Fabrizio D.
vCISO / Fractional CISO / Security Leadership
Experience
Managing Director
ContrailRisks Germany
Founded and lead a cybersecurity advisory firm focused on virtual CISO services for financial, SaaS, and critical infrastructure clients
Advise executive teams on cyber risk, regulatory compliance (DORA, NIS2, ISO 27001), and incident preparedness
Built and executed security programs from scratch, driving measurable maturity improvements
Delivered tailored risk assessments, policies, and cloud security guidance (AWS, Azure)
Scaled the business through client acquisition, partnerships (Vanta, AWS, etc), and a network of senior consultants
Chief Information Security Officer
Cyber Monks GmbH
Served as the first CISO, establishing the security vision and enterprise-wide program for a cloud-native, product-led SaaS
Elevated customer trust to accelerate revenue growth by enabling sales, marketing, and customer success teams
Defined strategic security priorities and represented the company externally as a thought leader
Drove modernization through DevSecOps adoption, embedding governance and security controls into CI/CD pipelines and Azure cloud infrastructure
Group Manager
Avanade
Oversaw a team of IAM and PAM consultants and specialists, ensuring high-quality delivery across multiple client engagements
Led both advisory and hands-on delivery of IAM/PAM solutions, aligning security and business priorities with Microsoft and partner technologies
Developed and scaled practice-wide IAM strategies, frameworks, and capability-building initiatives across regions
Managed executive-level client relationships, advising CxOs on security, identity governance, and Zero Trust adoption
Drove growth of Avanade’s IAM offerings through presales, RFPs, and thought leadership, contributing to pipeline expansion
Aligned IAM initiatives with broader cybersecurity, compliance, and digital transformation programs to maximize client value
Recognized twice with the "Inspire Greatness" award for delivering high-impact cloud security training (AZ-900) to cross-European teams
Head of Information Security
Scoutbee
Led a cross-functional team of security analysts and engineers, fostering collaboration across IT, DevOps, and business units
Embedded security into CI/CD pipelines and cloud infrastructure by partnering closely with DevOps and Engineering leads
Streamlined the application landscape through enterprise architecture, enhancing efficiency and user experience
Drove the design and rollout of core security capabilities—from endpoint protection to application security—reducing organizational risk exposure
Oversaw the strategic implementation of security initiatives across business systems, significantly improving the company’s security posture
Acted as Head of Corporate IT ad interim from May 2022 to July 2022
Information Security Architect
Deutsche Börse
Served as the principal security architect for global initiatives, advising on solution design across critical business systems and infrastructure
Acted as the trusted security advisor to enterprise architects and delivery teams, embedding security from planning through deployment
Enabled secure digital transformation by championing a cloud-first strategy (Azure, AWS, GCP) and modernizing platforms with containerization and Zero Trust principles
Delivered tailored security assessments and design reviews aligned with system delivery models and regulatory expectations
Elevated organizational security posture through strategic integration of security controls within enterprise architecture and development workflows
Influenced cross-functional decision-making by translating complex security requirements into actionable, business-aligned recommendations
Security Architect
Zurich Insurance Company Ltd
Led the security architecture for global IT initiatives, focusing on integrating security into the early stages of solution planning and design
Acted as the primary security advisor for enterprise projects, providing strategic input across system delivery models and architecture decisions
Guided enterprise architects and business stakeholders on secure design patterns and processes, aligning with evolving cloud adoption goals
Enhanced the security posture of core business systems by embedding security principles into infrastructure and application architectures
Specialized in cloud and hybrid security, driving secure adoption of AWS and Azure platforms across the enterprise
Security Engineer
Zurich Insurance Company Ltd
Led the planning, deployment, and Tier 3 support of global IT security infrastructure projects, ensuring secure and resilient operations
Collaborated with architects and project managers to develop implementation strategies, proofs of concept, and cost-effective delivery plans
Provided expert consulting to regional business units on best practices, technical risks, and vendor solutions
Delivered major improvements to endpoint stability through the deployment of EDR and the reduction of policy complexity by 75%
Automated routine security operations, enhancing efficiency and standardization across international teams
Transitioned into the Information Security Architect role in August 2017, recognizing strategic and technical leadership capabilities
Technical Engineer
Symantec
Provided advanced support and security consulting for global clients using Symantec Endpoint Protection (SEP)
Responded to security incidents, advised on remediation, and supported deployments in enterprise environments
Authored internal training and threat prevention documentation, including Cryptolocker response procedures
Developed technical integrations (e.g., SEP with VMware Horizon View) and contributed to incident response process improvements
Developer
LoVendoPerTe.it SRL
Designed and implemented a new e-commerce platform, migrating from a monolithic structure to a multi-site and multi-domain structure
Developed the website’s project components
Developed ETL procedures with Pentaho Data Integration (Kettle) and Selenium automation for the e-commerce system
CTO & Co-Founder
Startuppi
Co-founded and led a stealth-mode startup creating a marketplace for startup stakeholders (founders, developers, investors) and maintaining a startup database
Implemented the project as part of a larger initiative
Summary
Strategic and business-savvy Chief Information Security Officer with 10+ years’ experience securing cloud-native and SaaS environments. Proven leadership in AWS and Azure cloud security, DevSecOps, SecOps, and automation of IT and software development. Adept at threat modeling modern software, embedding security in CI/CD, and enforcing scalable security controls. Experienced in driving strategy, OKRs, RFPs, and vendor due diligence for SaaS, finance, and critical infrastructure clients
Languages
Education
University College Dublin
Master of Science, Digital Investigation & Forensic Computing & Cyber/Computer Forensics and Counterterrorism · Digital Investigation & Forensic Computing & Cyber/Computer Forensics and Counterterrorism · Dublin, Ireland
Warsaw University of Technology
Bachelor of Science, Computer Science · Computer Science · Warsaw, Poland
Sapienza Università di Roma
Bachelor of Science, Computer Engineering · Computer Engineering · Rome, Italy
Certifications & licenses
AWS Partner: Technical Accredited
Certified Cyber Resilience Officer
Certified ISO 31000:2018 Risk Manager
GIAC Public Cloud Security (GPCS)
GRC Professional Certification
ISO 42001:2023 Lead Implementer And Lead Auditor
ISO/IEC 27001:2022 Lead Auditor
McKinsey Forward Program
Secure Controls Framework (SCF) Architect
Similar Freelancers
Discover other experts with similar qualifications and experience
- English
- Deutsch
2025 © FRATCH.IO GmbH. All rights reserved.