Filippo

Filippo

Cyber Security Specialist, Software Engineer.

Curriculum Vitae

Who What
Filippo Buletto
born on March 11th 1987		 Master’s degree
in Computer engineering

Skills

Applications

Deep knowledge of Container Runtimes (Docker, Podman), Kubernetes, Prometheus, Grafana LGTM stack, Veracode SAST/SCA, Sysdig Secure, Kong API Gateway, Kong Mesh.

Good knowledge of Microsoft Office, Open Office.

Programming Languages

Deep knowledge of Java 11, Jakarta EE 9.

Other languages of Bash Script, Javascript, Latex.

Development Environment

Deep knowledge of Eclipse, VS Code, GIT, Maven.

Good knowledge of Terminal and GNU tools.

Databases

Deep knowledge of PostgreSQL, Oracle DB.

Good knowledge of Mongo DB.

Other MySQL.

Operating Systems

Deep knowledge of Microsoft Windows (10 Desktop), Linux, Apple macOS.

Good knowledge of Apple iOS.

Other

Deep knowledge of AWS Cloud, VPNs, MS Teams.

Personal informations

I’m a Cyber Security Specialist in the Platform Evolution team at InfoCert.

I’ve experience in Java/JavaEE technologies and I’ve worked on designing and implementing software solutions in the fields of SQL Databases and E-Commerce SOA integrations ahead of my employment at InfoCert. I’ve also worked with the InfoCert “certified e-mail” team before joining the Product and Service Development team. I now hold a role that allows me to collaborate with the cybersecurity team while remaining in the application domain thus focusing on issues such as secure development and information security standards.

I’ve experienced remote (smart) working: improving my digital communication skills, managing my time effectively, using tools to securely remote access to corporate resources.

I hold a Master’s degree in Software Engineering from the University of Padova, IT. My final year project was an essay on the process of creating an ICT Startup.

I enjoy photographing, reading, and traveling in my spare time. I’ve been a Chief Scout, I hold an autonomous diver certification and I’m into sports such as Road bicycle racing.

Work experience

InfoCert

Contractual status: Full-time open-ended contract, CCNL Industria with MBO.

Cyber Security Specialist Padova
InfoCert 04/2021 - Today

Team: Platform Evolution

Mission: Oversees the evolution of development tools and core technologies for service delivery and oversees their knowledge transfer to teams.

Competence Center: Security Enhancements

Mission: To assure that products and services has been designed from the foundation to be secure, to ensure security and privacy of software systems.

Involved technologies: AWS Cloud, Kubernetes, SAST/SCA Tools (Veracode), Runtime Security Tools (Sysdig), QRadar SIEM, Kong API Gateway, Kong Mesh.

Description: I’ve designed the Application Security Policy that drives the management of the S-SDLC (Secure Software Development Life Cycle), or rather, the software development process that has incorporated specific security activities within its different stages. These Policies define the activities that must therefore be carried out during the development stage in order to increase the overall security before it being released into production This approach also guarantees savings on the overall fixing security process, compared to an undefined approach based only through testing activities carried out at the end of development. I researched and analyzed possible tools that could be used in the enterprise to integrate the SSDLC and secure both the development chain and the operating environment; now these tools are in use in the company and I curate their evolution and their KPI. I deepened the knowledge of security requirements for secure enterprise application development defined by OWASP and help DevOps teams in their understanding and application. I’ve delved into application security issues in the cloud (AWS) and I’m CKAD certified (Kubernetes). I specialized in API security because APIs are to date a major attack vector. API-driven cyber attacks lead to data breaches, customer data leaks, and lawsuits. I helped build a robust and reliable API infrastructure with the use of two key tools: API Gateway for north-south traffic, Service Mesh for east-west traffic. I led the team that deployed a “zero-trust” posture system by enforcing policies for transparent use of mTLS and microservices resilience and observability.

Software Architect Padova
InfoCert 02/2013 - 04/2021

Goals: Development and design of WEB Services for the SME market.

Involved technologies: Java 11, Oracle DB, RESTful WebServices, JBoss EAP 7, Infinispan, Quarkus, Prometheus.

Description: I specialized in designing and developing high reliability / availability web services with Java EE technology. I studied in deep the object oriented and functional programming with Java 8 and I studied the technologies of the JVM internals. I promote the application of design patterns and SOLID principles.

Each project involved distributed clustering for high reliability and I learned to tackle issues such as: replication, eventual consistency, asynchronous processing, fault tolerance and the circuit breaker.

I evaluated the adoption of cloud ready architectures such as microservices and related technologies (Docker, Kubernetes, Eclipse MicroProfile).

I have an in-depth knowledge of the main desktop operating systems among which I’m confrtable to work, I’ve also a good knowledge of linux server systems.

As databases, I can interface with relational and non-relational systems.

I contributed to the definition of company standards such as Continuous Integration, Development Environment, Code Review, Version Control, Static Code Analysis, JVM and Middleware technology updates, process documentation for ISO:9000, ISO:20000 and ISO:27001 Compliance.

I have specialized in the field of application security, contributing to the definition of company guidelines, I am also part of the team that guarantees security, identifies security faults, verifies the effectiveness of each security measure.

Project: LegalCert REST

Involved technologies: Java 6, Java EE 5, Jboss EAP 5, PKI (PKCS#10, PKCS#7).

Description: Design and development of a frontend application to the registration and certification authority Infocert aimed at replacing old SOAP technologies with the most recent REST.

Project: InfoCert Secure Access Controller

Involved technologies: Java 8, Java EE 7, LDAP, Infinispan, JBoss EAP 7, Prometheus, Grafana.

