About ROCyber Solutions
vCISO-as-a-Service – Enterprise‑grade Security for SMBs
Roman Orłowski
Founder & vCISO · Cloud Security · NIS2 | ISO 27001
With over 15 years of experience across diverse IT and security roles, Roman has witnessed firsthand how short‑sighted policies and corporate politics often undermine security. He founded ROCyber Solutions to provide a better way: honest, transparent, and truly effective cybersecurity for small and medium businesses – without the burnout and bureaucracy.
vCISO Expertise
Strategic vCISO
Virtual CISO services including risk management, compliance roadmaps, and security program development tailored for SMBs.
Cloud Security
AWS Security Hub, GuardDuty, CloudTrail; Azure Sentinel, Defender for Endpoint; Kubernetes, Cloudflare security.
Compliance Frameworks
NIST CSF, ISO 27001, NIS2, GDPR, DORA, SOX. Gap analysis, audit preparation, and compliance documentation.
Incident Response
Incident Response Planning, Post-Incident Analysis, Crisis Management Exercises (CMX), Cyber Kill Chain methodology.
Risk Management
Cyber Due Diligence, Third‑Party & Supply Chain Risk, Maturity Assessments, NIST SP 800-30 framework.
Threat Analysis
CTI report analysis, OSINT techniques, MITRE ATT&CK mapping, Darktrace, CyOps, threat hunting.
Career Timeline
IT Support – UK
First Red Midland Buses. Desktop & server support, hardware diagnostics, user relocations. Built foundation in troubleshooting and customer-facing IT.
Telecom Engineer – BT Openreach
Built and maintained UK’s largest broadband network. Installation, repair, signal testing, circuit mapping across the UK.
NOC Specialist – Horsebridge
24/7 monitoring of meshed networks for vessels, train stations, ISPs. PRTG, Ruckus, Wireshark, ZenMap.
Network Specialist – Emitel
Enterprise-level distributed network for TV/radio transmission. MPLS, SDH, IPTV, transmitter configuration.
Security Operations – William Hill
EOC Production Operations Analyst. Splunk, Darktrace, CyOps – fraud detection, brute force investigation, security incident management.
Cloud & Platform Engineer
Sperasoft (Amazon New World), Discovery Poland, Intellias (Fintech). NOC, cloud migration, Azure, MFA/SSO for 12,000+ users, Kubernetes.
Senior Engineer – LTIMindtree
Azure, Microsoft 365, Defender for Endpoint. IAM/PAM, Zero Trust, KQL hunting, incident response. Managed 15-person team.
ROCyber Solutions Founded
vCISO-as-a-Service for SMBs. 24/7 SOC, automated patching, NIS2/DORA compliance. 48h deployment, 14-day free pilot.
Strategic Pause & Independent Consulting
Company suspended pending first major client. Continuing vCISO consulting directly. Building OSINT tools and security audit framework.
Security Tools & Technologies
Security Frameworks
NIST CSF
Cybersecurity Framework – Identify, Protect, Detect, Respond, Recover
- Risk assessment
- Security controls
- Continuous monitoring
ISO 27001
Information Security Management System (ISMS) standard
- Security policies
- Access control
- Incident management
NIS2 Directive
EU cybersecurity requirements for essential entities
- Incident reporting
- Supply chain security
- Management liability
GDPR
General Data Protection Regulation for data privacy
- Data protection
- Privacy by design
- Breach notification
MITRE ATT&CK
Adversary tactics and techniques knowledge base
- Threat modeling
- Detection strategies
- Incident response
NIST SP 800-30
Risk Management Framework
- Risk assessment
- Vulnerability analysis
- Mitigation strategies
Continuous Learning
Hack The Box
Capture the flag platform for hands-on security training and penetration testing practice.
TryHackMe
Interactive cybersecurity training platform with guided labs and challenges.
HackerOne
Bug bounty and vulnerability coordination platform for responsible disclosure.
Let’s Secure Your Business
Free 30‑minute vCISO consultation – no obligations, just honest advice.
