Board-Tested Public Company & Private Equity Technology, AI, Cyber & Risk Executive

Chief Information Security Officer

Most Recent Roles

Public Company & Private Equity Chief Information Security Officer

Responsibilities: CISO, Compliance, Networking, Network Operating Center, Call Center, Financial Systems Administration

Joe Marroquin is a board-facing technology, cybersecurity, and AI governance executive known for leading large-scale business transformations, corporate separations, critical infrastructure protection, and enterprise modernization initiatives across both public-company and private-equity-owned environments. He served as the founding CISO of Vestis (NYSE: VSTS), helping establish the technology, security, compliance, and governance foundations of a newly independent $3 billion public company. Previously, as CISO of Encompass Digital Media, a private-equity-owned global media technology provider, he directed cybersecurity and compliance for a U.S. Department of Homeland Security-designated National Critical Infrastructure organization and a U.K. Critical National Infrastructure provider supporting more than 2,000 television channels, global media distribution platforms, and customers including Disney, HBO, BBC, NFL, NASA, and the U.S. Department of Defense. His leadership combines enterprise risk management, operational resilience, AI governance, and technology strategy to deliver measurable business outcomes in highly regulated, mission-critical environments. A trusted advisor to boards, executive teams, regulators, auditors, investors, and private-equity stakeholders, Joe is recognized for building pragmatic, resilient organizations that balance innovation, governance, security, and operational performance at enterprise scale.

Opportunities

How to Engage Joe

Give me a call

Advisory

Experience matters when the decisions carry real consequences. Drawing on decades of executive leadership across public companies, private-equity-backed organizations, critical infrastructure providers, and Fortune 500 enterprises, Joe provides practical guidance grounded in execution, accountability, and measurable business outcomes. Whether building, remediating, or transforming technology, cybersecurity, governance, and compliance programs, the focus remains the same: helping organizations reduce risk, improve resilience, and enable growth.

Speaking & Workshops

The best leadership conversations are rarely comfortable. Joe's speaking engagements and workshops challenge conventional thinking about leadership, governance, technology, cybersecurity, AI, and organizational effectiveness. Drawing from decades of executive experience and the themes explored in Executive Points of View and Pragmatic Cybersecurity, these sessions provide leaders with practical frameworks, honest perspectives, and a language for navigating the realities of organizational life.

Executive & Board Leadership

Some organizations need more than advice—they need leadership. Joe is open to select executive opportunities where long-term engagement, organizational transformation, and sustained business impact are required. From public-company leadership and private-equity transformations to corporate separations, technology modernization, and enterprise remediation initiatives, he brings a proven record of building, stabilizing, and leading organizations through periods of significant change and accountability.

I have been fortunate enough to write a few books. Here's a sample of my works and collaborations

Book Spotlight

Executive Points of View

January 2025

Cowritten with my friend and colleage CEO of Magnitude Consulting, Grant Shih, Executive Points of View delivers exactly what its title promises: candid, hard-earned perspectives from two seasoned executives who have spent decades inside the pressure chambers of corporate leadership. This work was not born in a think tank or a classroom. It was born during the depths of COVID, when the world slowed down, evenings reopened, and long conversations became possible again. In 2020, with fewer distractions and more clarity, Grant and Joe began naming the patterns they had lived through repeatedly across careers spent in the C-suite, in high-stress, high-responsibility military roles, and in complex, multi-billion-dollar, multicultural environments with some of the world’s largest organizations.

What started as late-night conversations quickly became writing. By 2021, those ideas had taken shape as a blog and a series of videos, introducing a new way to talk about leadership, power, and organizational reality. The response was immediate because the ideas were familiar in experience, even if they had never been named clearly. As the writing deepened and matured, the work evolved into its full expression as a book. The result is a hard-hitting publication that pulls no punches and makes no apologies.

This is not leadership content designed to comfort. Executive Points of View is honest, raw, and unvarnished. It directly challenges many of the sacred cows of modern business thinking, including “win-win” and the comforting claim that “there are no bad questions,” demonstrating how these platitudes often obscure accountability and slow progress. It is deliberately controversial, deliberately direct, and deliberately challenging. This book is not for those seeking reassurance; it is for leaders, managers, and professionals willing to question accepted wisdom, sit with discomfort, and sharpen how they think, speak, and decide.

