Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Antonio Lobuono

Rome

Summary

Highly accomplished Cyber Security Manager with over 15 years of extensive experience in the cyber security domain, specializing in enterprise risk management, threat intelligence, and incident response. Currently leading a Cyber Security Team at UniCredit S.p.A., demonstrating expertise in various cyber security frameworks, including NIST, MITRE ATT&CK, and ENISA. Proven track record in designing and implementing robust security solutions for high-profile clients in the banking and energy sectors, with a focus on incident response, business continuity, and disaster recovery. Adept at managing cross-functional teams and coordinating complex projects across multiple industries, leveraging strong analytical skills to identify vulnerabilities and mitigate risks effectively. Holds multiple certifications, including CISSP, CISM, and CRISC, and possesses a strong technical foundation in IT systems, cloud technologies, and network security protocols. Multilingual professional fluent in Italian, English, and Spanish, committed to staying abreast of industry trends to enhance organizational security posture.

Overview

20
20
years of professional experience
1
1
Certification

Work History

Head of Cyber Defence and Threat Intelligence

Unicredit S.p.A
08.2022 - Current
  • Leadership: Manage and coordinate the CyberSecurity Team, demonstrating experience in leading both technical teams and individual contributors to achieve organizational goals.
  • Risk Management: Exhibit strong capabilities in enterprise risk management, with a deep understanding of Cyber Threats, Vulnerabilities, and their potential impact on the organization.
  • Framework Expertise: Develop and implement comprehensive Cyber Defence strategies based on established cybersecurity frameworks such as NIST, MITRE ATT&CK, and ENISA.
  • Threat Recognition: Identify and recognize common attacker tools, tactics, and procedures to enhance threat detection and mitigation.
  • Incident Response: Oversee incident response activities, ensuring timely identification, containment, and remediation of security incidents.
  • Collaboration: Collaborate with cross-functional teams to assess risks, identify Vulnerabilities, and implement mitigation strategies.
  • Continuous Improvement: Stay abreast of the latest Cyber Threats, trends, and technologies to continuously enhance the organization’s security posture.
  • External Relationships: Establish and maintain relationships with external partners, industry groups, and law enforcement to strengthen Threat Intelligence capabilities.
  • Training and Awareness: Develop and deliver training programs and awareness initiatives to promote a security-conscious culture within the organization.
  • Reporting: Prepare and present reports on security incidents, Vulnerabilities, and Threat Intelligence.

Head of Cyber Defence and Threat Intelligence

Capgemini S.p.A
08.2021 - 08.2022
  • Team Leadership: Guide the CyberSecurity Team to achieve organizational goals.
  • Risk Management: Assess and understand Cyber Threats and Vulnerabilities.
  • Strategy Development: Create and execute Cyber Defence strategies aligned with frameworks like NIST and MITRE ATT&CK.
  • Incident Management: Oversee timely identification and resolution of security incidents.
  • Continuous Improvement: Stay updated on emerging threats and enhance security posture.
  • External Engagement: Build relationships with industry partners and law enforcement.
  • Reporting: Prepare reports on security incidents and threat intelligence for senior management.

Head of Cyber Defence and Log Management

Leonardo S.p.A
06.2018 - 08.2021
  • Incident Response Coordination: Lead and coordinate incident response activities in the event of cybersecurity attacks, ensuring swift and effective action to mitigate risks.
  • Threat Intelligence Project Management: Manage a Threat Intelligence project focused on Social Network Monitoring, Antifraud measures, VIP Protection, Deep/Dark Web surveillance, and Phishing protection.
  • Cyber Security Solution Design & Engineering: Design and engineer cybersecurity solutions, including but not limited to SIEM Solutions: Implementation and management of SIEM tools (e.g., Splunk, RSA Security Analytics, QRadar).
  • Threat Management: Oversee and manage threats detected by Endpoint Protection solutions such as EDR, MDR, and XDR (e.g., CrowdStrike, TrendMicro, Velociraptor).
  • Cyber Threat Intelligence (CTI): Define CTI processes and capabilities, adopt supporting tools (e.g., MISP), and monitor threats to identify and implement appropriate mitigation and response strategies.
  • Cross-Functional Project Management: Manage projects across various industries, effectively coordinating a cross-functional team of technical experts and internal/external advisors to achieve project goals.
  • Engineering of Threat Intelligence Tools: Engineer and maintain the main Threat Intelligence tools, including TIP (Open-CTI), as well as tools such as Flashpoint, Intel 471, and Recorded Future, to conduct daily analyses and threat assessments.

Head of Cyber Defence

NTT Data S.p.A
06.2016 - 06.2018
  • Lead the Cyber Defence Team and manage incident response activities.
  • Develop and implement a comprehensive threat intelligence strategy.
  • Design and optimize cybersecurity solutions, including SIEM and endpoint protection.
  • Collaborate with cross-functional teams to integrate security best practices.
  • Stay updated on cybersecurity trends and regulatory requirements.
  • Define cybersecurity policies and compliance measures.

Lead Cyber Defence Architect

Fastweb S.p.A
01.2015 - 06.2016
  • Design and implement cybersecurity architectures for network protection.
  • Configure Layer 2/3 devices (Cisco, Huawei) and backbone devices (DSLAM, BNG).
  • Manage routing and switching protocols, including BGP, OSPF, and MPLS.
  • Provide expertise in IP internetworking and LAN switching protocols.
  • Collaborate with teams to integrate security measures across systems.

