Looking for a job

Francesco Citti

@francescocitti

Message

I’m a cybersecurity engineer building detection, IAM, and remediation programs that reduce breach blast radius.

Ireland

Message

What I'm looking for

I'm a Cybersecurity Engineer transitioning into full-stack development, looking for a role where security thinking meets product engineering. I want to tackle hard technical challenges, ship real features, and grow as an engineer in a fast-moving team that values ownership and technical depth.

I’m an Associate Security Engineer in Dublin, where I’ve identified IAM privilege risks and engineered a Just-in-Time (JIT) integration, eliminating standing permissions for 140+ engineers and shrinking breach blast radius company-wide. I also built a SIEM from scratch—defining 60+ detection rules and ingestion pipelines—to establish centralized real-time threat detection.

Previously at NTT DATA, I responded to 30+ security incidents, containing active intrusions and minimizing client impact through fast triage and mitigation. I monitored live environments across 5+ enterprise clients using SIEM, IDPS, WAF, and patch management, and investigated 50+ vulnerabilities using NIST CSF, MITRE ATT&CK, OWASP Top10, and the Diamond Model, delivering actionable threat intelligence.

I’ve contributed deeply to compliance and governance, leading ISO 27001 audits covering 100+ controls across HIPAA, DORA, eIDAS2, GLBA, PCI DSS, GDPR, and NIS2 for a major European bank. Alongside this, I value automation and secure-by-design practices—embedding misconfiguration detection into 10+ CI/CD pipelines (GitHub Actions) and Terraform IaC—while pursuing a Master’s in Cyber Risk Strategy & Governance.

Experience

Work history, roles, and key accomplishments

Current

Associate Security Engineer

Current

Phorest Saloon Software

Feb 2024 - Present (2 years 4 months)

Identified IAM privilege risks and engineered a Just-in-Time integration, eliminating standing permissions for 140+ engineers and reducing the company-wide breach blast radius. Built a SIEM from scratch with 60+ detection rules, and coordinated remediation of 100+ critical vulnerabilities across 5+ engineering teams.

IAM SIEM Detection Engineering Vulnerability Management PCI DSS GitHub Actions Terraform CI CD Security

Cybersecurity Analyst

NTT Data

Jul 2022 - Jan 2024 (1 year 6 months)

Responded to 30+ security incidents over 18 months, containing active intrusions and minimizing client impact through triage and mitigation. Applied NIST CSF, MITRE ATT&CK, OWASP Top 10, and Diamond Model to investigate 50+ vulnerabilities, and led ISO 27001 audits covering 100+ controls for a major European bank.

Incident Response WAF NIST CSF OWASP Top 10 ISO 27001 Threat Intelligence

Digital Advisor

Italian American Chamber of Commerce

Jul 2019 - Sep 2020 (1 year 2 months)

Built a custom CRM adopted by 30+ member companies, boosting customer retention by 500% within 6 months. Developed a members-only web portal with dynamic statistics to improve service value for 50+ active members.

CRM Development Web Portals Customer Retention Strategy Stakeholder Management

Education

Degrees, certifications, and relevant coursework

Bocconi University & Polytechnic of Milan

Master's degree, Cyber Risk Strategy & Governance

2021 - 2024

Master's in Cyber Risk Strategy & Governance with a final paper titled "Optimizing Threat Intelligence: A Strategic Framework for an Enhanced Cybersecurity Posture."

Bocconi University

Bachelor's degree, Management & Economics

2018 - 2021

Bachelor's in Management & Economics with a final paper titled "Threats, investments and performances of Italian companies in cybersecurity during 2020."