System active • Remote • B2B • Worldwide

CYBER
SECURITY
ARCHITECT

// specialization:

Independent B2B cybersecurity consulting practice. Security architecture, XDR/EDR platform governance, Zero Trust, OT/ICS, regulated environments. No jargon. No vendors. No middlemen. Measurable results. Don't know where to start? That's exactly the right time to call.

📞 Request a consultation ▼ Discover services
18+
Years experience
12
Areas of expertise
0€
First consultation
100%
Remote • B2B
// operating contexts
Enterprise Healthcare Critical Infrastructure Financial Sector
// Security Diagnostic

Diagnose your security situation

Answer a few questions — no registration required. In 5 minutes you get a tailored analysis of your security posture and a concrete starting point.

Question 1
Services

Threat Coverage

Every service delivered directly by me. No agency. You always know who you're talking to and what was done.

// ENDPOINT SECURITY
Endpoint Detection & Response

Advanced EDR/XDR deployment and management. Behavioral detection, YARA rules, IOC/IOA enrichment, threat hunting, containment and SIEM integration. Full Trend Micro stack.

ENDPOINT COVERAGE
Vision One XDRDeep SecurityApex OneQualys EDR
// SOC & DETECTION
SIEM & SOC Monitoring

Enterprise SIEM implementation and tuning. AQL rules, advanced correlation, log normalization, audit-ready dashboarding. False positive and noise reduction.

DETECTION ENGINEERING
IBM QRadarWazuhSplunkGraylog
// VULNERABILITY MGMT
Vulnerability Management

Continuous scanning, global asset inventory, dynamic tagging, SLA remediation tracking. Full Qualys certifications: VMDR, PCI, EDR, CSAM, Cloud Agent.

ASSET MANAGEMENT
Qualys VMDRCSAMPCICloud AgentOpenVAS
// NETWORK SECURITY
Firewall & Network Security

NGFW design and hardening, IPS tuning, SSL inspection, SD-WAN, route-based VPN, micro-segmentation. Periodic pruning to reduce attack surface.

NETWORK HARDENING
FortiGatePalo AltoCheckpointCatopfSense
// CLOUD SECURITY
Cloud Security Multi-Provider

Secure multi-cloud architectures with Zero Trust and defense-in-depth. Posture assessment, IAM hardening, asset inventory connectors, workload security.

CLOUD POSTURE
AWSAzureGCPContainer Sec
// M365 HARDENING
Microsoft 365 Security

Complete M365 hardening: Defender, Intune MDM/MAM, anti-spoofing, BEC, phishing protection, DLP, Exchange Online hygiene, automated compliance policies.

M365 HARDENING
DefenderIntuneExchangeEntra ID
// IDENTITY & ACCESS
Privileged Access Management

Just-in-Time access, credential rotation, session recording, periodic access reviews. SIEM and ticketing integration for least privilege with full traceability.

PRIVILEGE CONTROL
CyberArk PAMRBAC/MFASAML/OAuth2
// AI SECURITY
Secure AI & On-Premise

Local LLM deployment in isolated containers. AI security assessment: prompt injection, data leakage, model governance, RAG security. Auditable fine-tuning. Zero external APIs. GDPR by design.

AI SECURITY
OllamaHugging FaceLLM SecurityMLOps Sec
// INCIDENT RESPONSE
Incident Response & Threat Hunting

Incident handling across EDR, SIEM, network and identity. Malware analysis with Ghidra, STRIDE/DREAD modeling, standardized playbooks, reduced dwell time.

INCIDENT READINESS
GhidraMITRE ATT&CKForensicsJira ITSM
// SECURITY AWARENESS
Training & Security Awareness

Simulated phishing, vishing and smishing campaigns with KPI tracking. Custom awareness with results reintegrated into training and follow-up technical controls.

AWARENESS TRAINING
Phishing simulatoVishingCyberGuru
// OT/ICS SECURITY
OT/ICS Security

OT/ICS security architecture and risk assessment. IT/OT network segmentation, Purdue Model alignment, asset inventory, vulnerability analysis in industrial environments. IEC 62443 and NIST SP 800-82 framework alignment.

OT/ICS HARDENING
IEC 62443NIST SP 800-82Purdue ModelIT/OT Segmentation
// SASE & ZERO TRUST
SASE & Zero Trust Network

SASE architecture design and Zero Trust Network Access implementation. Micro-segmentation, software-defined perimeters, identity-aware access, cloud-native security for distributed environments.

ZERO TRUST ACCESS
Cato NetworksZero TrustZTNASASE Architecture
Intelligence

CVE Stack Analyzer

Select your technology stack and discover vulnerabilities published in the last 90 days. Live data from NVD.

