Andrea Fabrizi. Curriculum Vitae. Date of Birth: 10/04/1983 City of Birth: Anagni, Italy



Similar documents
Application Backdoor Assessment. Complete securing of your applications

Procase Consulting. APEX 4.1 Introduction. Oleg Mochkin

DTWMS Required Software Engineers. 1. Senior Java Programmer (3 Positions) Responsibilities:

TECHNICAL SKILLS UNIX, UNIX-like including Solaris, Linux, Mac OS X, BSD, SySVr4, HP-UX

Penetration testing & Ethical Hacking. Security Week 2014


Via Amedeo Peyron 12, Torino (Italy) Sex Male Date of birth 27 Sep 1982

Web and Mobile development Engineer

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Michele Jr De Candia Curriculum Vitae

Programming Languages

Team Size 20 Responsibility - Managing the business - Managing external projects - Billing advisor to telecommunication company

Special Topics in Vendor- Specific Systems. Objective

Alessio Rolfini (mobile)

Ctrl4C Pricing & Services Catalog

CrownPeak Playbook CrownPeak Hosting with PHP

ANNEX A.1 TECHNICAL SPECIFICATIONS OPEN CALL FOR TENDERS F-SE-13-T01 WEB DEVELOPMENT SERVICES

OracleAS Identity Management Solving Real World Problems

The GITO (Global IT & Operations) main goal is to deliver and maintain internal solutions for the business needs.

SOFTWARE TESTING SERVICES

ManageEngine (division of ZOHO Corporation) Infrastructure Management Solution (IMS)

Security Consulting. Services Overview

SOSFTP Managed File Transfer

BUSINESS SERVICES ORGANISATION - INFORMATION TECHNOLOGY SERVICES. Band 4 ICT Technician JOB DESCRIPTION

AppSentry Application and Database Security Auditing

Nicholas J. Parks, M.S.W.E

Vincenzo Cani Professional Profile

<Insert Picture Here> Oracle Policy Automation System Requirements

IT professionals. The skills. need to succeed. Technical IT Training. At a glance

VAT: SE Phone: +46 (0)

Resumé for Adam Pierce Updated February 2011

CRYPTUS DIPLOMA IN IT SECURITY

Curriculum Vitae 2015

Access Management Analysis of some available solutions

VULNERABILITY & COMPLIANCE MANAGEMENT SYSTEM

UBITECH Company Presentation

Federated Network Security Administration Framework

New Zealand Company Six full time technical staff Offices in Auckland and Wellington

AngularJS, Javascript, Prototype-based OO concept, RESTful Design Pattern, GWT, HTML5, Database.

Curriculum Vitae. personal details. career objectives

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Guardium Change Auditing System (CAS)

HOB WSP Web-Server-Gate Secure Access for Mobile Users and Business Partners to Enterprise Web Servers

Masters Degree Information Technology CCSE, CCSA, MCSE, CISSP. English, Danish, Persian, Spanish, Portuguese, Azeri and Turkish

CAREER OPPORTUNITIES

IBM Security AppScan Source

Exposé Ing. Jörg Pöschko

Luca Caucchioli Information Technology Consultant

Price List. Phone Number (919) Address Mailing Address PO Box 698 Franklinton NC 27525

WHITE PAPER. Domo Advanced Architecture

Michael Bösch. EDV-Consulting. Dipl. Informatiker (FH)

Ragy Magdy Regional Channel Manager MEA IBM Security Systems

Nanda Kishor K N. nandakishorkn@gmail.com

Hackers are here. Where are you?

Integrigy Corporate Overview

Hamish Whittal, 41. PRESENT POSITION: IT Manager, SAAO, Cape Town.

