Simone Curzi

CyberSecurity Consultants in Microsoft have the role of working on engagements where the goal is to protect, detect, or respond to malicious activity from determined human adversaries. As a CyberSecurity Senior Consultant, my goal is to work on projects based on the current Microsoft CyberSecurity offerings, for Customers in Europe and beyond.
My personal goal, as ever, is to contribute to expand the Application Security practice in Microsoft, as the Worldwide Lead for the Application Security Community at Microsoft.

Simone has started building a strong foundation on Infrastructure Security topics like Active Directory, PKI and DirectAccess, and also he has further developed his knowledge around Security Development Lifecycle (SDL) and Threat Modeling: more specifically, he has developed for Microsoft a new Workshop on Threat Modeling and an Application Security Review offering, that he has delivered to some Customers with great success.

• Design and implementation of some components for an internal project named “Distributed Application Health and Performance Management”, based on Systems Center Operations Manager 2007, Visio and other products. This project has been officially lectured about to various Microsoft Product Groups during TeachReady 2010.
• Contribution to a Council about the introduction of SOA concepts within INPS. Other organizations involved were IBM, Accenture and Avanade.
• Contributed as Architect to a project about the re-engineering of the Teller Application for Banca delle Marche (a minor Italian Bank).
• Delivery to GSE of a Workshop on Application Security and SDL.
• Design and development of a solution to automatically propagate passwords as they are entered or changed to the Credential Manager library, to ensure Single Sign-On to Enterprise resources exposed on Extranet or on the Cloud (Office 365).
• Management of four projects based on SharePoint 2010 for the Unicredit Group, as Project Manager and Architect, mainly for Compliancy and HR. This experience has been particularly useful to grow soft skills about Team management, Customer Expectation Management and about Management of the different goals of the involved third-parties.
• Architecture and Team Leading for a couple of projects based on SharePoint 2010 for the Unicredit Group. Both projects have been characterized by successful execution in forbidding conditions.
• Design and implementation of a Visio AddIn for a Unicredit Group internal project, for the HR Organization. The project has won an award from Unicredit and another award from the Microsoft Communities.
• Preparation and delivery of a training on Threat Modeling for Microsoft Employees, held in Rome e Milan.
• Migration of a BPM-like infrastructure built by an Italian Bank, from SharePoint 2007 and SharePoint 2013. It has involved the design and implementation of a three layer infrastructure based on a SharePoint Service application. In this project, Simone has also performed a preliminary assessment of the application security through an informal Security Code Review.
• Preparation and delivery of a Workshop on SDL and Threat Modeling of three applications for an ISV in Italy.

• Management of a project on “High-Performance Computing” (HPC) for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
• Contribution to project Branch of the Future (“Filiale del Futuro”) as technology expert. This project has been sponsored by Steve Ballmer (former Microsoft CEO).
• Development of an Enterprise Service Bus for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
• Project Management of a project about the integration of Identity Management systems based on ILM, for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.

• Design and Development of the Teller Application for Deutsche Bank Italy.
• Design and Development of a Software Factory for Web Applications for Winthertur, composed by a specialized Framework, documentation and samples, and by the definition of the whole development process.
• Analysis, Design, Development and Team Leading for a Client-Server  application based on Smart Client that provides an integrated experience for small Investment Management Firms, Ultra.NET, for an ISV called Financial Tradeware.

• Design and realization of an application server to publish business logic, for Il Sole 24 Ore-Radiocor and specifically for their Trading OnLine solution, called MultiTrade; it has been used also by Intesa SanPaolo Bank for their Home Banking solution and by others.
• Design, Development and Team Leading of a project about a Web Single Sign-On solution, called Single Web Authentication (SWA), initially implemented for Intesa Bank. This solution has been successfully adopted by a number of additional institutions, like San Paolo-IMI Group, Rai, Telecom Italia, Winterthur and Finsiel. This has been the first Project developed in Italy with Microsoft .NET Framework 1.0.