Analyze your stack's vulnerabilities
Select your software — EDR, SIEM, firewall, cloud, IAM, OS — and get a live report of CVEs published in the last 90 days with CVSS severity. Data directly from NVD (nvd.nist.gov).
⚠ Privacy note: queries are proxied through our server to NVD (nvd.nist.gov). Your IP is not exposed to NVD. Results are keyword-based, not CPE/version-specific — use as a quick indicator.
Open Analyzer →
Your concern

"I don't know if my company is truly protected."

If you have this doubt, you're not alone. Most SMEs have active systems that are misconfigured, outdated policies, or compliance managed superficially.

You don't need to know what you need. Call me and we'll figure it out together.

  • No internal IT department? No problem
  • Don't know where to start? That's the right starting point
  • Already suffered an incident? Let's analyze what happened
  • NIS2, DORA or SOC2 audit coming up? Let's get organized
  • Want to measure your real risk? Let's do it together
📞 Request a consultation
Book

Choose a slot

The first call is completely free with no time limit. No preparation needed. Select a slot and submit your request: I'll confirm via email within a few hours with details.

If no slot works for you, write to me directly and we'll find an alternative time.

First session always free. No payment data required. You'll receive an email confirmation within a few hours.
Available slot
Past day
Marzo 2026
Expertise

Stack & Tools

EDR / XDR
Trend Micro Vision One (XDR)Endpoint, server, mobile, ARM — 360° management, YARA, on-demand scan
Trend Micro Deep SecurityVirtualized environments and cloud workload protection
Trend Micro Apex OneEndpoint protection, behavioral monitoring, automated response
Qualys EDRBehavioral detection, IOC/IOA enrichment, threat containment
Trellix (McAfee ENS)Endpoint security, threat prevention, adaptive threat protection
Qualys EDR Certified
SIEM & SOC
IBM QRadarAQL rules, building blocks, reference sets, DSM tuning, dashboard
WazuhSIEM open-source, alerting, log normalization
SplunkCorrelation, dashboarding, detection engineering
GraylogLog monitoring, incident detection
Microsoft SentinelCloud-native SIEM/SOAR, KQL rules, analytics rules, workbooks
Jira ITSMIncident, change, problem — SOC ticket integration
Vulnerability Management
Qualys VMDRContinuous scanning, remediation SLA, patch management
Qualys CSAMAsset management globale, connectors AWS/Azure, dynamic tagging
Qualys PCI ComplianceReporting PCI DSS, evidence collection per QSA
Qualys Cloud AgentZero-touch onboarding, activation keys preassigned
OpenVASVulnerability scanning open-source, logic-abuse validation
Qualys VMDRQualys PCIQualys EDRQualys CSAMQualys Cloud Agent
Network / Firewall
FortiGateIPS tuning, SSL inspection, web filtering, SD-WAN, VPN
Palo Alto NetworksNGFW, policy management, threat prevention, HA
Check PointHigh availability, zero downtime in regulated environments
Cato NetworksFull tunnel, Always-On, TLS inspection, geo-detection
pfSense / OpenVPN / OpenSSLSecure VPN, TLS, SMB and healthcare environments
Snort / OSSECIDS/IPS host-based, network intrusion detection
Cloud Security
Amazon Web Services (AWS)Connectors CSAM, IAM, security posture, workload security
Microsoft AzureConnectors CSAM, Entra ID, baseline, posture assessment
Google Cloud PlatformZero Trust healthcare, Cloud Armor WAF, hybrid architectures
Container SecurityHardened environments, network isolation, data residency
Microsoft 365
Microsoft DefenderAnti-spoofing, BEC, phishing, DLP, security baseline
Microsoft IntuneMDM/MAM, compliance policies, update rings, auto-remediation
Exchange OnlineMail hygiene, transport rules, iterative anti-spoofing
Entra ID (Azure AD)MFA, SAML, OAuth2, Conditional Access, impossible travel
PAM / IAM / Identity
CyberArk PAMJust-in-Time access, credential rotation, session recording
RBAC / MFAEnforcement on applications, cloud and hybrid environments
SAML / OAuth2Cross-application SSO integration
Geo / Behavior detectionImpossible travel, automatic MFA reset, session revoke
AI / Dev / Automation
Ollama + Hugging FaceContainerized local LLMs, zero external APIs, GDPR-compliant
LLM Security AssessmentPrompt injection, data leakage, model governance, RAG security
MLOps SecurityDataset versioning, RBAC on AI pipelines, logging, fine-tuning
Python / BashSOC automation, alert workflow, encryption, scripts
GhidraMalware analysis, reverse engineering for threat mitigation
OT / ICS Security
TXOne StellarProtectOT endpoint protection, legacy OS support, trust-list based execution control
TXOne StellarOneOT security management console, asset visibility, policy enforcement
IEC 62443Zone and conduit modeling, security level definition, IACS risk assessment
NIST SP 800-82OT/SCADA security controls, threat modeling, incident response for critical infrastructure
Purdue Model / IT-OT SegmentationNetwork segmentation design, DMZ architecture, OT/IT boundary governance
Compliance & Audit

Frameworks & Regulations

Gap analysis, control mapping, evidence collection and audit support. Audit-ready documentation for businesses of any size.