John Smith Prattville, AL

internet, intranet and software development Ross McKay résumé

Product overview. CA SiteMinder lets you manage and deploy secure web applications to: Increase new business opportunities

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

* Testing Engineer * System Engineer * Sales * Internal Support Engineer

Architecture and Mode of Operation


Artezio Company Profile

WEB APPLICATION VULNERABILITY STATISTICS (2013)

IS Careers. MIS 4133 Software Systems

System requirements. Java SE Runtime Environment(JRE) 7 (32bit) Java SE Runtime Environment(JRE) 6 (64bit) Java SE Runtime Environment(JRE) 7 (64bit)

BLIND SQL INJECTION (UBC)

STEP Networks Inc North routledge Park Ontario, Canada, N6H 5N5 OUR COMMITMENT TO EXCELLENCE

Software Development & Outsourcing. February 7, 2007

CONTENTS. Introduction 3. Our Team 5. Our Strategy 6. Solution Domains We Serve 7. Technology Platforms We Serve 8. Our Execution Practices 10

SBP is a software development outsourcing company, established in 2004, and headquartered in Bucharest, Romania.

Diploma in Computer Science

Curriculum Vitae. Personal information. Chamara Suseema Withanachchi. Desired employment / Occupational field. IBM i RPG Programmer (AS/400)

TCS Managed Security Services

Payment Card Industry (PCI) Data Security Standard

PangoMedia, Inc. Statement of Qualifications

Annex 10 Standard Profile Specification and Request Form for Services

BMS Consulting Cyber Security and IT Technology Team

EDUCATIONAL QUALIFICATIONS

Nick Metrowsky Oakwood Drive Longmont CO

THE OPEN SOURCE DEVELOPER REPORT

EMC Software Release and Service Dates for NetWorker and NetWorker Modules Last Updated on August 16, 2012

RAY L BURGESS 2727 Sheridan Drive, Tonawanda NY Phone: (814) ray.lee.burgess@gmail.com

DMZ Gateways: Secret Weapons for Data Security

Inputsoft Business Software & Consulting. Learn more at

A Network Administrator s Guide to Web App Security

IBM Rational AppScan Source Edition

THE OPEN SOURCE DEVELOPER REPORT

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

Contents. BMC Atrium Core Compatibility Matrix

IT DELIVERY CENTER IN BUCHAREST

Operating Systems compatible with GigasoftOBM / GigasoftACB (Supported Operation System List):

SOFTWARE TESTING PROCESSES PRESENTATION

FEATURES. Full featured multiplatform agents for Windows, HP-UX, Solaris, BSD, AIX and Linux.

UBS Training Course Catalog

S-Power Software Solutions Enterprise Class Software Solutions for Small- and Medium- Sized Business Environments at Breathtaking Price

Creating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011

Internet Engineering: Web Application Architecture. Ali Kamandi Sharif University of Technology Fall 2007

ASSOCIATE IN ARTS DEGREE-60 UNITS

Transcription:

Curriculum Vitae 1 General Information Name: Andrea Fabrizi Date of Birth: 10/04/1983 City of Birth: Anagni, Italy Place of residence: Luxembourg Phone: Website: www.andreafabrizi.it Email: andrea.fabrizi () gmail com Date IT career started: March 2005 Years of Experience (IT): 8 years Contractual Status: Current Main : Employee Security Consultant Other s: Developer Highest relevant educational qualification: Certificate and/or diploma School Institute - University From Until Secondary education Science and Maths High School Liceo Scientifico Dante Alighieri Anagni 1997-2002 2 Language Skills Italian English Understanding Listening C2 C1 Reading C2 C1 Speaking Interaction C2 C1 Production C2 C1 Writing Writing C2 C1 Referring to common reference levels (B1 1; B2 5) Page 1 of 9

