Rome, Latium, Italy
Over 23 years of consulting experience in Information Security Management, Cyber Security, IT Risk Management, IT/IS Governance & Compliance for clients of multiple sectors (Financial Services, Energy, Utility, and Telecommunication), in Big Four, technological and financial sector companies. Wide-ranging competences supporting clients in developing strategic Cyber Security initiatives, IT Risk Assessment and IT Governance models, performing audit of IT areas, oversighting Italian and international regulatory requirements compliance (Bank of Italy regulations, GDPR & former privacy regulation, Sarbanes Oxley, Dlgs 262/02, PCI-DSS). He is coordinator of the Management & Organisational axis, as well as a teacher, of the II Level Master in Digital Competences for the Data Protection, Cyber Security and Privacy at the University of Rome Tor Vergata. As APMG Accredited Cobit5 Trainer, Leonardo has been trainer for many financial institutions on Cobit5 and Cyber Security. Furthermore, Leonardo is Proboviro of AIEA (Italian Association of the Information Systems Auditors).
Part of the European Advisory team, my role is to develop HPE Cyber Security Services in Financial Services Industry (Banks and Insurances) and in Communication, Media and Entertainment Industry.
Head of IT & Organization: Planning, design and implementation of project related to the enrollment in the new Financial Intermediaries General list held by Bank of Italy. This project mainly involve the redefinition of Corporate Governance, a software selection, the acquisition and integration of a new application system to support the business, the definition and formalization of business processes and related risks and internal control system, the definition of the processes of business continuity & disaster recovery. Furthermore Leonardo is responsible of valuation, due diligence, pricing and execution of investment opportunities in unsecured Non Performing Loans portfolios, of the relationship with investment banks and business partners, af the relationship with Master Servicer within securitization projects ex L.130/99.
Responsible of ITR team (Information & Technology Risk) of Center and South Italy. I was responsible of IT Governance, Risk Management e IT Audit & Security projects at companies of financial, manufacturing and services Industries. Main skills: Sarbanes Oxley Readiness Project Assessment of IT General Controls based on Cobit Model IT Application systems Audit (Application Controls) Legge 262 (Decreto sul Risparmio & Dirigente Preposto) readiness Start up of IT Auditing functions Application systems migration audit Privacy IT Security IT Due Diligence Quality Assurance Review (QAR) of Internal Audit Function PCI DSS Assessment European Responsible Gaming Standard Certification Teacher of COBIT course (Basic & Advanced)