Printing tool Download PDF

Summary

Simone Curzi has a 15 years experience as a Consultant and Delivery Architect within Microsoft Consulting Services, 2 years in Microsoft Customer Service & Support organization as Senior PFE specialized on Security and 3 years as a Senior and Principal Consultant in Cybersecurity. As such, he has gained strong competencies around Software Architectures, Methodologies and Security. 
Application Security has been one of Simone's main areas of interests, even before joining Microsoft: since late 1990s he has cultivated the passion for Security and this has led Simone to publish a set of articles on Cryptography on an important Italian Magazine for Developers.
Simone has envisioned a long term journey that will allow him to be a more complete Security Expert. This has allowed him to achieve many important goals, such as participating as a Speaker at various Microsoft internal technical events (TechReady, Microsoft Ready), be a recognized contributing member of the Microsoft SDL Community and a Threat Modeling Expert.

Simone is certified by (ISC)2 as a CSSLP Professional, since April 2016.

On May 2016, Simone has assumed the role of Lead of the Worldwide Microsoft Technical Community for the Security Development Lifecycle.

Previous Experiences

September 2018 - Present

Principal Consultant, Cyber

Microsoft

Continuing the path started many years ago, as a Principal Consultant the main goal becomes the creation of new offerings to address the most important needs from Microsoft Customers and share the know how gained over the years with colleagues and Customers.

Main activities performed during the period:

  • Development of a new offering to introduce Threat Modeling as a main Security Practice to Customers, called Threat Modeling Program.
  • Execution of Threat Models for external Customers, including organizations in the Public (Poste Italiane, SAPS), Automotive (Daimler, CNHi), Transport (SNCF), Electric Equipment (Rexel, Hager, Siemens Gamesa), Energy (Agder Energy) and Sport (Real Madrid) sectors.
  • Execution of Security Code Reviews for internal and external Customers, for organizations in the Public (Poste Italiane, Poland's Ministry of Finance), Transport (Italian National Railway "FS") and Commercial (IBS) sectors.
  • Development and implementation of a personalized program to introduce Application Security to SAPS (Public Sector).
February 2017August 2018

Senior Consultant, Cyber

Microsoft

Cybersecurity Consultants in Microsoft have the role of working on engagements where the goal is to protect, detect, or respond to malicious activity from determined human adversaries. As a Cybersecurity Senior Consultant, the goal has been to work on projects based on the current Microsoft Cybersecurity offerings, for Customers in Europe and beyond.
The personal goal, as ever, is to contribute to expand the Application Security practice in Microsoft, as the Worldwide Lead for the Application Security Community at Microsoft.

Main activities performed during the period:

  • Development of a new offering, a full-fledged high-assurance Threat Modeling exercise called Threat Modeling for Security Risk (TMSR).
  • Execution of Threat Models for internal and external Customers, including organizations in the Public (GIZ), Electric Equipment (ABB), Financial (Aktif Bank), Transport (Heathrow Airport, Damco), Insurance (Europ Assistance, SwissRE), Services (Adecco) and Sport (Real Madrid) sectors.
  • Execution of Security Code Reviews for internal and external Customers, for organizations in the Sport (FIFA), Energy (GSE) and Commercial (IBS) sectors.
  • Security Advisory for the execution of projects, for Maersk: this has involved a full engagement including regular Threat Models, Security Code Reviews and much more.
  • Development and Implementation of a personalized program to introduce Application Security to Corte dei Conti (Public Sector).
  • Assistance to get better security for ATMs for a major Italian Bank.
May 2015January 2017

Senior PFE Security

Microsoft

Simone has started building a strong foundation on Infrastructure Security topics like Active Directory, PKI and DirectAccess, and also he has further developed his knowledge around Security Development Lifecycle (SDL) and Threat Modeling: more specifically, he has developed for Microsoft a new Workshop on Threat Modeling and an Application Security Review offering, that he has delivered to some Customers with great success.

2008Apr 2015

Senior Consultant and Delivery Architect

Microsoft
  • Delivery of Workshops on Application Security, SDL and Threat Modeling to various Customers and to Microsoft employees.
  • Participation to a Microsoft internal project, which has been officially lectured about to various Microsoft Product Groups during TeachReady 2010.
  • Contribution to a Council about the introduction of SOA concepts within INPS. Other organizations involved were IBM, Accenture and Avanade.
  • Contributed as Architect to a project about the re-engineering of the Teller Application for Banca delle Marche (a minor Italian Bank).
  • Architecture and Team Leading for various projects based on SharePoint 2010 for the Unicredit Group.
  • Design and implementation of a Visio AddIn for a Unicredit Group internal project, for the HR Organization. The project has won an award from Unicredit and another award from the Microsoft Communities.
  • Migration of a BPM-like infrastructure built by an Italian Bank, from SharePoint 2007 and SharePoint 2013. The activity has included the execution of a Security Code Review.
20052008

Experienced Consultant

Microsoft
  • Management of a project on “High-Performance Computing” (HPC) for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
  • Contribution to project Branch of the Future (“Filiale del Futuro”) as technology expert. This project has been sponsored by Steve Ballmer (former Microsoft CEO).
  • Development of an Enterprise Service Bus for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
  • Project Management of a project about the integration of Identity Management systems based on ILM, for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
20022005

Consultant

Microsoft
  • Design and Development of the Teller Application for Deutsche Bank Italy.
  • Design and Development of a Software Factory for Web Applications for Winthertur, composed by a specialized Framework, documentation and samples, and by the definition of the whole development process.
  • Analysis, Design, Development and Team Leading for a Client-Server  application based on Smart Client that provides an integrated experience for small Investment Management Firms, Ultra.NET, for an ISV called Financial Tradeware.
20002002

Assistant Consultant I & II

Microsoft

In this period Simone has made the first steps in Microsoft Consulting Services. He has started very fast to play much greater roles than those implied by his formal role, like those of Analyst and Architect. The most important activities in this period, have been:

  • Design and realization of an application server for Il Sole 24 Ore-Radiocor, used also by Intesa SanPaolo Bank for their Home Banking solution and by others.
  • Design, Development and Team Leading of a project about a Web Single Sign-On solution initially implemented for Intesa Bank and then adopted by a number of additional institutions, including San Paolo-IMI Group, Rai, Telecom Italia, Winterthur and Finsiel.
19981999

Freelance Developer

Development of various solutions for local Customers.

Education

1998

Master's Degree on Electronic Engineer

Università degli Studi di Perugia
Electronic Engineer Degree with Thesis on "Design and Development of a Protection System for Data Banks to be Published on Internet".