I have a proven track record of developing and implementing effective cybersecurity strategies and ISMSs. I have successfully increased security posture and awareness, led and coordinated IT teams, and conducted activities, even hands on, in highly complex context.
I have hands on experience also in intrusion prevention systems, anti-malware, log management and analysis, and Strong experience in safeguarding organizations against cyber threats. My expertise spans security auditing, risk assessments, compliance management, and cloud security strategy development. With over 23 years of experience, I have delivered impactful solutions to various global entities, including the European Commission, Financial Institutions, and relevant international companies.
Key Accomplishments:
Security Architect and Risk Assessor: Conducted comprehensive security audits, risk assessments, and security requirement definitions for diverse systems, utilizing ITSRM2, ISO 27001, EBIOS, MAGERIT/PILAR and other methodologies. Designed and implemented security architectures, strategies and delivered ISO 2700x and NIST 800-53 compliance gap analyses.
IT GRC Management.
Cloud Security: native cloud application security architecture design, SIEM platform implementation, and firewalling technologies. Enhanced cyber resilience and threat detection capabilities.
IT Compliance Expertise: Led ISO 27001 implementations, gap assessments, and ISMS design. Developed policies and procedures, ensuring regulatory adherence.
Business Impact Assessment: Pioneered methodologies for assessing business impacts, enhancing decision-making processes in security and risk management.
Audit and Control: Led security assessments, control testing, and audits, identifying gaps, and recommending improvements. Ensured proper risk management in IT and business processes.
Leadership and Team Development: Managed teams of up to 40 professionals, fostering a culture of security awareness and excellence.