Gabriele Biondo

In charge of certifying the adherence of new external connections to the Corporate Policy. Assessment of Penetration Testings. Author of Penetration Test Reporting Guidelines. Improvement of the review process. Duties: Gap analyses, risk assessments, risk analysis and mitigation, infrastructure auditing, BIAs.

Created the DR process from scratch for a key portion of EC's network. Technical analysis of network services, written the DRP procedures, managed the test phase (5MDs max micro-projects). Decided the metrics to present to EC officers.

Performed a broad black box penetration testing activity for one of the most important Dutch banks. Designed the NEN7510 iComply solution, as an integration of NetIQ Secure Configuration Manager and Dynasec Easy2comply. Developed a penetration test course (40 hrs). Performed a Penetration Test for one of the most important companies of the Rotterdam Harbor, member of the Hutchinson-Wampoa group.

Performed a black box penetration test for one of the most important Dutch banks.

In charge of developing new solutions such as: multifactor authentication, identity and access management, security baselines, abstract risk models, qualitative and quantitative what if scenarios. Other detective activities: penetration testing, IT forensics and investigations, incident management and response

Responsible for designing new solutions and assessing the IT Security aspect of the Technical Design Documents of other Technical Architects. The most important achievement I had to date was the creation of a business case pertaining on the migration of the old SAAB’s and Volvo’s DHL network. Given the high penalties for downtimes, this assignment involved a proper risk assessment, several what-if scenarios (i.e. - migration of the whole IT installed base vs. service replica and data migration), and s

From an infrastructural standpoint, I am managing the storage and network capacity planning and the server performance while monitoring all affiliates geographically distributed across Europe (12 companies). Also responsible for platforms analysis, providing consolidation plans, while optimizing resources’ usage, and creating/maintaining processes such as the Data classification and the Information life-cycle management.

Designing Strategies for the SAN's growth Consolidating Enterprise Hardware (Sun, HP, EMC) Architectural design of networks and systems Managing and writing technical documents for the network Experience with Sun, HP and other multi-domain machines Experience with Oracle, Bea Experience with Storage Area Network EMC and HP. Disaster recovery plans Capacity planning Providing security solutions and designs Security policy design Project Management Team Management

Designed part of the course on IT security. Designed and developed the program to be taught. Taught ‘Specialization in Internet and Intranet Security’ including modules on Application level security; IT security and Hardening. Provided training for IT and non-IT professionals at graduate and non-graduate level. Taught how to harden and to probe the security of Windows and Unix Systems and the most spread/important application.