Homepage | M2F14M3

Lоrеnzо ЅоӀitо

Ethical Hacker && Junior Penetration Tester && Junior Red Team Operator

Hi,
My name is Lorenzo Solito.
I'm a Cyber Security Professional, I'm the kind of guy that loves to learn new things and is always looking for new challenges to improve himself.
I'm currently working at Consulthink as Ethical Hacker && Junior Penetration Tester && Junior Red Team Operator.

Work Experiences

Consulthink

Ethical Hacker && Junior Penetration Tester && Junior Red Team Operator
Full-Time
Rome, Latium, Italy · Remote
February 2025 - Present (5 Months)

Tasks:

Vulnerability Assessment
Web Application Penetration Testing

EY
January 2024 - February 2025 (1 Year 1 Month)

Cyber Security Analyst - SOC Tier 3 && Cyber Threat Management Detection & Response - Staff 2
Full-Time
Milan, Lombardy, Italy · Remote
March 2024 - February 2025 (11 Months)

Tasks:

Training and Support to Junior Colleagues
Monitoring, Analysis and Reporting of IT Security Incidents
XDR [Extended Detection and Response] Monitoring and Analysis (Check Point Infinity)
SIEM [Security Information and Event Management] Monitoring and Analysis (Microsoft Azure Sentinel)
Rule Creation, Tuning and Automation on SIEM [Security Information and Event Management] (Microsoft Azure Sentinel)
Static and Dynamic Malware Analysis (Virus Total / Joe Sandbox / Any.Run)
IPs, URLs and Domains Analysis (AbuseIPdb / URL Scan / Whois / Central Ops)
Cloud Security (Microsoft Defender ATP [Advanced Threat Protection])
Mail Spam and Phishing Analysis (Email Headers / MXToolBox)
Firewall Monitoring and Analysis (Fortinet)
Network and Web Monitoring and Analysis (Shodan / Censys / Wappalyzer)
CTI [Cyber Threat Intelligence] and OSINT [Open-Source Intelligence] Analysis (Rapid7 Intsights / Cisco Talos)
Vulnerability Management (Microsoft Defender EASM [External Attack Surface Management])

Cyber Security Analyst - SOC Tier 2 && Cyber Security & Digital Protection - Staff 2
Full-Time
Milan, Lombardy, Italy · Remote
January 2024 - March 2024 (2 Months)

Tasks:

Training and Support to Junior Colleagues
Monitoring, Analysis and Reporting of IT Security Incidents
SIEM [Security Information and Event Management] Monitoring and Analysis (Microsoft Azure Sentinel)
Configuration and Rule Tuning of SIEM [Security Information and Event Management] (Microsoft Azure Sentinel)
Static and Dynamic Malware Analysis (Virus Total / Joe Sandbox / Any.Run)
IPs, URLs and Domains Analysis (AbuseIPdb / URL Scan / Whois / Central Ops)
Cloud Security (Microsoft Defender ATP [Advanced Threat Protection])
Mail Spam and Phishing Analysis (Email Headers / MXToolBox)
Firewall Monitoring and Analysis (Fortinet)
Network and Web Monitoring and Analysis (Shodan / Censys / Wappalyzer)
CTI [Cyber Threat Intelligence] and OSINT [Open-Source Intelligence] Analysis (Rapid7 Intsights / Cisco Talos)

Sorint.SEC
September 2022 - January 2024 (1 Year 4 Months)

Cyber Security Analyst & Shift Supervisor - SOC Tier 1
Apprenticeship
Brembate, Lombardy, Italy · On-Site
May 2023 - January 2024 (8 Months)

Tasks:

Middleman for Communications Between SOC Tier 1 and SOC Tier 2
Training and Support to Junior Colleagues
Monitoring, Analysis and Reporting of IT Security Incidents
SIEM [Security Information and Event Management] Monitoring and Analysis (Splunk / Microsoft Azure Sentinel / IBM Qradar / Exabeam / Google Chronicle)
XDR [Extended Detection and Response] / EDR [Endpoint Detection and Response] / MDR [Managed Detection and Response] Monitoring and Analysis (Falcon Crowdstrike / Trellix Fireeye / Sentinel One / Trend Micro / Darktrace / Cisco Secure Endpoint)
Static and Dynamic Malware Analysis (Virus Total / Joe Sandbox / Any.Run)
IPs, URLs and Domains Analysis (AbuseIPdb / URL Scan / Whois / Central Ops)
Cloud Security (Zscaler / Microsoft Defender ATP [Advanced Threat Protection])
User Behavior Analysis via DLP [Data Loss Prevention] (Exabeam / FIT [Forcepoint Insider Threat])
Mail Spam and Phishing Analysis (Email Headers / Proofpoint / PhishER / MXToolBox)
Firewall / WAF [Web Application Firewall] Monitoring and Analysis (Palo Alto / Fortinet / Imperva)
Network and Web Monitoring and Analysis (Observium / Wireshark / Shodan / Censys / Wappalyzer)
PAM [Privileged Access Management] Solutions (CyberArk)
NDR [Network Detection and Response] Monitoring and Analysis (Vectra AI)
ICS [Industrial Control Systems] Monitoring and Analysis (Nozomi)
CTI [Cyber Threat Intelligence] and OSINT [Open-Source Intelligence] Analysis (Rapid7 Intsights / Cisco Talos)
Decoding String and URLs Activity (CyberChef)

Cyber Security Analyst - SOC Tier 1
Apprenticeship
Brembate, Lombardy, Italy · On-Site
September 2022 - May 2023 (8 Months)

Tasks:

