Sicurezza informatica

Responsible for IT security and privacy aspects in the business projects of the bank
–	Development and management of the Information Security Management System
–	IT interface to the management with the role of interpreting the business requirements, con- textualise and consolidate them and proposing technical solutions
–	Development of an adjustment plan to the General Data Protection Regulation (GDPR)
–	Security incidents management and handling procedures
–	Project Management in IT Security projects; requirements analysis, time and cost planning, stakeholders involvement, security compliance verification
–	Definition of organisational models; writing, implementation, and control of security policies
–	Maintaining compliance with the PCI DSS standard and FINMA 2008/21 legislation; interface with internal and external auditors, verification of results, and an inclusion of the results in the improvement process
–	Database Activity Monitoring; responsible for managing Imperva SecureSphere: defining control rules, defining audit and security reports, tracking violations, events reconciliation, incident closure
–	Verification of compliance with security policies and procedures in IT operations activities
–	Configuration and usage of several controls and security tools: Vulnerability Assessment, Data Leakage Prevention, Identity Management, Network Admission Control

–	Project Coordinator - introduction of 802.11x network authentication
–	Design and management of IT infrastructure
–	Administration of corporate firewalls, VPN, endpoint security
–	Management of enterprise file systems, Windows Active Directory and Network Infrastruc- ture

–	Design, development and management of a Log Manager suiting the requirements of the Italian Privacy Supervisor (system administrators access audit)
–	Systems hardening procedures formalisation
–	Management of various activities related to cyber security, privacy issues, and adaptation to the existing legal framework