Summary
Overview
Work History
HEADLINE
Websites
Accomplishments
Certification
LANGUAGES
PUBLIC SPEAKING & MEDIA
CORE COMPETENCIES
Timeline
Generic
Mattia Coffetti

Mattia Coffetti

Brescia

Summary

Cybersecurity and Intelligence executive with 15+ years of experience across industrial, consulting and intelligence environments. Proven track record as CIO/CISO, Head of Cyber Security, Corporate Intelligence Advisor and first responder in high-profile incidents in Italy. Specialized in cyber resilience, Governance, Risk & Compliance (NIS2, ISO/IEC 27001:2022, DORA, NIST CSF), DFIR, incident response, SOC/XDR operations, OSINT and corporate/financial intelligence. Globally ranked competitor in top-tier OSINT and threat-hunting competitions (DEFCON, TraceLabs, HackinBo, SentinelOne), with strong public speaking and HUMINT capabilities. Able to operate at the intersection of cyber defence, digital investigations and business risk, advising boards and senior leadership while remaining technically hands-on when required.

Overview

16
16
years of professional experience
1
1
Certification

Work History

Head of Cyber Security – GRC, SOC/XDR, Incident Response, Threat Intelligence

NSI Advisor SRL
01.2025 - Current
  • Lead cybersecurity operations with a strong focus on GRC engineering, cyber resilience and security architecture. Responsible for designing, implementing and governing compliance frameworks aligned with NIS2, ISO/IEC 27001:2022, NIST and DORA, translating them into actionable, risk-informed controls.
  • Key responsibilities:
  • – Design and implement cybersecurity governance frameworks (NIS2, DORA, ISO/IEC 27001:2022).
  • – Provide vCISO advisory services, board-level reporting and compliance roadmaps.
  • – Manage a cloud-optimized SOC using Open XDR; oversee threat detection, IR, threat hunting and vulnerability management.
  • – Reduce MTTD/MTTR, integrate OSINT-driven exposure monitoring and credential leak discovery.
  • – Own security and infrastructure risk management across on-premise and cloud environments.
  • – Embed security-by-design into DevOps, SDLC and IT operations.
  • – Lead security architecture, engineering, incident readiness, TPRM and business continuity.
  • – Collaborate with Legal, Risk, Compliance and HR; foster unified security processes and cross-functional accountability.

Corporate Intelligence & Cybersecurity Advisor

Confidential
03.2023 - 12.2024
  • Delivered intelligence-led cybersecurity advisory for corporate clients, law firms and private intelligence entities under strict confidentiality.
  • Key responsibilities:
  • – Conducted advanced OSINT investigations using investigative journalism and financial intelligence methodologies.
  • – Tracked illicit financial flows, supported AML/KYC and enhanced due diligence.
  • – Mapped corporate networks, affiliations and beneficial ownership structures.
  • – Conducted reputational and background analyses for strategic decision-making.
  • – Designed corporate counterintelligence strategies and insider threat detection use cases.
  • – Supported IR engagements and digital forensics/eDiscovery for litigation and regulatory needs.
  • – Delivered GRC and vCISO consulting, policy frameworks and risk assessments.
  • – Performed TPRM assessments and dark web intelligence for exposure and credential monitoring.

Vice President / VP

OSINTITALIA – APS
04.2024 - 11.2024
  • Oversaw strategy, organizational structure and project execution for OSINTITALIA.
  • – Designed and managed OSINT-focused CTFs for skill development and ethical intelligence operations.
  • – Built partnerships with OSINT groups across EU, UK, USA and Switzerland.

Board Member BitM & Co-Organizer NoHat Conference

Berghem-in-the-Middle & NoHat
10.2021 - 11.2024
  • – Co-organized one of Italy’s leading cybersecurity conferences.
  • – Supported CFP selection, speaker management, agenda setting and sponsor relations.
  • – Coordinated logistics and community-building initiatives.

Member & Trainer

OSINTITALIA
07.2021 - 11.2024
  • – Delivered courses on “Basic Unix” and “OSINT for Infrastructure Analysis”.
  • – Contributed to consistent Top 10 global rankings in TraceLabs CTFs for missing persons.
  • – Promoted responsible OSINT and ethical intelligence practices.

OSINT Intelligence Analyst

07.2021 - 10.2024
  • – Conducted corporate OSINT, infrastructure analysis and data enrichment using Maltego.
  • – Supported due diligence, insurance fraud investigations and private intelligence tasks.

Cyber Security Division Manager

Personal Data – WeAreProject
10.2022 - 03.2023
  • Led Cyber Security division; primary incident commander for major client incidents.
  • – Evaluated and deployed EDR/XDR, email security, PAM, SASE solutions.
  • – Strengthened SOC collaboration and security posture; trained new hires.
  • – Delivered risk assessments, threat mitigation and executive communication.

Cyber Security Specialist

Personal Data
11.2021 - 10.2022
  • – Conducted IR and threat analysis using Trend Micro Vision One XDR.
  • – Delivered training and deployment for Trend Micro solutions.
  • – OSINT analysis, threat intelligence enrichment and infrastructure security support.
  • – Tier 2 support, firewall/endpoint management and cloud support.
  • – Supported SASE deployments (Cato) and CyberArk EPM.

