Recommended expert
Fabrizio Di carlo
Managing Director
Experience
Nov 2024 - Present
1 year 3 monthsManaging Director
ContrailRisks Germany
- Founded and lead a cybersecurity advisory firm focused on virtual CISO services for financial, SaaS, and critical infrastructure clients.
- Advise executive teams on cyber risk, regulatory compliance (DORA, NIS2, ISO 27001), and incident preparedness.
- Built and executed security programs from scratch, driving measurable maturity improvements.
- Delivered tailored risk assessments, policies, and cloud security guidance (AWS, Azure).
- Scaled the business through client acquisition, partnerships (Vanta, AWS, etc), and a network of senior consultants.
Sep 2023 - Present
2 years 5 monthsChief Information Security Officer
Cyber Monks GmbH
- Served as the first CISO, establishing the security vision and enterprise-wide program for a cloud-native, product-led SaaS.
- Elevated customer trust to accelerate revenue growth by enabling sales, marketing, and customer success teams.
- Defined strategic security priorities and represented the company externally as a thought leader.
- Drove modernization through DevSecOps adoption, embedding governance and security controls into CI/CD pipelines and Azure cloud infrastructure.
Jan 2023 - Nov 2024
1 year 11 monthsGroup Manager
Avanade
- Oversaw a team of IAM and PAM consultants and specialists, ensuring high-quality delivery across multiple client engagements.
- Led both advisory and hands-on delivery of IAM/PAM solutions, aligning security and business priorities with Microsoft and partner technologies.
- Developed and scaled practice-wide IAM strategies, frameworks, and capability-building initiatives across regions.
- Managed executive-level client relationships, advising CxOs on security, identity governance, and Zero Trust adoption.
- Drove growth of Avanade’s IAM offerings through presales, RFPs, and thought leadership, contributing to pipeline expansion.
- Aligned IAM initiatives with broader cybersecurity, compliance, and digital transformation programs to maximize client value.
- Recognized twice with the “Inspire Greatness” award for delivering high-impact cloud security training (AZ-900) to cross-European teams.
Jan 2022 - Oct 2022
10 monthsHead of Information Security
Scoutbee
- Led a cross-functional team of security analysts and engineers, fostering collaboration across IT, DevOps, and business units.
- Embedded security into CI/CD pipelines and cloud infrastructure by partnering closely with DevOps and Engineering leads.
- Streamlined the application landscape through enterprise architecture, enhancing efficiency and user experience.
- Drove the design and rollout of core security capabilities—from endpoint protection to application security—reducing organizational risk exposure.
- Oversaw the strategic implementation of security initiatives across business systems, significantly improving the company’s security posture.
- Acted as Head of Corporate IT (ad interim from May 2022 to July 2022).
Nov 2019 - Dec 2021
2 years 2 monthsInformation Security Architect
Deutsche Börse
- Served as the principal security architect for global initiatives, advising on solution design across critical business systems and infrastructure.
- Acted as the trusted security advisor to enterprise architects and delivery teams, embedding security from planning through deployment.
- Enabled secure digital transformation by championing a cloud-first strategy (Azure, AWS, GCP) and modernizing platforms with containerization and Zero Trust principles.
- Delivered tailored security assessments and design reviews aligned with system delivery models and regulatory expectations.
- Elevated organizational security posture through strategic integration of security controls within enterprise architecture and development workflows.
- Influenced cross-functional decision-making by translating complex security requirements into actionable, business-aligned recommendations.
Aug 2017 - Sep 2019
2 years 2 monthsSecurity Architect
Zurich Insurance Company Ltd
- Led the security architecture for global IT initiatives, focusing on integrating security into the early stages of solution planning and design.
- Acted as the primary security advisor for enterprise projects, providing strategic input across system delivery models and architecture decisions.
- Guided enterprise architects and business stakeholders on secure design patterns and processes, aligning with evolving cloud adoption goals.
- Enhanced the security posture of core business systems by embedding security principles into infrastructure and application architectures.
- Specialized in cloud and hybrid security, driving secure adoption of AWS and Azure platforms across the enterprise.
Sep 2015 - Nov 2017
2 years 3 monthsSecurity Engineer
Zurich Insurance Company Ltd
- Led the planning, deployment, and Tier 3 support of global IT security infrastructure projects, ensuring secure and resilient operations.
- Collaborated with architects and project managers to develop implementation strategies, proofs of concept, and cost-effective delivery plans.
- Provided expert consulting to regional business units on best practices, technical risks, and vendor solutions.
- Delivered major improvements to endpoint stability through the deployment of EDR and the reduction of policy complexity by 75%.
- Automated routine security operations, enhancing efficiency and standardization across international teams.
