Browse profiles Post a project
Malt welcom

Welcome to Mauro's freelance profile!

Malt gives you access to the best freelancers for your projects. Contact Mauro to discuss your project or search for other freelancer profiles on Malt.

Mauro Ruggeri

Cybersecurity Expert

Can work in or around Brussels

  • 50.8466
  • 4.3517
  • Suggested rate £642 / day
  • Experience 7+ years
  • Response rate 100%
  • Response time A few days
Propose a project The project will begin once you accept Mauro's quote.

This freelancer will be available again on 07/06/2023

Until 07/06/2023

Propose a project The project will begin once you accept Mauro's quote.

Location and workplace preferences

Location
Brussels, Belgium
Can work onsite in your office in
  • around Brussels and 50km

Preferences

Project length
  • ≤ 1 week
  • ≤ 1 month
  • Between 1-3 months
  • Between 3-6 months
  • ≥ 6 months
Company size
  • 1 person
  • 2-10 people
  • 11 - 49 people
  • 50 - 249 people
  • 250 - 999 people
+2 autres

Verifications

Freelancer code of conduct signed
Read the Malt code of conduct

Verified email

Languages

  • Italian

    Native or bilingual

  • English

    Fluent

  • Spanish

    Conversational

  • French

    Basic

Categories

Skills (10)

Mauro in a few words

Experienced in conducting comprehensive security posture assessments aimed at evaluating the effectiveness of cyber security critical controls. Hands-on senior technology and information security leader with track record of developing, articulating, and delivering mission-aligned security and IT risk management strategies. Has effectively built and managed teams of engineers, security assessors and analysts for over 25 years. Experienced in helping organizations to address requirements posed by various compliance frameworks, regulations, and industry standards including ISO 27001, TOGAF, SOX, GDPR, CobIT.

Experience

European Commission

Senior Information Technology Security Consultant  - As a freelancer

1809 E 11th St, Tulsa, OK 74104, USA

November 2021 - Today (6 months)

Settore Finanziario

IT Security GRC Manager  - As a freelancer

August 2021 - November 2021 (3 months)

Computer Resources International Group SA

Information Technology Security Specialist/Architect  - As a freelancer

August 2019 - August 2021 (2 years)

Security architecture design and security requirements definition. TOGAF High Level and Detailed Technical specification deliverables production. Technical specifications defined for Architecture and Solution Building Blocks. Support to platform, infrastructure and application workstreams. Security Requirements refinement, Clouding Technology security controls design.

European Commission

Senior Information Technology Security Consultant  - As a freelancer

Brussels, Belgium

July 2020 - November 2020 (4 months)

IT Risk Assessment , BIA, Security Plans. ITSRM2 Methodology implementation

Praxair, Inc

Information Technology Security Manager  - As a freelancer

Brussels Metropolitan Area, Belgium

September 2018 - June 2019 (9 months)

ISMS definition and implementation based on specific requirements, security strategy definition to increase Cyber security maturity. Controls Framework creation based on ISO 27001 standard, ISO 27001 GAP Assessment, controls framework definition, ISMS and policies development based on the group and local requirement according the defined timeline. Working on increase of Cyber Security based on the GAP assessment results to reach defined level in collaboration with the different departments of IT. Europe Business divesting process support and new Security Team training.

European Commission

IT Security Consultant  - As a freelancer

Brussels Metropolitan Area, Belgium

June 2018 - September 2018 (3 months)

IT Risk Management methodology developed and applied. Systems security plan developed. EC Security Standards & ISO 27001 Compliance Gap Analysis. Business Impact Assessment methodology developed and implemented. Security measures and Security strategy de-fined. Policy and Procedures planned and implemented.

ING

Senior IT Security Consultant  - As a freelancer

Amsterdam, Netherlands

July 2017 - June 2018 (11 months)

Risk Measurement Model implementation. Controls framework review and implementation in a full Agile e-government. Security measures planned and implemented. SOX controls ToD and ToE defined and documented. Development and operational teams support. Applications security documentation reviewed and updated.

EASO

Senior IT Security Consultant  - As a freelancer

Malta

May 2017 - July 2017 (2 months)

IT Risk Assessment, ISO 27001 GAP Analysis, Business Continuity/Disaster Recovery approach definition and IT Governance Maturity evaluation based on CobIT 5

Euroclear- Brussels Area

IT Security Architect  - As a freelancer

Brussels, Belgium

May 2016 - April 2017 (11 months)

I determined security requirements and supported internal SOC Analysis based on QRADAR: planning, implementing, and testing security systems; refining SIEM platform, preparing security standards, policies, and procedures. I have been enhancing security team accomplishments teaching improved processes and mentoring team members. I determined security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates. I plan security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices.

Milan Area

IT Security Consultant  - As a freelancer

April 2016 - July 2016 (3 months)

SGSI Certification, ISO 27001, Policy & Procedures review, eIDAS GAP Analysis & ETSI standards implementation, IT Risk Management

European Commission

Senior IT Security Consultant  - As a freelancer

Brussels Metropolitan Area, Belgium

January 2016 - May 2016 (4 months)

IT Risk Management methodology developed and applied. Systems security plan developed. EC Security Standards & ISO 27001 Compliance Gap Analysis. Business Impact Assessment methodology developed and implemented. Security measures and Security strategy de-fined. Policy and Procedures planned and implemented.