ICT & Cybersecurity Manager – CIO / CISO

OMB Saleri S.p.A
01.2010 - 11.2021
  • – Managed IT & cybersecurity for a manufacturing environment scaling from
  • – Deployed major security solutions: WatchGuard, Sophos, Trend Micro, AIP, Mimecast.
  • – Built insider risk program using ITsMine DLP and Netwrix Auditor.
  • – Implemented CATO SASE, Veeam/Backblaze backup strategy, monitoring (Zabbix/Nagios/PRTG).
  • – Led GDPR and VDA security audits.
  • – Built an in-house 3D printing department saving ~€84,000/year.
  • Earlier role:
  • System Administrator – OMB Saleri (2009): L1/L2 support, server/network management.

HEADLINE

Head of Cybersecurity & Intelligence | Cyber Resilience, DFIR & XDR/IR | OSINT & Corporate Intelligence | GRC (NIS2, ISO 27001)

Websites

Accomplishments

  • – DEFCON OSINT CTF: multiple Top 10 worldwide, including 4th place.
  • – TraceLabs: 4th (x2) and 7th place among 200+ teams.
  • – Multiple top placements in global OSINT events.
  • – 1st Place: HackinBo Winter Edition 2023 – Forensic Games.
  • – Top 1% Blue Team Labs Online.
  • – Finalist: SentinelOne Threat Hunting World Championship (EDR & SIEM, EMEA 2025).



Certification

  • Governance, Risk & Compliance

ISO/IEC 27001:2022 Lead Auditor • ISO 31000 • OneTrust TPRM Expert & Professional • Vanta Verified Admin • NIS2/DORA courses.

  • Vulnerability & Exposure Management

Qualys CA, CSAM, ETM, VMDR • Sensors Foundation • VM Foundation.

  • Incident Response / DFIR / Threat Hunting

Certified Web Forensic Expert (CWFE) • SentinelOne IR/Tuning/Hunting suite • Belkasoft Windows Forensics • Cyber Triage • Antisyphon SOC Core • Active Countermeasures.

  • Threat Intelligence / OSINT / Financial Crime

Basel Institute full track • OSINT Combine • AFP/Reuters fact-checking • HUMINT (Gino Germani) • Crypto forensics (AnChain.AI) • Insider Threat programs.

  • Cloud, OT, SASE

Wiz Cloud Excellence • OPWSAT suite • Cato SASE/SSE Expert • VMware VCA • Trend Micro / Sophos / Reevo / Citrix.

  • AppSec & AI

Semgrep Secure Coding & AppSec • DeepLearning.AI RAG, Prompt Engineering • Microsoft/LinkedIn GenAI foundations.

(Full certification list available upon request and on LinkedIn.)

LANGUAGES

  • Italian (Native)
  • English (Professional)

PUBLIC SPEAKING & MEDIA

  • – Speaker at Università di Bergamo, Università Federico II, cybersecurity events (e.g., NoHat).
  • – Frequent contributor to national TV on cybersecurity, OSINT and biohacking.
  • – Strong HUMINT, communication and narrative skills with non-technical audiences.

CORE COMPETENCIES

  • Cybersecurity Leadership
  • Cyber Resilience
  • VCISO Advisory
  • GRC (NIS2, DORA, ISO 27001, NIST CSF)
  • Third-Party Risk Management (TPRM)
  • SOC / XDR Operations
  • Incident Response (IR)
  • Digital Forensics & Incident Response (DFIR)
  • Threat Hunting
  • Threat Intelligence
  • OSINT & Corporate Intelligence
  • Insider Threat
  • Financial Crime Intelligence (AML/KYC, crypto forensics, funds flow)
  • Vulnerability & Exposure Management
  • Attack Surface Monitoring
  • Cloud Security (Azure, AWS)
  • Secure SDLC & DevSecOps
  • Network & Endpoint Security
  • OT/Industrial Cybersecurity
  • SASE/SSE & Zero Trust
  • PAM & Identity Security
  • Crisis Management & Cyber Crisis Communications
  • Board/Executive Reporting
  • Cross-Functional Leadership
  • Training & Public Speaking.

Timeline

Head of Cyber Security – GRC, SOC/XDR, Incident Response, Threat Intelligence

NSI Advisor SRL
01.2025 - Current

Vice President / VP

OSINTITALIA – APS
04.2024 - 11.2024

Corporate Intelligence & Cybersecurity Advisor

Confidential
03.2023 - 12.2024

Cyber Security Division Manager

Personal Data – WeAreProject
10.2022 - 03.2023

Cyber Security Specialist

Personal Data
11.2021 - 10.2022

Board Member BitM & Co-Organizer NoHat Conference

Berghem-in-the-Middle & NoHat
10.2021 - 11.2024

Member & Trainer

OSINTITALIA
07.2021 - 11.2024

OSINT Intelligence Analyst

07.2021 - 10.2024

ICT & Cybersecurity Manager – CIO / CISO

OMB Saleri S.p.A
01.2010 - 11.2021

Similar Profiles

CREATE PROFILE
Mattia Coffetti