Lead Cyber Defence Architect

Telecom Italia S.p.A.
01.2013 - 01.2015
  • Lead Cybersecurity Architecture: Design and implement advanced cybersecurity frameworks tailored to organizational needs.
  • Network Maintenance Oversight: Direct maintenance activities on routers, switches, and load balancers to enhance security posture.
  • Authentication Management: Implement and oversee 802.1x authentication systems to secure network access.
  • Performance Monitoring: Lead efforts to monitor network performance, proposing optimizations and complex migration projects.
  • Firewall Configuration: Configure and manage next-generation firewall systems (IPS/IDS) to safeguard perimeters.
  • Protocol Analysis: Analyze application protocols within the OSI model, ensuring effective content inspection and security measures.

Cyber Security Solution Architect

Consorzio Elis S.p.A
01.2011 - 01.2013
  • Executed troubleshooting and configuration of Cisco devices to ensure robust network security.
  • Maintained and optimized anti-malware systems (Symantec, Sophos, FireEye) to protect against threats.
  • Designed and implemented next-generation firewall systems (IPS/IDS) for enhanced perimeter defense.
  • Identified and analyzed attacker tools, tactics, and procedures to inform security strategy.
  • Developed and maintained documentation for security solutions, ensuring alignment with industry standards and best practices.

Cyber Security Solution Architect

Hoist Italia S.p.A
01.2005 - 01.2011
  • Design and Engineer: Develop and implement infrastructural and technological components related to network security, encompassing both perimeter and internal security measures.
  • Performance Monitoring: Continuously monitor network performance, proposing and executing optimization strategies and managing complex migration projects to enhance system efficiency.
  • Active Directory Management: Utilize basic knowledge of Active Directory, including Group Policy management, user and computer configurations, and exclusion filters, to maintain secure access controls.
  • Operational Discipline Expertise: Apply knowledge in systems management, monitoring, and change management to ensure seamless operations and security.
  • Automation Development: Build automation frameworks for rapid response and remediation of malicious activities, enhancing incident response capabilities.

Education

Master - Cyber Security And Data Protection

24 Ore Business School
Rome, Italy
01.2018

Law Degree - Cyber Law And Data Privacy Compliance

University Of Salento
Lecce, Italy
07.2008

Skills

  • Leadership in Cybersecurity Management
  • Incident Response & Threat Mitigation
  • Threat Intelligence & SIEM Expertise
  • Cross-Functional Team Coordination
  • Business Continuity & Disaster Recovery Planning

Certification

CISSP (Cert. Information Systems Security Professional)

CISM (Cert. Information Security Manager)

CRISC (Cert. in Risk and Information Systems Control)

SANS GCDA (GIAC Certificated Detectin Analyst)

Splunk Enterprise Certified Admin
Splunk Cloud Certified Admin
Splunk Core Certified Avanced Power User
Splunk Core Certified Power User
Splunk Core Certified User
Enterprise Security Manager (SIEM) 9.4
Network Security Platform 9.1
Security Information and Event Management
SCTA Skybox Certified Technical Associate
SCPS Skybox Certified Professional Services Engineer
CCIE Enterprise – Written
CCNP Enterprise
CCNA R&S
CCNA Security
VmWare - VCP Data Center Virtualization 2022

Timeline

Head of Cyber Defence and Threat Intelligence

Unicredit S.p.A
08.2022 - Current

Head of Cyber Defence and Threat Intelligence

Capgemini S.p.A
08.2021 - 08.2022

Head of Cyber Defence and Log Management

Leonardo S.p.A
06.2018 - 08.2021

Head of Cyber Defence

NTT Data S.p.A
06.2016 - 06.2018

Lead Cyber Defence Architect

Fastweb S.p.A
01.2015 - 06.2016

Lead Cyber Defence Architect

Telecom Italia S.p.A.
01.2013 - 01.2015

Cyber Security Solution Architect

Consorzio Elis S.p.A
01.2011 - 01.2013

Cyber Security Solution Architect

Hoist Italia S.p.A
01.2005 - 01.2011

CISSP (Cert. Information Systems Security Professional)

CISM (Cert. Information Security Manager)

CRISC (Cert. in Risk and Information Systems Control)

SANS GCDA (GIAC Certificated Detectin Analyst)

Splunk Enterprise Certified Admin
Splunk Cloud Certified Admin
Splunk Core Certified Avanced Power User
Splunk Core Certified Power User
Splunk Core Certified User
Enterprise Security Manager (SIEM) 9.4
Network Security Platform 9.1
Security Information and Event Management
SCTA Skybox Certified Technical Associate
SCPS Skybox Certified Professional Services Engineer
CCIE Enterprise – Written
CCNP Enterprise
CCNA R&S
CCNA Security
VmWare - VCP Data Center Virtualization 2022

Master - Cyber Security And Data Protection

24 Ore Business School

Law Degree - Cyber Law And Data Privacy Compliance

University Of Salento

Similar Profiles

  • Gabriella Auricchio

    Gabriella AuricchioGabriella Auricchio

    Senior AML Analyst at UniCredit S.p.A.Senior AML Analyst at UniCredit S.p.A.

    View Profile
  • Radu Calancea

    Radu CalanceaRadu Calancea

    Senior Software Developer at Unicredit S.p.A.Senior Software Developer at Unicredit S.p.A.

    View Profile
  • Daniela Bianca Balan

    Daniela Bianca BalanDaniela Bianca Balan

    Regional Product Development Director - CE&EE at UniCredit S.p.A.Regional Product Development Director - CE&EE at UniCredit S.p.A.

    View Profile
Antonio Lobuono