Printing tool Download PDF


Simone Curzi has a 15 years experience as a Consultant and Delivery Architect within Microsoft Consulting Services, plus 2 years in Microsoft Customer Service & Support organization as Senior PFE specialized on Security. As such, he has gained strong competencies around Software Architectures, Methodologies and Security. 
Application Security has been one of Simone's main areas of interests, even before joining Microsoft: since late 1990s he has cultivated the passion for Security and this has led Simone to publish a set of articles on Cryptography on an important Italian Magazine for Developers.
Simone has envisioned a long term journey that will allow him to be a more complete Security Expert. This has allowed him to achieve many important goals, such as participating as a Speaker at various Microsoft internal technical events (TechReady), being selected to be part of the Microsoft InfoSecurity Force European Team, be a recognized contributing member of the Microsoft SDL Community and a Threat Modeling Expert.

Simone is certified by (ISC)2 as a CSSLP Professional, since April 2016.

On May 2016, Simone has assumed the role of Lead of the Worldwide Microsoft Technical Community for the Security Development Lifecycle.

Previous Experiences

February 2017Present

CyberSecurity Senior Consultant


CyberSecurity Consultants in Microsoft have the role of working on engagements where the goal is to protect, detect, or respond to malicious activity from determined human adversaries. As a CyberSecurity Senior Consultant, my goal is to work on projects based on the current Microsoft CyberSecurity offerings, for Customers in Europe and beyond.
My personal goal, as ever, is to contribute to expand the Application Security practice in Microsoft, as the Worldwide Lead for the Application Security Community at Microsoft.

May 2015January 2017

Senior PFE Security


Simone has started building a strong foundation on Infrastructure Security topics like Active Directory, PKI and DirectAccess, and also he has further developed his knowledge around Security Development Lifecycle (SDL) and Threat Modeling: more specifically, he has developed for Microsoft a new Workshop on Threat Modeling and an Application Security Review offering, that he has delivered to some Customers with great success.

2008Apr 2015

Senior Consultant and Delivery Architect

  • Design and implementation of some components for an internal project named “Distributed Application Health and Performance Management”, based on Systems Center Operations Manager 2007, Visio and other products. This project has been officially lectured about to various Microsoft Product Groups during TeachReady 2010.
  • Contribution to a Council about the introduction of SOA concepts within INPS. Other organizations involved were IBM, Accenture and Avanade.
  • Contributed as Architect to a project about the re-engineering of the Teller Application for Banca delle Marche (a minor Italian Bank).
  • Delivery to GSE of a Workshop on Application Security and SDL.
  • Design and development of a solution to automatically propagate passwords as they are entered or changed to the Credential Manager library, to ensure Single Sign-On to Enterprise resources exposed on Extranet or on the Cloud (Office 365).
  • Management of four projects based on SharePoint 2010 for the Unicredit Group, as Project Manager and Architect, mainly for Compliancy and HR. This experience has been particularly useful to grow soft skills about Team management, Customer Expectation Management and about Management of the different goals of the involved third-parties.
  • Architecture and Team Leading for a couple of projects based on SharePoint 2010 for the Unicredit Group. Both projects have been characterized by successful execution in forbidding conditions.
  • Design and implementation of a Visio AddIn for a Unicredit Group internal project, for the HR Organization. The project has won an award from Unicredit and another award from the Microsoft Communities.
  • Preparation and delivery of a training on Threat Modeling for Microsoft Employees, held in Rome e Milan.
  • Migration of a BPM-like infrastructure built by an Italian Bank, from SharePoint 2007 and SharePoint 2013. It has involved the design and implementation of a three layer infrastructure based on a SharePoint Service application. In this project, Simone has also performed a preliminary assessment of the application security through an informal Security Code Review.
  • Preparation and delivery of a Workshop on SDL and Threat Modeling of three applications for an ISV in Italy.

Experienced Consultant

  • Management of a project on “High-Performance Computing” (HPC) for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
  • Contribution to project Branch of the Future (“Filiale del Futuro”) as technology expert. This project has been sponsored by Steve Ballmer (former Microsoft CEO).
  • Development of an Enterprise Service Bus for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.
  • Project Management of a project about the integration of Identity Management systems based on ILM, for Consorzio Operativo of Monte dei Paschi di Siena Bank Group.


  • Design and Development of the Teller Application for Deutsche Bank Italy.
  • Design and Development of a Software Factory for Web Applications for Winthertur, composed by a specialized Framework, documentation and samples, and by the definition of the whole development process.
  • Analysis, Design, Development and Team Leading for a Client-Server  application based on Smart Client that provides an integrated experience for small Investment Management Firms, Ultra.NET, for an ISV called Financial Tradeware.

Assistant Consultant I & II

In this period Simone has made the first steps in Microsoft Consulting Services. He has started very fast to play much greater roles than those implied by his formal role, like those of Analyst and Architect.
One of the most important Projects in this period has been the Design and Implementation of the first Local IPs for Microsoft Italy implemented with Microsoft .NET, a Single Sign-On Solution.

Most important activities as an Assistant Consultant I and II:
  • Design and realization of an application server to publish business logic, for Il Sole 24 Ore-Radiocor and specifically for their Trading OnLine solution, called MultiTrade; it has been used also by Intesa SanPaolo Bank for their Home Banking solution and by others.
  • Design, Development and Team Leading of a project about a Web Single Sign-On solution, called Single Web Authentication (SWA), initially implemented for Intesa Bank. This solution has been successfully adopted by a number of additional institutions, like San Paolo-IMI Group, Rai, Telecom Italia, Winterthur and Finsiel. This has been the first Project developed in Italy with Microsoft .NET Framework 1.0.

Freelance Developer

Development of various solutions for local Customers.



Master's Degree on Electronic Engineer

Università degli Studi di Perugia
Electronic Engineer Degree with Thesis on "Design and Development of a Protection System for Data Banks to be Published on Internet".