3 Summary Summary: I m an Ethical Hacker and I work as Penetration Tester, breaking through the security systems of our customers to reveal vulnerabilities and threat exposures. I know the OWASP and OSSTMM methodology. I experienced Penetration Tests against a wide range of technologies and systems: Solaris, Linux, Windows, Tru64, HP-UX, Oracle, MySQL, PostgreSQL, Apache, Tomcat, JBoss, WebLogic, Oracle IAS, SAP, Java, PHP, ASP, ColdFusion, Smartcards, Token, SSO, and others. My specialities are penetration testing of web applications, mobile applications and critical systems such as mainframes (AS400, OpenVMS, etc...), live databases and virtualization infrastructures. I'm a Linux enthusiast and an experienced developer, I know C, Java, Python, PHP, C#, JavaScript, HTML, BASH, Assembly (x86 and Microchip PIC) and I experienced developing across multiple platforms (Windows, Linux, Mac, PIC, Android ). This knowledge is very useful for security activities like code review and reverse engineering. When I write software or a piece of code that can be useful to someone I like to publish it on my website. In my free time I like to improve my technical skills, reading security papers, analyzing software or firmware, and if I found interesting vulnerabilities I like to publish advisories or exploits. Only for hobby I have some knowledge of electronics, including Microcontroller programming, PCB design and circuit building. I like to work mostly with embedded Linux systems (MIPS, MIPSEL and x86 based). My specialties: Web Application Security, Reverse Engineering, Penetration Testing, Software development, Code review. Page 2 of 9

4 Full Employment overview: Company Customer department Type of Contract Duration (years) Main CV Exp Page Hypergolica / Freelance 3 years System Administrator 1 Unidata Telco Employee 2 years Security Consultant 2 STM Italia Public administration institutions Employee 2 years Security Consultant 3 Business-e Telco/Banks/ Financials Employee 3 years Security Consultant 4 INTRASOFT International European Commission Employee 1 year Security Consultant 5 Page 3 of 9

5 Professional Certifications Certification Year obtained RSA Archer Administration 2012 RSA Secure World 2012 Page 4 of 9

Professional experience page n 1 Hypergolica Webworks Studio Assignment : Start date End date: Duration (years) 03/2005 05/2008 3 Customer : Hypergolica Webworks Studio Main Ancillary s Web developer System Administrator Development and administration of web-based CMS. Software designer and developer of web applications and standalone applications; Database designer; Administration and hardening of web, mail and database servers. Linux, FreeBSD, C, PHP, Java, Bash. Page 5 of 9

Professional experience page n 2 Unidata S.p.A Assignment : Start date End date: Duration (years) 06/2006 06/2008 2 Customer : Telecom Italia Main Security consultant Security consultant for a major Italian telecommunication company. Penetration testing of critical systems and infrastructures; Technical security audit; Manual penetration testing, based on OWASP and OSSTMM methodology. Page 6 of 9

Professional experience page n 3 STM Italia Assignment : Start date End date: Duration (years) 07/2008 01/2010 2 Customer : Italian public administration Main Security Consultant Security consultant for a big Italian public administration institution. Computer and network security. Penetration testing; Vulnerability assessment; Security related software development; Security assessment of application firewalls. Manual penetration testing, based on OWASP and OSSTMM methodology. Automatic vulnerability assessment using products like Nessus and IBM Appscan. Page 7 of 9

Professional experience page n 4 Business-e S.p.A Assignment: Start date End date: Duration (years) 02/2010 03/2013 > 3 Customer: Telecom Italia, TIM Brazil, Italian Banks and financial institutions. Main Security Consultant Security consultant for a major Italian and international communication company, banks and financial institutions. Penetration testing of web applications, mobile applications, stand-alone applications, critical systems and infrastructures; Compliance and risk analysis; Vulnerability assessment; Security Assessment of virtualization infrastructures; Administration of SIEM, log management and GRC products; Technical and governance security consulting; Security software development. Manual penetration testing, based on OWASP and OSSTMM methodology. Vulnerability Assessment using tools like Nessus and McAfee Foundstone. Page 8 of 9

Professional experience page n 5 INTRASOFT International SA Assignment: Start date End date: Duration (years) 03/2013 Ongoing 1 year Customer: European Commission, Luxembourg. Main Security Consultant Security consultant for European Commission in Luxembourg. Penetration testing of web applications, stand-alone applications, critical systems and infrastructures; Vulnerability assessment; Manual penetration testing, based on OWASP and OSSTMM methodology. Page 9 of 9

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information