Personal Information
Name
Visia Tartaglione Renzi
Address
*****, *** ********* **********
actgsj@r.postjobfree.com
Nationality
Italian
year of Birth
1976
Personal profile
I am a professional with a proven track record of more than 10 years of experience as a consultant successfully assisting enterprise managers in information technology security. I am an expert in establishing Information Security processes such as Risk Management and Compliance processes and designing Disaster Recovery plans. I’m an expert in planning and leading system and application advanced tests assessing security and compliance of the infrastructure (according to laws and regulations such as the Italian privacy law and ISO27001, PCI DSS and NIST standards).
I have an excellent foundation of knowledge across a broad range of technical areas. I possess strong communication ability and can communicate effectively at all levels (from analysts and ethical hackers to executives).
I’m CISSP and ISO27001 certified. I am a Green Card holder
Work Experience
Dates (from – to)
June 2013
•Name and address of employer
Azienda Speciale della Regione Molise. Molise Acque
• Type of business or sector
Ente Risorse Idriche. Institute based in the centre of Italy that manages the water supply to 500.000 users.
• Occupation or position held
Information Security Officer
• Main activities and responsibilities
I have established data protection processes and assisted the maintenance of the information security system.
Dates (from – to)
October 2012 – May 2013
•Name and address of employer
Freelance - Information Security Consultant
Dates (from – to)
August 2008 – October 2012
•Name and address of employer
Smetana s.r.l Resi Group. Via di Porta Pertusa 4, Rome
• Type of business or sector
RESI Group is an Italian industrial Group with a global presence; it has more than 200 employers and 25 years of experience in the technology market (IT, Networking, Security and Media).
• Occupation or position held
Senior Security Consultant & Project Manager
• Main activities and responsibilities
For a banking company: I have reviewed their Disaster Recovery plan (to comply with the regulation of the Bank of Italy) and improved their Information Security Management System documental framework.
For a Federal Institute: I have defined a Disaster Recovery Plan for the headquarter and the main administrative site.
For major Italian Enterprises:
I have defined a Risk Management methodology and developed a platform (Governance Risk Compliance Platform) to manage Information Security according to ISO 27001 and be compliant with regulation or major standard (e.g., privacy law, ISO 27001, NIST 800 series, PCI DSS).
I have supported the Organization to obtain the ISO27001 Certification (assessing and defining processes, establishing and producing the reference ISMS documental framework - Security Policies, Processes, Operational procedures – and supporting pre-certification activities).
I have defined a Risk Management methodology according to the ISO27001 (identifying security requirements compliant with technical and legally relevant regulations and developing security plans and architectures).
I’ve supported the ISO27001 Certification Maintenance processes.
As a result of my actions, the companies were able to successfully pass audits (e.g., according to ISO 27001) and have 40% business enhances (e.g., sell the GRC platform)
Dates (from – to)
August 2006 – July 2008
•Name and address of employer
Business-e S.r.l. (ITWay Group) Via Valentino Mazzola 66, Rome
• Type of business or sector
Information Technology. A small IT Consulting company focused on cybersecurity, NOC and SOC services
• Occupation or position held
Senior Security Consultant & Project Manager
• Main activities and responsibilities
For critical customers and major Italian Enterprises, as a project manager and technical responsible I have enhanced the security level of their infrastructure. I have developed Information Systems Audit Programs, directed vulnerability assessments and penetration tests on operating systems and applications, evaluated results, analyzed technological risk, identified counter-measures, presented the results to the client and evaluated treatment plans. I also identified new business opportunities.
As a result of my actions, the companies were able to pass audits (e.g., according to the Italian privacy law) and have 30% business enhances (e.g., solve breaches in their applications)
• Dates (from – to)
November 2002 – August 2006
•Name and address of previous employers
DATAMAT S.p.A. (now SELEX Elsag S.p.A.) Via Laurentina 760, Rome
Albacom S.p.A. (now British Telecom Italia), Via Mario Bianchini 15 Roma
• Type of business or sector
Information Technology
• Occupation or position held
Professional Engineer, Information Security Consultant
• Main activities and responsibilities
I have participated in different technical projects such as the design and establishment of
a strong authentication architecture using RSA SecurID suite
a structured wireless network through Cisco WLSE application
a multi-modal centralized RAS and its disaster recovery site
a monitoring system, using the P-Cube suite, to control radio mobile user access to innovative services.
I have managed and supported traffic analysis and monitoring systems and I have scouted new information technology products
Education and Training
Certification
• Dates (from – to)
July 13th to July 20th
• Title of qualification awarded
“Managing global Project” held by PMP professionals at Berkeley University of California
• Dates (from – to)
5 Giugno 2010
• Title of qualification awarded
Certified Information Systems Security Professional (CISSP®) from ISC2 (Intl. Information System Security Certificaton Consortium)
• Dates (from – to)
March 2008
• Title of qualification awarded
ISO 27001 lead auditor from Bureau Veritas
• Dates (from – to)
December 2005
• Title of qualification awarded
CCNA (Cisco Certified Network Administrator) Certified from Cisco
• Dates (from – to)
November 2004
• Title of qualification awarded
RSA Certified System Engineer from RSA Security
• Dates (from – to)
November
• Title of qualification awarded
Italian Engineer Qualification
• Dates (from – to)
October 1995 – Maggio 2002
• Institute providing education
Faculty of Engineering, “La Sapienza” University, Rome, Italy.
• Title of qualification awarded
Italian Degree (5 years) in Telecommunication Engineering, Telecommunication specialization
• Dates (from – to)
Septembre 1990 – June 1995
• Institute providing education
Liceo Scientifico “E. Majorana”, Isernia (IS), Italy
• Title of qualification awarded
Diploma di Maturità Scientifica
MOTHER TONGUE
ITALIAN
OTHER LANGUAGES
ENGLISH
European language levels
Understanding
Listening C2;
Reading C2;
Speaking
Interaction C2;
Production C2
Writing
C2