Experience

Cyberangels

• Italy
• IT Services and IT Consulting
• 1 - 100 Employee

• Chief Technology Officer

  • Oct 2022 - Dec 2022

  Milan, Italy - Current and ongoing product R&D. - Outline company objectives and timelines for research and development. - Development of technical aspects of business strategy to align with business objectives. - Management of technology practices so that they meet regulatory and compliance standards. - Identification and implementation of innovative technologies that produce a competitive advantage. - Coordination of product development and lifecycle activities. - Overseeing IaaS… Show more - Current and ongoing product R&D. - Outline company objectives and timelines for research and development. - Development of technical aspects of business strategy to align with business objectives. - Management of technology practices so that they meet regulatory and compliance standards. - Identification and implementation of innovative technologies that produce a competitive advantage. - Coordination of product development and lifecycle activities. - Overseeing IaaS infrastructure to ensure functionality and efficiency. - Building quality assurance and data protection processes. - Monitoring KPIs and IT budgets to assess technology performance. Show less



Aksilia Group

• Italy
• Information Technology & Services
• 1 - 100 Employee

• Junior Security Analyst

  • Dec 2021 - Sep 2022

  Lucca, Toscana, Italia - Creation of an assessment based on the Top 10 OWASP Web App Vulnerability - Analysis, securing and implementation of measures related to OWASP Top 10 web application security. - Management and coordination of implementation activities, drafting of documentation for ISO 27001 and Privacy By Design. - Implementation of DAST and SAST code analysis techniques with specific tools. - Implementation of SSDLC cycle. - Implementation of security measures on PHP and JS code according to… Show more - Creation of an assessment based on the Top 10 OWASP Web App Vulnerability - Analysis, securing and implementation of measures related to OWASP Top 10 web application security. - Management and coordination of implementation activities, drafting of documentation for ISO 27001 and Privacy By Design. - Implementation of DAST and SAST code analysis techniques with specific tools. - Implementation of SSDLC cycle. - Implementation of security measures on PHP and JS code according to the "Security by Default & by Design" methodology: Filtering & Sanitizing fields as preventive measures against Reflected/Stored XSS and SQL injection, Implementation of password salting techniques with MD5, implementation of field encryption with AES-128, implementation of Token-Based Authentication ... - Vulnerability Assessment activities: writing documents, test management and reports. - Monitoring Local and Cloud infrastructure of Aksilia Suite software with PRTG. - CentOS 8 and Ubuntu Server configuration: Installation, OS configuration, installation and configuration of NGINX as Application Server, installation, integration and configuration of PHP FastCGI Process Manager (FPM), SFTP connection setup, SSL certificate installation, TLS 1.3 and HTTPS setup. - Installation and configuration of programs in a production environment with NGINX - WAF configuration with OPNSense that exploits the integration with Nginx and the NAXSI module (Nginx Anti XSS & SQL Injection) for the prevention of such attacks. Configuration of IPS with Suricata. - Script autonomation activities: File scanning with ClamAV and NGINX antivirus integration with daily email alert). - Script autonomation activities: Design and implementation of cross site and incremental backup systems on CentOS and Ubuntu written in Bash. - Administration and management of Ubuntu servers for production, test, quality, development environments.

