Requests
2
5
6
Keep in touch with meI'm using Intch to connect with new people. Use this link to open chat with me via Intch app
Work Background
n/aRed team leader
Aug. 2020London, England, United Kingdom
Self EmployedIT Security Researcher and Strategist
Jul. 2018London - Amsterdam - Tallin - MilanContact me for more information.
Supplied services:
- Penetration Testing
- Risk Assessments
- Ad Interim management
- iOS/MacOS Development
Self-EmployedFreelance contractor - Security Manager
Jul. 2018 - Sep. 2019Amsterdam Area, NetherlandsFollowed three main projects: Security Architect c/o Liberty Global International - designing security integration patterns for a Merge & Acquisition large project. GDPR Expert - designing technical measures to implement the Data Protection Regulation for the most significant dutch Real-Estate agents association Security Strategist for a non-disclosable threat intelligence company - assessing security exposures of the platform and working together with the developers to eradicate them. Reporting level: C-levels of the companies; apart from LGI (reporting to the Chief of Security Architectures).
MSC CruisesGlobal Head of Information Security
Jan. 2016 - Jun. 2018Geneva Area, SwitzerlandI started this assignment by talking with the CEO, to understand the company's risk appetite, and then I discussed with the C-Suite to understand which were the directions of the company and the most burning issues. After three weeks, I managed to propose a business case for the security strategy I envisioned. Achievements:
- Designed, presented, and received acceptance for a 2.5 years Security strategy
- Full PCI-DSS compliance within the first 100 days
- TUV certification of the DACH websites within first 200 days
- Built the Security Team (6 persons)
- Proposed the GDPR project, obtaining mandate and resources
- Along with the security team, took the lead of the project. - Given advice to C-Suite members for Privacy Related matter Other tasks and duties
- Following the security program, produced all the required policies and procedures using the NIST framework
- Created a partial CSIRT capability inside MSC, and consequently managed 200+ security- and privacy-related incidents. - Technical risk assessments and penetration testing. - In charge of on-board technical security. Vendor management, software selections. Reporting level: Boards of Directors, and C-suite.
BTCyber Security Manager
Jan. 2015 - Dec. 2015SwitzerlandTechnical revision of the SIEM structure, and enriched the design using IA-based correlators, resulting in a 10% increase in anomalies detection. Delineated and implemented the SIEM rules to help APT preventions. Produced all the required risk assessments and penetration testing activities. Managed customer's expectations, which led to upselling the solutions enriching the SIEM architecture. Reporting level: Head of I.T. Security Consultancy of B.T. Switzerland.
Quint Wellington RedwoodSenior Consultant
Jan. 2013 - Sep. 2014Senior consultant, in charge of Risk Assessments and Mitigations, penetration tests, security plans, ISO 27001 assessments, NIST-based solutions, Policy writing, integration and auditing.
eForensics Magazine - www.eforensicsmag.combeta tester
Apr. 2012onlineExaminating coherence (technical editing) of articles appearing on the following issues of eForensics Magazine: More info on what I have written:
http://eforensicsmag.com/gabriele-biondo/
iDialoghiChief Technology Officer
Jul. 2011 - Dec. 2014Milan Area, ItalyAutomotive Security Projects
- FCA uConnect project: Security Architect. Also in charge of penetration testing - I.T. Security Program in Lamborghini: penetration testing campaign.
- I.T. Security Program in Italdesign/Giugiaro, server hardening Intellectual Property Protection programs
- DLP program c/o undisclosed Pharmaceutical company
- DLP program c/o undisclosed Fashion company Other Projects
- I.T. Security Manager c/o European Food Safety Authority (EFSA – a branch of European Commission).
-- Designed I.T. Security Program
-- Security Incidents management
- Compliance officer c/o H3G Italy
Cyber Security Forum InitiativeCSFI Consultant - Office of the Executive Secretary OES - EMEA
Mar. 2011Management of EMEA operations, Spreading information about the initiative, Speeches and presentations
BlueITInformation Security Officer
Jan. 2011 - Mar. 2012
Dimension Data, outsourced c/o European Commission. Luxembourg Ville, LuxembourgOperational Risk Management – Disaster Recovery Expert
Apr. 2010 - Aug. 2010Created the DR process from scratch for a key portion of EC's network.
Technical analysis of network services, written the DRP procedures, managed the test phase (5MDs max micro-projects).
Decided the metrics to present to EC officers.
ING Bank N. V.Operational Risk Manager
Nov. 2009 - Jun. 2011Amsterdam Area, NetherlandsPenetration test results’ analysis and composed the guidelines for external penetration test reports and the acceptability criteria. Resident member of the steering committee in charge of auditing and certifying external connections, and managing the sanitization of non-compliant or non-secure platforms. Kept all risk management-related communications with southern European affiliates. Reporting level: head of ING Risk Management Department.
HerothSenior Penetration Tester
Oct. 2009 - Apr. 2010Performed a broad black box penetration testing activity for one of the most important Dutch banks. Designed the NEN7510 iComply solution, as an integration of NetIQ Secure Configuration Manager and Dynasec Easy2comply. Developed a penetration test course (40 hrs). Performed a Penetration Test for one of the most important companies of the Rotterdam Harbor, member of the Hutchinson-Wampoa group.