- Transitioned into the Information Security Architect role in August 2017, recognizing strategic and technical leadership capabilities.
Apr 2013 - Aug 2015
2 years 5 monthsTechnical Engineer
Symantec
- Provided advanced support and security consulting for global clients using Symantec Endpoint Protection (SEP).
- Responded to security incidents, advised on remediation, and supported deployments in enterprise environments.
- Authored internal training and threat prevention documentation, including Cryptolocker response procedures.
- Developed technical integrations (e.g., SEP with VMware Horizon View) and contributed to incident response process improvements.
Mar 2012 - Dec 2012
10 monthsDeveloper
LoVendoPerTe.it SRL
- Designed and implemented the new e-commerce platform, migrating from a monolithic structure to a multi-site and multi-domain structure.
- Developed the website project.
- Developed ETL procedures with Pentaho Data Integration (Kettle) and Selenium (automation) for the e-commerce system.
Jan 2011 - Feb 2012
1 year 2 monthsCTO & Co-Founder
Startuppi
- Co-founded a startup in stealth mode to create a marketplace for founders, developers, investors, and other startup ecosystem participants.
- Maintained a database of startups as part of the platform offering.
- Contributed to implementation within a larger project context.
Summary
Strategic and business-savvy Chief Information Security Officer with 10+ years’ experience securing cloud-native and SaaS environments. Proven leadership in AWS and Azure cloud security, DevSecOps, SecOps, and automation of IT and software development. Adept at threat modeling modern software, embedding security in CI/CD, and enforcing scalable security controls. Experienced in driving strategy, OKRs, RFPs, and vendor due diligence for SaaS, finance, and critical infrastructure clients.
Languages
Italian
AdvancedEnglish
ElementaryFrench
ElementaryEducation
Jan 2023 - Jan 2024
INSEAD
Fontainebleau, France
Jan 2016 - Jan 2018
University College Dublin
Master of Science · Digital Investigation & Forensic Computing & Cyber/Computer Forensics and Counterterrorism · Dublin, Ireland
Jan 2011 - Jan 2011
Warsaw University of Technology
Bachelor of Science · Computer Science · Warsaw, Poland
...and 1 more
Certifications & licenses
AWS Partner: Technical Accredited
Certified Cyber Resilience Officer
Certified ISO 31000:2018 Risk Manager
GIAC Public Cloud Security (GPCS)
GRC Professional Certification
ISO 42001:2023 Lead Implementer and Lead Auditor
ISO/IEC 27001:2022 Lead Auditor
McKinsey Forward Program
Secure Controls Framework (SCF) Architect
Need a freelancer? Find your match in seconds.
Try FRATCH GPT More actions
Similar Freelancers
Discover other experts with similar qualifications and experience
Federico Leefhelm
ISO – Senior Consultant Quality & Information Security
View Profile
Oliver Frömel
Senior IT Enterprise Security Architect | Project Bank Migration
View Profile
Yuri Gladkov
Senior Security Devops Engineer
View Profile
Luca Pacor
ERP Program Manager
View Profile
Patrick Beck
AML Officer
View Profile
Monica Chingate
Cyber Security Engineer
View Profile
Christian Decker
Managing Director and Senior Consultant
View Profile
Alagi Mansaray
Senior Project Manager S4HANA in the Energy Sector
View Profile
Vladimir Ergovic
Technical Project Manager / Freelancer
View Profile
Miguel Skirl
Senior System and Cloud Engineer
View Profile
Erald Kerciku
AWS Cloud Solutions Architect
View Profile
Michael Schwendemann
Compliance Consultant
View Profile
Zakaria Aoune
Vice President Technology
View Profile
Dirk Meissner
Project Manager AOS
View Profile
Bernhard Bowitz
Senior Security Architect
View Profile
Markus Willems
KRITIS Consultant
View Profile
Marco Zehner
Product Owner IT Services / Solution Architect
View Profile
Niels Aerts
Azure Architect
View Profile
Stefan Radushev
ISO27001 Certification
View Profile
Erlijn Van genuchten
Science communicator and change manager
View Profile
Achim Klein
Portfolio Manager, Consultant, Leadership Coach
View Profile
Syed ghazanfar Abbas
Information Security Consultant
View Profile
Matteo Ganzaroli
Vice President IT Applications
View Profile
Gianmarco Vespia
Consultant
View Profile
Gino Peduto
Compliance Expert
View Profile
Vladimir Mildenberger
IT & Cybersecurity Project Manager
View Profile
Valeri Milke
Associate Partner - Information Security Consulting
View Profile
Kevin Engelhardt
CISO as a Service
View Profile
Thomas Hoefkens
Senior MLOps, DevOps Engineer
View Profile
Martin Bausewein
IT Architect
View Profile