• Web Software Developer

  • Jul 2020 - Nov 2021

  Province of Lucca During my career I started doing consulting for GDPR and ISO 27001. Then together with Michela Turri (CEO of Aksilia) we had the idea to design what is now Aksilia Suite ( https://aksiliagroup.com/aksiliasuite/ ), a program for consulting in ISO and GDPR, all organized with Agile methodology - SCRUM. I worked then after a couple of months of consulting to the creation of the program as a Web Developer. - Languages used: PHP 8.0, CSS, JS-JQuery, HTML. - Tools Used: Git (Versioning)… Show more During my career I started doing consulting for GDPR and ISO 27001. Then together with Michela Turri (CEO of Aksilia) we had the idea to design what is now Aksilia Suite ( https://aksiliagroup.com/aksiliasuite/ ), a program for consulting in ISO and GDPR, all organized with Agile methodology - SCRUM. I worked then after a couple of months of consulting to the creation of the program as a Web Developer. - Languages used: PHP 8.0, CSS, JS-JQuery, HTML. - Tools Used: Git (Versioning), Azure DevOps then changed to BitBucket (Repo), PHPStorm (IDE). - Developed components: Gantt (JS), Task Management (PHP/JS), Chat (PHP), Document Management System (PHP), Organigram (JS), Drag&Drop components, Kanban Board, Creation of APIs for privacy consent management, device identification and session management (like Google does), real time chat with Web sockets. - Design and creation of Suite's API following the Secure By Design methodology and OWASP framework. - API Integration: Deepl (Translations), Zoho Office (online office editor), Dropbox, ILovePDF API (online document conversion tool), HostedScan (VA API), Synk (Repo Analysis), ChartJS, ApexChart, Aspose (document conversion), 2FA with Google Authenticator. -Design and creation of a SMTP mailing system with PHP



Abstraqt Srl

• Italy
• IT Services and IT Consulting
• 1 - 100 Employee

• Software Developer

  • Jan 2020 - Jan 2020

  Lucca, Toscana, Italia - Programming in T-SQL programming using Microsoft SSMS. - Trainee in web programming (C# + Metronic templates and Knockout Data Binding). - Debugging and cooperative development of a cross-platform project with Xamarin.



Portuguese Marinha

• Software Developer

  • Aug 2019 - Aug 2019

  Lisbon Area, Portugal Software developer at Portuguese Marinha of Lisbon. The stage was possible thanks to the partecipation to the project Tecnorete 4.0 Erasmus+ that involves not only the student, but also the ITIS. E.Fermi (high-school), Erasmus' partners and companies of the territory. The "QuestOnline" software is a program made by the Portuguese Marinha to create, send and analyze business questionnaires. My contribute to the project was: ▪ Code optimization ▪ Code Refactoring ▪ Added missing CRUD… Show more Software developer at Portuguese Marinha of Lisbon. The stage was possible thanks to the partecipation to the project Tecnorete 4.0 Erasmus+ that involves not only the student, but also the ITIS. E.Fermi (high-school), Erasmus' partners and companies of the territory. The "QuestOnline" software is a program made by the Portuguese Marinha to create, send and analyze business questionnaires. My contribute to the project was: ▪ Code optimization ▪ Code Refactoring ▪ Added missing CRUD functionalities to the software ▪ Implemented log serivices ▪ Implemented mail service to notify the administrators ▪ Implemented exception handling mechanism Show less



Kedrion Biopharma

• Pharmaceutical Manufacturing
• 700 & Above Employee

• IT Technician

  • Jun 2019 - Jun 2019

  Castelvecchio Pascoli ▪ Preparation and configuration of PCs for employees and Smart Workers using special procedures provided by the company. ▪ Analysis and implementation of automatic backups for FTP transfers via bash scripting and WinSCP. ▪ Troubleshooting FTP backup problems in the production sector. ▪ Use and learning of the company's Service Desk service for the management of help requests to the IT technicians. ▪ Acquisition of general skills in virtualization (Hyper-V, VMWare) and… Show more ▪ Preparation and configuration of PCs for employees and Smart Workers using special procedures provided by the company. ▪ Analysis and implementation of automatic backups for FTP transfers via bash scripting and WinSCP. ▪ Troubleshooting FTP backup problems in the production sector. ▪ Use and learning of the company's Service Desk service for the management of help requests to the IT technicians. ▪ Acquisition of general skills in virtualization (Hyper-V, VMWare) and NetApp storage. ▪ Information security: pentesting activities on a test system provided by the software company (Mimkatz). ▪ Research and application of related patches with technicians directly on the production system. Show less



Tecnical Institute Enrico Fermi

• IT Technician

  • Jun 2018 - Jun 2018

  Lucca, Italy - Installation and configuration of computers and networks of microcontrollers - Installation and configuration of new workstations in all IT labs (Windows installation, configuring workstations for students, cleaning computers from malicious programs and maintenance of existing PCs) - Maintenance and renovation of computers' rooms - Cleaning and Disposal of Old Computers