Monitoring, Analysis and Reporting of IT Security Incidents
SIEM [Security Information and Event Management] Monitoring and Analysis (Splunk / Microsoft Azure Sentinel / IBM Qradar / Exabeam)
XDR [Extended Detection and Response] / EDR [Endpoint Detection and Response] Monitoring and Analysis (Falcon Crowdstrike / Trellix Fireeye / Sentinel One / Trend Micro / Darktrace)
Static and Dynamic Malware Analysis (Virus Total / Joe Sandbox / Any.Run)
IPs, URLs and Domains Analysis (AbuseIPdb / URL Scan / Whois / Central Ops)
Cloud Security (Zscaler / Microsoft Defender ATP [Advanced Threat Protection])
User Behavior Analysis via DLP [Data Loss Prevention] (Exabeam / FIT [Forcepoint Insider Threat])
Mail Spam and Phishing Analysis (Email Headers / Proofpoint / PhishER / MXToolBox)
Firewall / WAF [Web Application Firewall] Monitoring and Analysis (Palo Alto / Fortinet / Imperva)
Network and Web Monitoring and Analysis (Observium / Wireshark / Shodan / Censys / Wappalyzer)
PAM [Privileged Access Management] Solutions (CyberArk)
NDR [Network Detection and Response] Monitoring and Analysis (Vectra AI)
ICS [Industrial Control Systems] Monitoring and Analysis (Nozomi)
CTI [Cyber Threat Intelligence] and OSINT [Open-Source Intelligence] Analysis (Rapid7 Intsights / Cisco Talos)
Decoding String and URLs Activity (CyberChef)

Private Tutor

Freelance
Milan, Lombardy, Italy · Hybrid
March 2021 - September 2022 (1 Year 6 Months)

Private Tutor about Computer Science Subjects:

Programming Languages
Software Development
Web Development
System Administration
Network Administration

Education and Training:

OverNet Education

Computer and Information Systems Security
Milan, Lombardy, Italy · Remote
September 2023 - September 2023

Preparatory course "Certified SOC Analyst (CSA)" to obtain the certification "Certified SOC Analyst v1 (C|SA v1)".
Topics:

Security Operations and Management
Understanding Cyber Threats, IoCs and Attack Methodology
Incidents, Events and Logging
Incident Detection with Security Information and Event Management (SIEM)
Enhanced Incident Detection with Threat Intelligence
Incident Response

I.I.S Curie - Sraffa

Highschool Diploma, Computer Science and Technology
Milan, Lombardy, Italy · On-Site
September 2016 - July 2022 (5 Years 10 Months)

Operating Systems:

Windows
Debian
Kali Linux
Parrot OS

Programming Languages:

Python (Console / OOP [Object Oriented Programming] / File / DJango / Flask)
HTML5 [Hyper Text Markup Language 5]
C (Console)
Visual Basic (Console / Visual)
CSS3 [Cascading Style Sheets 3] (Vanilla / Bootstrap)
Java (Console / OOP [Object Oriented Programming] / Multithreading / File / JCE [Java Cryptography Extension] / Socket / JSSE [Java Secure Socket Extension] / Servlet / JSP [Java Server Pages] / MVC [Model View Controller] / DAO [Data Access Object] / JDBC [Java Data Base Connectivity] / Rest Services with Springboot)
Javascript (Vanilla / OOP [Object Oriented Programming] / Regex / JSON [JavaScript Object Notation] / JQuery / Node.JS)
PHP (Vanilla / OOP [Object Oriented Programming])
Relational Databases (MYSQL / PostgreSQL)

Networking:

ISO/OSI [International Standards Organization / Open Systems Interconnection]
TCP/IP [Transmission Control Protocol / Internet Protocol]
Cisco Packet Tracer
Apache Server on Debian-Based Endpoint
Telnet
SSH [Secure Shell]
RDP [Remote Desktop Protocol]
FTP [File Transfer Protocol]
DNS [Domain Name System] with BIND9
DHCP [Dynamic Host Configuration Protocol]
Routing Protocols (Static / Dynamic)
Port Forwarding

Cyber Security:

Network Sniffer (Wireshark)
Man-In-The-Middle (Ettercap)
Cryptography (Keytool / PGP [Pretty Good Privacy] / GPG [Gnu Privacy Guard])
VLAN [Virtual Local Area Network] (Untagged - Access / Tagged - Trunk / Router on a Stick)
ACL [Access Lists] (Standard / Extended / CBAC [Context Based Access Control])
VPN [Virtual Private Network] with ASA [Adaptive Security Appliance] 5505 and Router 1841

Certifications

INE Certified Cloud Associate (ICCA) November 12, 2024 - November 12, 2027

eLearnSecurity Junior Penetration Tester v2 (eJPT v2) June 30, 2024 - June 30, 2027

Certified SOC Analyst v1 (C|SA v1) December 14, 2023 - December 13, 2026

Microsoft Certified: Security Operations Analyst Associate (SC-200) July 19, 2023 - July 20, 2024 (Expired)

Competitions

Hack The Box CTF

Cyber Apocalypse CTF 2025: Tales from Eldoria
Team: OffSecThink
March 2025
Result: 697th out of 8130 Teams

Cisco

Junior IT Academy - NetRiders
February 2022
Result: 80th out of 232

Ranks

Try Hack Me - 0x9 [Mage]

Hack The Box - Hacker

Blue Team Labs Online - Initiate

Cyber Defenders - Rookie

KC7 Cyber - Level 10 [Associate Security Operations Analyst]

Volunteering

S.S. Nabore e Felice Oratory

Educator
Milan, Lombardy, Italy · On-Site
March 2021 - July 2025 (4 Years 4 Months)

Animator
Milan, Lombardy, Italy · On-Site
September 2016 - July 2019 (2 Years 10 Months)

Additional Information

Driving Licenses
Italian Driving Licenses:
- AM
- B

View my Curriculum Vitae