Kan vara tillgänglig
(Uppdaterat 2020-09-23)IT Security Expert
Milano, MI, Italia
Modersmål Italian, Mellan English, Spanish, Nybörjare French
- Information Classification
- Risk Management
- Project Management
Kompetenser (33)
NIST
GANTT
RISK ASSESSMENT
Risk Management
SECURITY POLICIES
ISO 27001
GOVERNANCE
SECURITY DOCUMENTATION
DOCUMENTATION
BUDGET
ISO
COBIT
INFORMATION SECURITY
REGULATORY COMPLIANCE
BEST PRACTICES
DATA PROTECTION
BUSINESS CONTINUITY
BLUEPRINT
MARKETING DEPARTMENT
BALANCE SHEET
GAP ANALYSIS
DISASTER RECOVERY
REMEDIATION
BUSINESS MANAGEMENT
CUSTOMER RELATIONSHIP MANAGEMENT
Marketing
APPLICATION TESTING
Supply Chain Management
SUPPLY CHAIN
CRM
TELCO
EXCHANGE
HEALTHCARE
Professionell bakgrund
2020-09 - Pågående
Security Expert with more than 5 year of experience. I'm currently working as Project/Security
Manager in order to provide the implementation of the processes in these areas:
◦ Identity and Access Management;
◦ IT Change & LifeCycle Managemt;
◦ Business Continuity & Disaster Recovery Management;
◦ Infrastructure & Platform Security;
◦ Risk Management;
◦ Governance and Compliance;
◦ IT & Asset Management;
◦ Monitoring & Event Management;
◦ Service Management;
◦ Third Party Management;
◦ Information Classification Framework;
◦ Manage IT Audit for the Security prospective.
Major tasks and responsibilities:
◦ Brings together key security and risk stakeholders to develop and review enterprise
security and risk strategies;
◦ Monitors regulatory compliance with enterprise security policies and educates business
unit leaders and service managers on compliance efforts;
◦ Creates an information security awareness program to customize communication tools
and campaigns for the Site;
◦ Set up and maintain local information classification processes and ensure the ongoing
identification of protection needs;
◦ Ensure compliance to information security and IAM policies. Manage and register
approvals as well as exceptions and handle escalations;
◦ Coordinates business continuity planning efforts across Functions at the Site;
◦ Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments;
◦ Sets usage and security policies for information sharing on internal and external
platforms;
◦ Understands "voice of the customer" and develops mechanisms to proactively sense
adoption and usage patterns of consumer technologies by end users so that policy can
align with need;
◦ Develop and direct implementation of security standards and best practices for the organization.
Milano, Italy
2020-09 - 2020-09
◦ Risk Management;
◦ Security by Design;
◦ Governance and Compliance;
◦ Client Data Protection;
◦ Cyber Risk;
◦ Data Breach
Last Project for Italian Primary Bank: My role was to define a cyber operating protocol on a data breach scenario that includes 3 areas:
- Engagement of Comitato di Crisi and Unità di Emergenza
- Define business continuity solution
- Communication Framework.
- Prepared a G7 simulation that involved all important bank e Banca d'Italia. The simulation
consist in a financial collapse due to a cyber attack of the European financial sector.
Other Project: Manage and define a framework of second level controls in the cyber risk
area; define Key Risk Indicator (KRI) based on NIST Standard, cross to all Cyber Security
enviroment, to define an ad hoc process of monitoring the bank.
Other Project: Defined and implemented a Security By Design Framework
Milano, Italy
2020-09 - 2020-09
I worked on a project for an important Italian Banking Groups where I'm conducting:
◦ PM Project:
◦ - organize my work with proper management tools;
◦ improve and automate activities;
◦ produce assigned deliverables autonomously and efficiently;
◦ prepare documentation/deliverables concerning meetings and activities in time and in efficient way;
◦ identification of a security controls and processes to implement a data center based on
Microsoft Azure in cloud;
◦ Iniziative 'Enterprise Technology BluePrint' related to the Banking Platforms: I
developed knowledge and skills about various security topics to be autonomously re-
used on future similar projects. I provided a framework for understanding disparate
design and process considerations of each platforms and I organized architecture and actions toward improving enterprise security
◦ Remediation Plan for a new Infrastructure based on CA Privileged Access Manager
Solution.
I worked on a project for an important Telco Company where I conducted:
◦ Security Client Data Protection: Security requirements to apply at the Services (e.g.
Infrastructure/Application Testing or Development/Production Support/
Consulting) provided by Accenture to the client.
I worked on a project for another important Italian Banking Groups where I conducted:
◦ Analysis and evaluation of IT Risks (in accordance to Circ. 263/06 and Circ. 285/13) to
better identify the security measures to be implemented and to ensure the confidentiality, integrity and availability of business and client information (in accordance with Information Risk Assessment Methodology);
◦ Development of client security documentation, in accordance with internal and external
2020-09 - 2020-09
◦ Program Governance;
◦ AS IS analysis;
◦ Support documentation request;
◦ Gap Analysis
◦ Preparation of documentation for the request for proposal;
◦ Economic offer preparation;
◦ Preparation of technical offer;
◦ Definition of the proposed solution (TO BE);
◦ Definition of the proposed approach;
◦ Definition of Activities and Deliverables (Project Gantt Preparation);
◦ Preparation of the work plan; -
◦ Organization of the project team;
◦ Definition of monitoring activities.
Budget Management:
◦ preparation of the budget;
◦ budget definition;
◦ preparation of the balance sheet.
2020-09 - 2020-09
2020-09 - 2020-09
Trainee in healthlab of Consiglio Nazionale delle Ricerche of Naples for the development of android application for smartphone (support of nevus monitoring).
www.icar.cnr.it via Pietro Castellino,111, Napoli, Italy
2013-01 - 2013-01
www.accenture.com Via Quadrio, Milan, Italy
2013-01 - 2013-01
marketing. During this time, I was part of the Marketing Department, responsible for the implementation of projects in different areas:
◦ Creating content for social media (videos, new articles related to the products, write articles..);
◦ Research and development of web content for car rental;
◦ Develop SEO texts (geographical segmentation/market) for the company's website;
◦ Look in the forum design information to attract potential customers or followers;
◦ Collaboration in the development of the technology project. The project at the moment is private and is under development (SEODISTAS);
◦ Application Android with list and detail of item to sell;
◦ Courses google on Digital Marketing, Web Analytics and Ecommerce.
http://www.h2e.es/ Seville, Spain
Akademisk bakgrund
2020-09 - 2020-09
2020-09 - 2020-09
2020-09 - 2020-09