ISSXConsultant
Oct. 2009 - Nov. 2009Performed a black box penetration test for one of the most important Dutch banks.
Trust in PeopleSecurity Consultant
Apr. 2009 - Jul. 2009In charge of developing new solutions such as: multifactor authentication, identity and access management, security baselines, abstract risk models, qualitative and quantitative what if scenarios. Other detective activities: penetration testing, IT forensics and investigations, incident management and response
DHLTechnical Architect
Jan. 2008 - Apr. 2009I am responsible for designing new solutions and assessing the IT Security aspect of the Technical Design Documents of other Technical Architects. The most important achievement I had to date was the creation of a business case pertaining on the migration of the old SAAB’s and Volvo’s DHL network. Given the high penalties for downtimes, this
assignment involved a proper risk assessment, several what-if scenarios (i.e. - migration of the whole IT installed base vs. service replica and data migration), and several financial forecasts (one off and run costs). Reporting to EMEA IT Architectures Manager level. Responsible for setting up the Global Directory Project and for developing policies of acceptable use.
UPC BROADBAND HOLDING SERVICE BVCapacity Manager
Mar. 2006 - Jul. 2008From an infrastructural standpoint, I am managing the storage and network capacity planning and the server performance while monitoring all affiliates geographically distributed across Europe (12 companies). Also responsible for platforms analysis, providing consolidation plans, while optimizing resources’ usage, and creating/maintaining processes such as the Data classification and the Information life-cycle management. I senior higher management on the basis of mathematical models followed by process optimization and business process re-engineering solutions and forecasts. Other duties:
• Facilitating the SOX Compliance management,
• Setting of Company’s standards for Software and Hardware related components,
• Designed, implemented, programmed and managed the Capacity Server
• As a point of interest, I was the first employee to achieve the ‘Nike Experience employee of the month’ of the company (Jan. 2007)
• Reporting to VicePresident and Director level.
H3G SPA - EriccsonMain Storage Architect/Capacity Planner
Apr. 2005 - May. 2006Designing Strategies for the SAN's growth
Consolidating Enterprise Hardware (Sun, HP, EMC)
Architectural design of networks and systems
Disaster recovery plans
Capacity planning
Providing security solutions and designs
Security policy design
Project Management
Team Management
Evaluating Third Part software and hardware solutions
H3G SPAIT Architect
Jul. 2004 - Apr. 2005Consolidating Enterprise Hardware (Sun, HP, EMC)
Architectural design of networks and systems
Managing and writing technical documents for the network Experience with Sun, HP and other multi-domain machines Experience with Oracle, Bea
Experience with Storage Area Network EMC and HP.
Disaster recovery plans
Capacity planning
Providing security solutions and designs
Security policy design
Project Management
European Social Fund - C.I.R.E. MilanoTeacher
Sep. 2003 - Mar. 2004Designed part of the course on IT security.
Designed and developed the program to be taught.
Taught Specialization in Internet and Intranet Security including modules on Application level security; IT security and Hardening.
Provided training for IT and non-IT professionals at graduate and non-graduate level.
Created all course material and examinations in line with the set course syllabus.
Taught how to harden and to probe the security of Windows and Unix Systems and the most spread/important applications (Oracle, Apache, Sendmail...).
Taught how to setup the most widespread services.
UnisysSenior System Administrator
Dec. 2002 - Aug. 2003Worked primarily as system administrator/IT consultant on the Hotline Unisys project in a team of 7, providing computer/network related troubleshooting and support to all the main newspapers in Italy.
Supported large business critical network infrastructures averaging up to 30 or more servers.
Duties included Sybase and Oracle database administration, shell programming and system security.
Systems and tools used include Windows NT, Cisco routers, firewalls, Unisys networks, Sun Solaris, perl, ksh, Hermes, DocCenter, Wirecenter, Nmap and Snort.
University of Bologna - Various FacultiesSenior System Administrator/IT Manager
Apr. 2000 - Nov. 2002Sole responsibility for managing all aspects of the Ravenna branch, including Linux server and Windows NT system administration in addition to general day-to-day office administration.
Developed and implemented a useful online multi-language terminology search tool.
Hardware/software buyer, managing the front-end staff area of the network (approx. 5-6 servers and 100 workstations) and web programming.
Much & More SrLOwner/Co-Founder - Chief of the D&R Dept
Sep. 1999 - Apr. 2000Designed and developed a number of CD-ROMs and dynamic websites for various clients.
Managed a team of 5 technicians.
Developed strong project management and staff management skills.
Intch is a Professional Networking App for the Future of WorkSee more people like Gabriel on Intch
300k+ people
130+ countries
AI matching
Get Intch if you'd like to
489368 people
16
Senior software engineer
19
Project manager @ Zois Energy limited
20
Project and business Manager
49929 people
22
Bonds Broker @ Esso
44
Investments Advisor @ Esso/ExxonMobil
15
Data protection Veeam