2017-present Gained experience as information privacy consultant, deep knowledge and understanding of GDPR.

2015-2017 Responsible for Risk Assessment and Vulnerability Analysis in a National Insurance Company, using an approach focused to provide recommendations that maximize the protection of confidentiality, integrity and availability and at the same time providing functionality and usability. · Led a five people cross-divisional security team · Developed a plan for analysis and identification of risk areas and processes that are critical for the business. · Implemented security awareness programs to potential security weakness. · Provided training to the personnel to avoid security misbehavior and maintaining strong security efficiency

2013-2015 Provide with success technical expertise to a large Public Hospital in Rome. · Collaborate with the internal team to perform security analysis. · Provided reporting and plans for the adoption of adequate countermeasures, drawing up remediation plan. · Developed privacy policies. · Carried out initial and periodic privacy risk assessments.

2012 Government Sanitary Unit. Gained excellent experience in confronting Ransomware attack. · Led incident response and incident investigation team.

2010-2012 Strong experience in developing projects based on Intrusion Detection Service in case of attacks, alerting on intrusion for incident handling. Great knowledge in developing projects for supporting critical business processes, in the field of online training and examination, supporting, implementation and certification communications infrastructure. Strong experience in enhancing security programs, policies and procedures, security awareness training and security audits. Good knowledge in delivering services on ethical hacking, malware analysis, evaluation of website protection against hacker attacks and entrusted to find vulnerabilities.

2003-2009 Information security manager for S.I.S. Italy. Public sector and government consulting company. Responsible in dealing with the management of top clients for developing and implementing information security strategies. Provided technical leadership for the company information security program. Made strong experience identifying IT Security risks of business process and compliant management. Responsible in developing b usiness continuity and disaster recovery plans for complex infrastructure. Responsible for the security policies management of a Public Administration Sanitary Unit. Performed plans of vulnerability assessment and risk analysis for a Public Administration Sanitary Unit. Responsible for Privacy Information Regulation and Online Safety of the official web site for a Public Administration Sanitary Unit. Collaboration for a project work on protection of sensitive data, risk assessment and DPS planning for a Public Hospital.

1996-2003 Information security manager, SIAPA Soluzioni. Italy In charge for information security of the entire company network, good expertise in risk analysis projects, risk management and risk assessment. Project and management of LAN and WEB network for the entire Flammini Group Spa. Analyzing, projecting, and developing all internal IT infrastructures for the well running of the company, as well as the external infrastructure based at different location during the World Superbike Races (SBK) or Ford Motor Company Test Drive. Experience in a variety of multi-user technologies and storage technologies, excellent Systems administration experience. Provide project leadership for all technical service activities under the jurisdiction of SBK. Equally provide design and implementation support for all business systems. Developed the internal operation of the company through in-depth studies and changes. Optimize the revenue by continually adjusting capacities, as well as to forecast future business performance, to prepare appropriate forwardlooking data to support management decision-making, and to make recommendations for revenue improvement.

Education and Professional Profile

2003-2004 Advanced Course in Information Security Management, Cefriel – MIP Politecnico di Milano Second level master oriented to develop specific knowledge on technical, legal and managerial competence in information security, based on BS7799.

1985-1987 Marketing & management, Istituto Europeo Design, Rome Two years course in Marketing and Advertising focused on all international markets.

Languages Italian mother tongue English (C1) Spanish (C1)