Riccardo Sirigu

Developed course modules for the “Secure Coding for Embedded Systems” program, covering system hardening, supply chain risk management, TLS, and secure update mechanisms. Focused on equipping engineers with practical strategies for building secure and resilient embedded systems.

Lead security initiatives for web applications and IoT systems. Guide clients in implementing security-by-design practices throughout the Software Development Lifecycle (SDLC). Conduct threat modeling, define security requirements, and deliver corporate training on secure coding, application security, and secure architecture.

Performed penetration testing, secure code reviews, and vulnerability assessments across hardware, software, and cloud environments. Advised clients on improving their security posture and led workshops to help developers integrate security best practices into their workflows.

Contributed to the Mobile Security Testing Guide (MSTG) and Web Security Testing Guide (WSTG), collaborating with global experts to keep them aligned with evolving threat landscapes. Translated the OWASP Top 10 (2021), ASVS, LLM AI Cybersecurity & Governance Checklist, and OWASP LLM Top 10 into Italian, expanding access to key cybersecurity resources within the Italian-speaking community.

Delivered technical training on Java Enterprise Edition (Java EE), focusing on Servlets, JSP, and RESTful API development using both plain Java EE and Spring Boot. Emphasized secure coding practices and application-layer defense strategies.

Designed and maintained core platform components using Scala, Lift Framework, JavaScript, and MongoDB. Contributed to platform scalability and long-term maintainability with a focus on performance and security.

Refined and extended microservices infrastructure using Scala, Akka, and Lagom. Contributed to backend reliability and architectural improvements.

Developed backend and frontend systems for web and mobile applications using Node.js and React. Mentored junior developers and promoted clean code principles and collaborative workflows.

Design and develop full-stack software solutions, with an emphasis on scalability, testability, security, and maintainability. Provide strategic consulting on technology stacks, architecture choices, and development best practices.

Industry-recognized certification validating advanced knowledge in cybersecurity, risk management, cryptography, network security, and secure system design.

Focused on internet security, IoT (Internet of Things), 4G/5G network security, applied cryptography, and secure software development.

Topics included cryptography, hardware and software security, system usability, and secure design principles.

Summer School in Computer Security & Privacy, focused on privacy, system threats, and secure software engineering.

Master's Degree in Computer Science

Bachelor's degree in Computer Science