cloud & application security engineer
I secure the path every request takes
Cloud network & application security consultant. WAF, CDN, Zero Trust and SASE architectures for enterprise clients — plus the vendor relationships and pre-sales work that turn a design into a signed contract.
// 01 about
Precision by nature.
I'm a Cybersecurity Engineer delivering cloud network and application security solutions for enterprise customers — WAF, CDN, Anti-DDoS, Zero Trust and SASE, built on platforms like F5, Cloudflare, and Akamai, and wired into AWS and Azure environments via Terraform and CI/CD.
The technical design is half the job. The other half is the client and vendor relationship around it: running pre-sales demos and PoCs, writing RFP responses, and being the person a client calls when something in production needs an answer, not a ticket number.
I graduated 110/110 cum laude from Università degli Studi di Milano, with a thesis on Threat Hunting using MITRE Caldera and STIX-Shifter — including an open-source contribution to the project. I hold 20+ certifications across cloud, network, and application security.
// 02 experience
Cloud Network & Security Consultant
Communication Valley Reply
- ·Primary technical point of contact for a portfolio of enterprise clients
- ·Direct vendor collaboration with F5, Cloudflare, and Akamai on escalations and joint solution design
- ·Pre-sales: technical demos, PoC design, RFP/RFI responses
- ·Onboard and mentor junior consultants; review their work before client delivery
Thesis Intern — Threat Hunting Research
CyberArmor CH
- ·Built a Threat Hunting framework using MITRE Caldera for adversary emulation
- ·Contributed merged fixes to the open-source STIX-Shifter library
// 03 case studies
Selected work.
Client names are withheld under confidentiality agreements — architecture, approach, and outcomes are described accurately.
WAF & CDN Consolidation for a Multi-Brand Retail Group
Consolidated fragmented WAF/CDN configurations across multiple e-commerce brands into a single, policy-driven edge security layer.
Zero Trust Access Rollout for a Financial Services Client
Replaced legacy VPN-based access for internal applications with a Zero Trust access model, phased across business units to avoid disruption.
Threat Hunting Framework with MITRE Caldera & STIX-Shifter
Built a practical threat hunting framework using adversary emulation, and contributed fixes upstream to an open-source threat intel translation library.
// 04 skills
Security
- WAF
- Zero Trust
- SASE
- Anti-DDoS
- Threat Hunting
- MITRE ATT&CK
- AI Security
Platforms
- F5 Distributed Cloud
- Cloudflare
- Akamai
- Palo Alto NGFW
- Cisco
- AWS
- Azure
Engineering
- Terraform
- CI/CD
- Python
- Linux
- Git
- Docker
// 05 contact