The following chapters capture the tone and intent of the book:

  • Organizational Wake The unavoidable disruption and downstream consequences leaders create when they make decisions, change direction, or move fast without planning for who will be impacted.
  • Character vs Competence A clear diagnostic for failure that forces leaders to separate skill gaps from integrity gaps, and to apply the correct remedy instead of guessing.
  • Menu of Services A framework for exposing the hidden cost of support, interruptions, and “quick asks,” and for restoring clarity about what teams actually provide.
  • Buying in the C-Suite A candid look at how senior leaders evaluate ideas, vendors, and initiatives, and why logic alone rarely closes the deal without trust, timing, and positioning.
  • There Are Bad Questions A direct challenge to the comforting myth that every question is equally useful, and an argument for disciplined thinking over performative participation.
  • There Is No Win-Win A realism-based view of trade-offs, scarcity, and competition, and why mature leadership requires owning who wins, who loses, and what it costs.

At its core, this work introduces a new lexicon for business; a shared language for recurring situations that leaders experience but rarely articulate clearly. Concepts like wake, consumption, menu of services, the power of “no,” and too many people in the room are not theories. They are practical tools, forged in boardrooms, executive reviews, crisis calls, and moments where ambiguity carried a price.

By reframing how we talk about organizational life, Executive Points of View invites readers to abandon comfortable clichés and confront reality as it is, not as it is marketed. This work is hard-hitting by design. It does not aim to inspire through slogans or soften the truth for mass appeal; it aims to be useful. For those ready to engage with leadership as it actually exists, Executive Points of View offers a clear-eyed, unapologetic roadmap and a language that finally fits the world executives inhabit every day.

Pragmatic Cybersecurity

January 2026

Just as Executive Points of View emerged from years of observation, reflection, and unfinished manuscripts, Pragmatic Cybersecurity is finally arriving in January. For those who know Joe well, this will not come as a surprise. He has been writing consistently since the early 2000s, producing essays, white papers, keynote drafts, and long form manuscripts at a pace that far exceeds the time available to formally publish them. There has never been a shortage of material, only a shortage of hours.

In fact, the idea for Pragmatic Cybersecurity predates Executive Points of View by many years. Long before cybersecurity became a board level concern or a regulated executive function, Joe was already using the phrase “pragmatic cybersecurity” to describe a style of leadership that valued proportion, judgment, and clarity over noise and posturing. Those who worked with him decades ago will recognize the term immediately. It has been part of his vocabulary, and his philosophy, for a very long time.

Ironically, it was the success of Executive Points of View that kept Pragmatic Cybersecurity in manuscript form longer than intended. While the genesis of the cybersecurity book came first, the momentum created by the blog, the energy of the COVID period, and the eventual publication of the Executive Points of View book pulled focus and time in a different direction. Both works, however, sat largely complete for years, evolving quietly as real world experience continued to shape them.

Once Executive Points of View reached completion, it became clear that the timing was right to bring both projects forward together. They are distinct works, but they share the same DNA. Both are written for leaders who have moved past theory and buzzwords and who now live in the space where accountability, judgment, and consequence intersect. Launching them in close proximity reflects how they were always meant to exist, as companion perspectives on leadership, governance, and responsibility.

Pragmatic Cybersecurity is a book for leaders who have outgrown acronyms for their own sake. It speaks plainly about maintaining compliance with SOX, GDPR, HIPAA, PCI, and SEC disclosure requirements while defending complex organizations against evolving threats and unrealistic expectations. It is not a book about tools. It is a book about people, decisions, and the discipline required to lead when time is short and the alarms never stop blinking.

The structure of the book reflects that intent. Early chapters ground the reader in the language and origins of the field, then move deliberately into the realities of leadership and governance. Part I includes chapters such as Cybersecurity, the WordThe Real Origins of CybersecuritySurviving in a Sea of ChiefsWhat Kind of CISO Are You?Finance for CISOsThe Vendor EcosystemBuilding CultureDon’t Let the Staff Go Batman, and Governance and Control.

Part II reinforces the idea that cybersecurity is contextual, not universal. Chapters like One Size Does Not Fit All and Outsourcing explore how organizational scale, geography, and business models fundamentally change what effective security looks like in practice.

Part III looks forward without drifting into speculation. Chapters on Robotics and AutomationArtificial IntelligenceKeep the Lights Blinking, and The Road Ahead examine where technology is heading while keeping the focus firmly on leadership, accountability, and restraint.

At its core, Pragmatic Cybersecurity insists on integrity over perfection. It challenges leaders to build programs that are compliant by design, resilient by culture, and defensible both in an audit and during an incident response call at three in the morning. Written with dry humor and deliberate realism, it brings readers into the real boardroom, where budgets are finite, regulators are listening, and credibility matters more than maturity models.

Like Executive Points of View, this book is the result of years of lived experience rather than a reaction to current trends. It has waited its turn. January marks the moment it finally steps out of manuscript form and into the hands of leaders who understand that cybersecurity, at its highest level, is not a technical function but a matter of judgment, proportion, and conscience.