Description: Design and development of a custom identity provider which implement a self-taught protocol but also a standard one such as OpenID Connect 1.0 in accordance with ISO / IEC 29115. This led me to learn about technologies such as LDAP, distributed in-memory key/value data stores, JWT signature and encryption. Given the business critical task of this application it has been monitored for performance metrics with Prometheus (and Grafana for data visualization).

Project: Sistema Pubblico di Identità Digitale (SPID - InfoCert ID)

Involved technologies: Java 8, Java EE 6, LDAP, Infinispan, JBoss EAP 6.

Description: Design and development of a custom identity provider which implement the AgID SPID SAML2 protocol. SPID is the (Italian) Public Digital Identity System that guarantees all citizens and businesses a single, secure and protected access to the digital services of the Public Administration. This application federates with InfoCert Secure Access Controller allowing interoperability with InfoCert services.

Reply

IT Consultant Milano
Reply Technology 05/2012 - 01/2013

Contractual status: Full-time fixed-term contract. CCNL Industria 5° Livello. Aimed at permanent employment and level advancement.

Customer: Euronics

Goals: Acquisition of technical and functional independence in large projects using the tools of Oracle SOA technologies.

Involved technologies: Java 6, MySQL, Tomcat, Struts, Hibernate, Javascript, Apache Virtual Server, Java Servlet

Description: Develop an application with business process management capabilities using Java technologies, Oracle Service Bus, Oracle Weblogic 11g with SOA functionality interfacing to Microsoft SQL Server database and Oracle. The start-uping project requires to process and export to the Customer the requested information at pre-established and automated intervals. The development continued with advanced features and interfacing with frontend-backend applications of external companies affiliated with the customer. Work site: Milano.

Customer: Reply

Goals: Acquisition of technical and functional independence within medium-sized and complex projects.

Involved technologies: Java 6, MySQL, Tomcat, Struts, Hibernate, Javascript, Apache Virtual Server, Java Servlet

Description: Support to Senior Consultant for knowledge of the project and start the independent management of the Reply group sites. The project consists in providing new functionality to backend applications and support to the frontend structure. In the period between June and July I have undertaken in almost total autonomy the preparation of the application structure for the release (backend) of a new site of the group, collaborating also with colleagues from other Business Units to provide support to the platform’s applications. Support for site management continued in non-constant periods to provide AM and CR support thanks to the experience gained on the applications development. Work site: Milano.

IT Consultant Milano
Reply Technology 02/2012 - 04/2012

Contractual status: Internship aimed at hiring.

Customer: Mediaset

Goals: Training on the job.

Involved technologies: Java 6, Spring Framework, Oracle 11g, Javascript

Description: Training in the application maintenance group: development of Java and Oracle PL / SQL applications. The developers group introduced me to the business environment and to group work, for the maintenance of the applications; the skills I acquired led me to a fair level of autonomy in the management of AM requests. In the same period I also took part in the development of a new Java application with the use of the Spring Framework and Javascript libraries. Work site: Milano.

Personal projects

For the past few years I have maintained a personal server where I selfhost all the web applications I use (as an alternative to external services), in doing so I have been able to delve into all issues of web service operation and security in a vertical manner (deployment and update, managing disruptions and reachability from the internet with good quality of service). I delved into often underestimated network topic such as the DNS system by operating a local resolver on UDP and HTTPS protocol.

Developer Internet
Open-source software 2010 - Today

https://github.com/filippobuletto

First released under a CC BY-NC-ND 3.0 License and than under the MIT License. DropLink is a simple application that allows to exceed the limit imposed by Dropbox synchronizing also files / directories outside the synchronization folder. The application has reached thousands of downloads worldwide. Website.

Not So JUG

I co-founded a Java User Group. Website.

Prometheus-healthchecks

Licensed under the MIT License. Prometheus health checks collector is a library that includes a custom collector for the Prometheus JVM Client. Website.

Tutor Part-time Lendinara
Personal teacher 2008 - 2011

Education

Master’s degree

Università degli studi di Padova
Laurea Magistrale in Ingegneria Informatica		 Padova
2009-2011
  • Thesis: Ingegnerizzazione del processo di creazione di una Startup: dall’idea al modello di business / Creating a Startup: from the idea to the Business Model
  • Final score: 103/110
  • Classes:
    • Parallel Calculation, Numerical Processing of Signals, Three-dimensional Data Processing, Big Data, Theoretical Computing, Operational Research, Realtime Systems.
    • Artificial Intelligence, Temporal Reasoning, Distributed Systems, Information Retrieval, Strategic Management of Organizations, Information Economics.

Bachelor’s degree

Università degli studi di Padova
Laurea Triennale in Ingegneria Informatica		 Padova
2006-2009
  • Thesis: Realizzazione di un simulatore semplificato del robot educativo Mindstorm NXT / Realization of a simplified simulator for the educational robot Mindstorm NXT
  • Final score: 102/110
  • Classes:
    • Mathematics, Physics, Foundations of Computer Science, Circuits and Logical Systems.
    • Signals and systems, Foundations of Electronics, Foundations of Automation, Fundamentals of Communication, Electrotechnics, Computer Architecture, Data and algorithms.
    • Software Engineering, Information Systems, Operating Systems, Data Bases, Computer Networks, Data and Algorithms, Economics, Information History.

High school

ITIS F. Viola
Perito Industriale Capotecnico		 Rovigo
2001-2006
  • Final score: 91/100
  • European Computer Driving Licence (ECDL) N° IT 716799

Awards

  • Olimpiadi dell’Informatica di Istituto - 2nd Place (2005/2006)
  • Olimpiadi dell’Informatica di Istituto - 1st Place (2004/2005)

Courses and Certifications

See Courses and Certifications page.

Contact me for a PDF version.