Fabrizio Di Carlo

Angestellt, Group Manager, Avanade DACH

Abschluss: Master Degree in Digital Investigation & Forensic Computing, University College Dublin

Frankfurt am Main, Germany

About me

Strategy, Cloud and Security Architecture | Aspiring CISO, occasional speaker about Zero Trust Architecture - As my German is still basic I am happy to speak in English. I am not really active here in Xing, if you need a response feel free to reach me out on LinkedIn (https://www.linkedin.com/in/fabriziodicarlo/) or by email (fabrizio [at] fdicarlo.com)


Network Security
Penetration Testing
Information Security
Information Security Management System
ISO 27001
Google Cloud Platform
Zero Trust Architecture
Zero Trust


Professional experience for Fabrizio Di Carlo

  • Current 1 year and 5 months, since Jan 2023

    Group Manager

    Avanade DACH

    Group Manager, Digital Identity

  • 10 months, Jan 2022 - Oct 2022

    Head of InfoSec


    - Secured the corporate procurement platforms of Enterprise customers such Unilever, Siemens, Audi, etc; - Contributed to ISO27001 certification; - Contributed to TISAX (Trusted Information Security Assessment Exchange); - Implementation of Application Security (AppSec) pipeline; - Cloud security; - Enterprise Architecture

  • 3 months, May 2022 - Jul 2022

    Head of IT (ad interim)

  • 2 years and 2 months, Nov 2019 - Dec 2021

    Information Security Architect

    Deutsche Börse AG
  • 2 years and 2 months, Aug 2017 - Sep 2019

    Information Security Architect

    Zurich Insurance Group Ltd.

    - Serve as a primary security contact for projects during the planning, analysis, and design phases of projects; - Provide IT security technology and process guidance for enterprise architects and the business; - Improve the security posture of business systems by planning and designing the delivery of security within the solutions; Primary focus on cloud and cloud security (AWS and Azure)

  • 2 years and 3 months, Sep 2015 - Nov 2017

    Security Engineer

    Zurich Insurance Group Ltd.

    Goals achieved: - increased overall Endpoints stability and implemented EDR capabilities; - Policies reduction of 75%, increasing consistency and coverage across BUs; - Automation of Operational manual tasks. From mid August '17 to October transitioning to a new role as Information Security Architect

  • 1 year and 3 months, Jun 2014 - Aug 2015

    Symantec Technical Specialist


    Support of Symantec security products for enterprise customers and a client base ranging between 5 to 500.000 machines. Job activities include assistance during security incidents, threat remediation, consultation for the implementation and installation of endpoint security products in physical and virtual environments, assistance for the development of security concepts and policies, Knowledge Base articles writing and review, bug identification and tracking, training for new hires.

  • 1 year and 2 months, Apr 2013 - May 2014

    Technical Support Analyst


    Job activities include assistance during security incidents, consultation for the implementation and installation of endpoint security products, assistance for the development of security concepts and policies, KB articles writing and review. Released with a colleague an ADC Policy to prevent CryptoLocker's Outbreachs; Prepared internal training on "Removing malwares with Sysinternals Tools"; Developed internal documentation.

  • 10 months, Mar 2012 - Dec 2012

    External SEO Consultant

    LoVendoPerTe.it SRL

    - Participated in development of Buybilonia.com project (e-commerce in franchising). - Developed ETL procedures with Pentaho Data Integration (Kettle), Selenium (automation) to the e-commerce system. - Designed and implemented e-commerce web platform, switched from a monolitic structure to multi-site and multi-domain structure.

  • 1 year and 2 months, Jan 2011 - Feb 2012

    CTO & Co-Founder


    Startuppi was a startup in stealth mode. The main idea was to create a marketplace for all people involved in the startups' world (founders, developers, investors, etc) and at the same time to maintain a database of startups. This project was implemented in other big project.

Educational background for Fabrizio Di Carlo

  • 2 years and 1 month, Oct 2016 - Oct 2018

    Digital Investigation & Forensic Computing

    University College Dublin

    The MSc in Digital Investigation & Forensic Computing is a 2 year part-time masters degree course, that focuses on the following areas: - Computer Forensics - Information Security - Law for IT Investigators - Application Forensics - Investigative Techniques - Corporate Investigations

  • 6 months, Feb 2011 - Jul 2011

    Faculty of Electronics and Information Technology

    Warsaw University of Technology

    Algorithms and Data Structure, Dynamic Systems and Controls

  • Computer Science Engineering

    Università degli Studi di Roma 'La Sapienza'

    Software Engineering, Software Design (OOP), Programming


  • Italian

    First language

  • English


  • Spanish


  • German



IT Security

Browse over 21 million XING members