Francesco Citti

Professional Experience

07.2022 - Present
NTT Data

Security Analyst

5th largest IT services company by revenue, with 130,000+ employees in 50+ countries. Worked for one of the biggest banks in Europe serving different departments regarding cybersecurity, cyber risk and continuity management.

Bank needed support for GSOC function to conduct vulnerability assessment and penetration test campaign on all group branches in 25+ countries. Managed and supervised black box and authenticated tests according to standards set by NIST Cybersecurity Framework, MITRE ATT&CK, GLBA, ISO27001, ISO 22301, PCI DSS, NIST SP 800-61 and TARGET2. Achieved compliance in all requirements, reaching 100% (+40% against previous years) of group coverage without increasing previous year's budget. Result has been achieved through a complete reorganization of processes, methodologies and reporting policies developed in 1 month and approved by GSOC.

Bank group requested first holistic risk evaluation of physical infrastructures, third party cloud providers integration (AWS and Azure), secure data transmission, and operations. Analyzed, mapped, and audited 50+ facilities and proprietary data centers from USA, EU, Japan, Australia, and UK. Built from scratch SIEM to conduct threat analysis. Reviewed and fixed proprietary software after identifying its vulnerabilities in open source libraries. Set new rules for constant scans for 0-days regarding third party applications or mentioned software. Developed physical access policies following role-based access control (RBAC) principle. Customer obtained 95% active monitoring on IT environment of applications, software and infrastructure access.

07.2019 - 09.2020
Italian American Chamber of Commerce - Chicago

Digital Advisor

Led the selection and implementation of a new CRM system.

Enhanced the import/export platform to streamline the process and reduce errors.

Skills

  • Python
  • SIEM Development
  • NIST Framework
  • ISO 27001
  • Tenable tools
  • Active Directory
  • Azure Management and Security
  • Vulnerability Assessment

Education

09.2021 - 10.2023
Bocconi University & Politecnico di Milano

M.Sc. CyberRisk Strategy & Governance

Top social sciences and technical universities in Europe.

Developed expertise in cybersecurity management, risk assessment, compliance, and governance, with a focus on NIST and ISO 27001 frameworks, data protection law, and institutional scenarios of cyber risk.

Received full tuition scholarship.

09.2018 - 09.2021
Bocconi University

B.Sc. in Management & Economics

Final paper: "Threats, investments and performances of Italian companies in cyber security during 2020"

Extracurricular and Services

12.2019 - 09.2020
Bocconi Student Government

President

Directed the student government of Bocconi University, managing the work of studentsʼ representatives, coordinating the activities of 200+ members consisting in the production of services and materials for the community, organizing events for 7k+ participants, fundraising to reach a budget of €90k+

09.2018 - 09.2021

Judo Coach Volunteer

Trainer with black belt 1st Dan. Coached and held responsible of the courses for children aged 5 to 12.

  • English Proficient
  • Italian Native
  • French Advanced