NIS2
// Network and Information Security Directive 2

Gap analysis, detection controls, security governance, incident management and reporting to competent authorities.

DORA
// Digital Operational Resilience Act

Digital operational resilience for financial sector. ICT risk management, TLPT-ready testing, ICT incident management.

SOC 2
// Service Organization Control Type 2

Evidence for Trust Service Criteria: Security, Availability, Confidentiality. Audit support and gap remediation.

ISO 27001
// Information Security Management System

ISMS, Annex A control mapping, risk management, procedure documentation, certification support.

GDPR
// General Data Protection Regulation + D.Lgs 196/2003

Technical data protection measures, data minimization, least privilege, privacy by design. Healthcare included.

PCI DSS
// Payment Card Industry Data Security Standard

Qualys PCI compliance scans, QSA reporting, remediation tracking, periodic assessments.

IEC 62443
// Industrial Automation & Control Systems Security

Security framework for IACS/OT environments. Risk assessment, zone and conduit modeling, security level definition, requirements for system integrators and asset owners.

NIST SP 800-82
// Guide to OT Security

US federal guidance for industrial control systems security. Threat modeling, security controls tailored for OT/SCADA environments, incident response for critical infrastructure.

ISO 22301
// Business Continuity Management System

BIA, RTO/RPO definition, continuity plan design, recovery testing and management review. Aligned with ISO 27001 for integrated resilience.

Method

Transparent process

01
Exploratory call

We discuss your context. No preparation needed. Free, no commitment, no time limit.

02
Analysis & proposal

Clear overview and concrete action plan. You know what, how, and the cost before starting.

03
Remote execution

Controlled and documented access. Every activity tracked in change tickets. Regular updates.

04
Delivery

Audit-ready documentation and final report. Ongoing support on request or full autonomy.

Pricing

Transparent pricing

No mandatory contract, no licenses, no surprises. You pay exactly what you use.

// First contact
0
> Completely free, no limits
  • Exploratory call with no time limit
  • Context and priority analysis
  • Initial risk assessment
  • No obligation
Book now
Senior advisory rate
// Advisory & Consulting
90€/h
> from • On request • Scope-dependent • VAT invoice
  • Technical consulting on any area
  • Configuration and policy review
  • Incident support
  • One-to-one training
  • Gap analysis and risk assessment
  • Written report included
Start now
// Custom project
Custom
> Fixed fee agreed before starting
  • Full EDR / SIEM / Firewall deployment
  • Compliance NIS2 / DORA / SOC2
  • Continuous vulnerability management
  • Corporate anti-phishing training
  • Structured audit and gap analysis
  • Documentation and deliverables
Let's talk
About me

Emanuele Russo

Cyber Security Architect with over 18 years of hands-on experience in security architecture, IAM/PAM, XDR/EDR platform governance, SIEM, cloud security, Zero Trust and regulated environments. I don't sell licenses, I don't represent vendors: I solve problems.

SlytherOps is an independent B2B cybersecurity consulting practice focused on security architecture, IAM/PAM, XDR/EDR platform governance, SIEM, cloud security, Zero Trust and OT/ICS principles in critical infrastructure and regulated environments. No licenses sold. No vendors represented.

100% remote • B2B • Full transparency and documentation.

// Certifications
ISC2 SSCPCompTIA A+ CyberCompTIA A+ NetworkEC-CouncilPalo Alto NetworksQualys VMDRQualys EDRQualys PCIQualys CSAMQualys Cloud AgentHackTheBox #2175958
// Operational frameworks
MITRE ATT&CKDetection, hunting, CTI
NIST CSFRisk management framework
Zero Trust ArchitectureOn-prem and cloud
STRIDE / DREADThreat modeling
CIS ControlsHardening and baseline
// Languages
ItalianNative
EnglishC2 — Professional
German / JapaneseA2
Contact

Get in touch.

You don't need to know what you need. Explain your situation and we'll figure out where to start. Zero commitment, zero cost, zero jargon.

💼
linkedin.com/in/emanuele-r-job
// professional profile
🟩
HackTheBox — verified profile
// profile/2175958
Book consultation