy Training
- Physical and Environmental Security
Key Achievements
- Established and managed the first Enterprise Information Security Program, proactively developing key components to meet client requirements and anticipated regulatory mandates—safeguarding $84.4B in assets, intellectual property, and IT systems, as well as the physical safety of employees and visitors.
- Built and managed a comprehensive client-server environment including Windows Servers, Unix (AIX, SUSE, RedHat), telecom systems (Call Management, Predictive Dialer, PBX, IVR), TCP/IP transmissions, and full network infrastructure (routers, switches, IDS/IPS, firewalls), along with imaging and workstation platforms.
- Established Enterprise Business Continuity and Disaster Recovery governance aligned with industry best practices, regulatory requirements, and third-party contractual obligations. Designed and implemented offsite DRP/BCP plans for all four organizational locations.
- Conducted multiple third-party security and privacy assessments, resulting in all clients achieving Authority to Operate (ATO)
Compliance with Regulatory Frameworks & Standards
NIST • ISO • FISMA • COBIT • PCI-DSS • HIPAA • DFARS • IRS PUB 4812 • PUB 1075
Professional Certifications
- Certified Information Systems Auditor (CISA)
- Certified Information Security Manager (CISM)