I am passionate about Monitoring and Infrastructures, I'm a continuous learner and curious, I like a lot to improve my skills and my knowledge. My specialities: Engineering IT and Network Operations, Monitoring, Security Management, Systems Management, Network Management, Vulnerability Assessments, IT Compliance, Systems Integration, Disaster Recovery, Continuous Integration/Continuous Deployment (CI/CD), Project Management, Engineering Cloud Infrastructures and Services.
The company is specialized in the following areas and activities:
Everything about Infrastructures, Networks, Systems, Applications, Security, Deployments, Environments, PCI Compliance. Agile Methodologies, Project and Service Management.
On-site consultant to the following clients:
Risk Assessment, Gap Analisys, Patch Management, Internal Auditing, Hardening, Security Plans and Documentation: all activities performed for a successful Security Audit.
Delivered ADSL lines to all DSV Saima Avandero's offices. Configured all Telecom Italia Sparkle management services.
Configuring and managing network devices, L2/L3 troubleshooting, Routing protocols, ACLs, Firewalling.
Managing Bank of Italy's internet facing Infrastructures, delivering Proxy/Antivirus, Email and Security services.
Configuring and managing network devices, L2/L3 troubleshooting, Routing protocols, ACLs.
Configuring and managing network devices, L2/L3 troubleshooting, Routing protocols, ACLs.
I taught ECDL modules to blind and visually impaired students, I've also developed their website in order to meet W3C standards (usability and accessibility), moreover I developed a stand-alone application (for Microsoft Windows) that describes (using automated synthetic speech) HTML pages browsing with Microsoft Internet Explorer.
Principal skills acquired: Information technology basics, mathematical analysis, statistics analysis, Physics and Electronics.
As Security Architect I did a high-level security evaluation of current client's infrastructures. I produced a document analisys where I described what are the suggested and mandatory changes to apply. Thanks to this analisys the client had a clear picture of its infrastructure security wise and he is now more proactive to resolve the security issues.
The client needed a solution to manage the accesses to its infrastructure, I've implemented a PAM (Privileged Account Manager) solution that permits to manage the accesses through privilege escalation and sessions auditing. This solution permits to record the sessions producing videos, screenshots and keystrokes logs of all activities done in the session.
I analyzed the costs and made save the client 16k$ each month by removing unused services, resizing the EC2 and RDS instances, reserve the instances.
I've designed and written the infrastructure using Terrafom, I've created scripts to deploy the environments separately
I've designed and implemented the logging infrastructures in order to aggregate, filter and show logs in a single platform that permits us to do fast searches and creating graphs using the collected data.
I've designed and implemented the Network Intrusion Detection System (NIDS), Host-based Intrusion Detection System (HIDS) and Security Information and Event Management (SIEM) platform.
We needed an application that automatically stores the configurations of our network devices and that notify us when a change happens, Oxidized granted us to do all of this. For this infrastructure I deployed the application in order to get the configurations from all network devices and to store them to a dedicated Bitbucket repository, if the configuration gets updated it will notify the differences in a dedicated Slack channel.
We needed a application to track of our daily activities and for reporting of all on-call alerts, so we decided to use Etsy Opsweekly. I developed the connector for Bitbucket and contributed to fix the connectors for Jira, Pagerduty and Github. Also, I developed the docker container for this application.
We needed an application to keep track of post-mortems, Etsy morgue provides what we needed, it also integrates with Jira and keeps track of dates on a Google Calendar. As a side effect of this project I developed a dockerized version of this application.
We needed to get the metrics from our network devices using SNMP, so the best candidate for this purpose was the SNMP-exporter for Prometheus. While I was working on it, I developed the docker container for SNMP Exporter configuration generator, it generates automatically the configuration for snmp-exporter starting by the MIBs ingested.
The requisites were to monitor an infrastructure without having access to it (due security restrictions), so the metrics are unidirectionally pushed by the infrastructure to the monitoring application. The data is stored as metrics on a InfluxDB database and displayed with a custom dashboard in Grafana. The monitoring and alerting features are provided by Icinga2 and Pagerduty.
Moved all production and test infrastructures to a new colo in a different location. Ensure 100% services uptime during this activity.