Omar Morando

A partner you can trust

What I Do

Cyber security OT

Ethical hacking, penetration testing, vulnerability analysis in OT domain. More then 20 years in OT/ICS Industrial Automation domain (SCADA, PLC, remote I/O, fieldbus).

ScadaSploit Framework

I'm the developer of "ScadaSploit", a framework which includes dozens of auxiliary modules and exploits dedicated to OT systems. It's widely used during sessions of vulnerability analysis and penetration testing.

Coding

Deep knowledge in software development for mobile robots, embedded systems, IoT and real-time. Languages: C/C++, Python, C#, Java. Frameworks: Qt/QML, PyQt, ROS.

Training & Consulting

Training and dissemination of issues related to cyber security, privacy and data protection. We can help you to evaluate the resources and impact of implementing your cyber security process from design to operational.

Resume

Experience

2010 - current
freelance

Cyber security, ethical hacker, developer

I'm a freelance security researcher and penetration tester focused on offensive OT/ICS application security, with 20+ years of experience in the industrial automation domain, working with SCADA, PLC, fieldbus, remote I/O most popular on the market • I'm a freelance security researcher and penetration tester focused on offensive OT/ICS application security, with 20+ years of experience in the industrial automation domain, working with SCADA, PLC, fieldbus, remote I/O. • Ethical hacking, penetration test, vulnerability analysis in OT domains. • I'm the developer of "ScadaSploit", a framework which includes dozens of auxiliary modules and exploits dedicated to OT systems, in particular PLC and SCADA mainly present on the Italian market. ScadaSploit is widely used during sessions of vulnerability analysis and penetration testing. • Training and dissemination on cyber security and ICS protection issues. • Design and development of real-time software on embedded systems for industry and mobile robotics.

2017 - 12/2019
DigiSky

R&D UAV Systems

I was part of the international team involved in the technical development and cyber security aspect of "Use case scenario" within the European Research and Innovation project "Horizon 2020 - CPSwarm", focused on the development of algorithms and control systems for swarms of drones, with self-organization and fully autonomous flight and with a secure communication layer between swarm agents.

2008 - 2010
Progea International

International Business Developer

I was in charge of further developing and managing worldwide sales for Progea, Italian company specialized in SCADA and HMI applications • Start-up of the new branch in Lugano, starting new subsidiaries and distributors • Building new professional teams • Training, technical support, sales forecasting, international marketing and communication, conventions and exhibition.

2005 - 2008
Caterpillar Group - CGT

Business Developer Manager

Reporting directly to the General Manager, I was in charge of business development working in close contact with other Managers • Market analysis, competition and geomarketing, which led to the improvement of commercial coverage and efficiency • Business development with targeted actions to strengthen the service network offer.

2000 - 2005
Schneider Electric

Marketing Manager - Industrial Automation

I was in charge of Marketing Development for electronic automation products, including: SCADA and PC based software, PLC, industrial PC, remote I/O and networks with a total turnover of over € 20 million.

1995 - 2000
Schneider Electric

Product Manager

I was responsible for major PLC lines, SCADA and PC based software. I acquired expertise in product marketing plans, competition analysis, price definition, promotions, exhibitions, events • Launch of new products, definition of sales budget and communication plans, creation of commercial documents • As a product specialist, I’ve provided technical support on ICS systems to the sales network in the pre/after-sales phase. • Training of sales network for new products and direct support for major clients • Speaker at dozens of technical conferences.

1990 - 1995
Schneider Electric

Software Engineer

Software Engineer for SCADA systems • Technical support on SCADA supervision software and networks, and joined the sales network at the pre/after-sales stage and for technical intervention at clients’ premises • Technical trainer • Development of SCADA and HMI applications, integration with new specific functionality using C/C++ language.

1987 - 1990
Comau - Robotic Division

Software Engineer

I worked in a team for development of new SCADA system for control and monitoring automated plants for Fiat Auto (SCADA based on Digital MicroVAX system).

Certifications

CompTIA PenTest+

CompTIA Security+

OffSec OSCP (pending)

Practical Ethical Hacking

Bug Bounty Hunting

Industrial CyberSecurity Certified Professional

Technologies

Cyber security, ethical hacking, pentesting

95%

SCADA, PLC, remote I/O, fieldbus

95%

Embedded systems, IoT, RTOS, Linux

90%

Frameworks: Qt/QML, PyQt, ROS

80%

I2C, SPI, CAN, GPIO, IRQ, UART, WiFi, Bluetooth

85%

Coding skills

C/C++

95%

Python

85%

C#

80%

Java

70%

RTOS /// multithreading

90%

What I do

Risk Assessment

Security consulting

Contact

Email: me [at] omarmorando [dot] com - Team member of https://cyberhood.eu

Fingerprint: 2297 5D4A 0516 9D93 0DE3 B318 1FEF 288E 0BE6 256F
PGP Key

How Can I Help You?