GM Financial

Senior IT Security Auditor  - As a freelancer

January 2015 - December 2015 (11 months)

Assessment of IT systems & infrastructures security, disaster recovery, general computer controls.Work with various businesses and IT groups to understand how IT systems are used in accordance with established policies, processes, and controls, i a SOX context, to evaluate proper risk levels and design appropriate controls testing procedures.Identify gaps in the design and implementation of IT or business processes and controls.Integrated Audits.Team Mate supported audit processes. Data Analytics (ACL/Arbutus).

Banca ITB

IT Service Delivery & Security Manager

May 2014 - December 2014 (7 months)

Service Delivery and IT Security Manager (20 people managed).Positioned as Lead Subject Matter Expert for IT Compliance & Governance. Data Governance Project Manager. IT Processes review to be compliant with the Bancad'ItaliaCircular 263. IT Risk Assessment and Business Continuity.

Banca Sella Holding

IT Internal Audit Manager

13900 Biella, Province of Biella, Italy

August 2007 - May 2014 (6 years and 9 months)

Technology Audit assignments across the business, assessing and testing controls, providing assurance and making suitable recommendations for improvement where necessary. PCI DSS gap analysis performed. Support in creating new information security policies, procedures and processes encompassing all departments and positions thereby increasing productivity Planned, performed and reported Internal Audit reviews ensuring the on-target delivery of audit work and that each assignment has been executed in line with professional and departmental standards. Evaluation of process and controls, and recommendations for improved control, efficiency and effectiveness of systems, where appropriate. Written reports setting out findings from audit work, with appropriate follow-up and escalation of significant issues when required. Contribution to the Internal Audit Program planning process, including input to the development and improvement of Internal Audit activities and sharing of technical knowledge.

TNT LOGISTICS

IT SOX Compliance Officer & IT Audit Manager

July 2005 - August 2007 (2 years and 1 month)

IT Auditing department builder.SOX controls framework developer IT Infrastructure, Unix, Windows, ERP assessment (JD Edwards & SAP). Active hands-on leadership of the Information Security Program. BU Italy&South America IT SOX compliance manager. IT Auditing department builder and trainer for the IT Security Professionals. IT Infrastructure, Unix, Windows assessment.

Emaze

Information Security Consulting Services Manager

May 2003 - July 2005 (2 years and 2 months)

I have defined the catalog of IT Security services and managed the start-up of the Professional Services Department. Business Development and Solution Development: Preparing written proposals and formal presentation to clients and prospective clients. Project Management. In this phase I have acquired experience in full lifecycle enterprise-wide networking systems design, engineering, development, implementation, security and support. In-depth knowledge of existing and emerging network architectures and platforms, with the ability to apply them to the strategic benefit of the organization. Regularly collaborate with Customer's Executive Team on strategic planning and security/IT operations.

Ubizen

Senior Security Consultant

January 2002 - May 2003 (1 year and 4 months)

NIDS& HIDS implementation Firewalling design and implementation Vulnerability assessment e network security assessment. Risk appetite framework development Managed security services (MSS) projects manager for primary national financial institutions. SEAM technology implementation manager for primary international banks.

Si2Si S.p.A.

Chief Information Security Officer

Rome, Metropolitan City of Rome, Italy

February 2001 - January 2002 (11 months)

Responsible for Enterprise Information Security, including the design, development and implementation of an Information Security Program and Information Security Architecture for a nationwide, distributed, networked computing environment. Employees in the department reviewed system access logs, on a daily basis, to determine if any security breaches or attempted breaches had occurred. Periodic reviews were also conducted to verify that employees were in the correct Role Based Access Groups and that employees who had resigned or been terminated had been revoked from all System Access. The personnel in my departments also conducted investigations when there appeared to be intentional attempts to gain unauthorized system access. Project manager to develop Corporate Business Continuity and Disaster Recovery Plans in the event of any type of disaster that would interrupt the operation Enterprise Information Security involved the design and implementation of an Information Security Program and Information Security Architecture. Software Configuration Management design and implementation across multiple platforms

Università degli Studi di Milano

Docente Master Sicurezza Informatica

Milan, Metropolitan City of Milan, Italy

April 2001 - June 2001 (2 months)

Risk Assessment and Vulnerability Management methodologies

TIM

IT Service Delivery and Security Manager

Rome, Metropolitan City of Rome, Italy

March 2000 - February 2001 (11 months)

Siemens ICN

Project Manager

Madrid, Spain

September 1996 - March 2000 (3 years and 6 months)

Project manager on important projects in Italy, Europe, Africa & Asia (implementation of TNM infrastructure and delivery/pre-sales/post-sales team builder).Unix based IS for TNM planning, delivery and post-sales activities. Cisco based networks planning and delivery for TNM infrastructure. Post sales team builder (4 people managed)

Education

  • laurea, Ingegneria Elettronica

    Politecnico di Milano

    1996

    laurea, Ingegneria Elettronica

Certifications 

  • Cissp
    Isc2
    2003
  • Issap
    Isc2
    2006
  • Cisa
    Isaca
    2011