Giacomo Zanatta
Cyber Security Engineer & PhD Candidate — Ca' Foscari University of Venice
professional summary
Cyber Security Engineer and Technical Leader combining 3+ years of formal security research with 5 years of industrial software delivery. I make invisible threats visible. At Amazon Web Services, I built automated taint analysis pipelines for security-critical codebases and developed a precision classification methodology that quantified the trustworthiness of ~75% of all reported vulnerability traces. In my PhD, I am building a real-time network security firewall for ROS2 that detects anomalous behaviour and compromised nodes in robotic systems. My approach bridges mathematical rigour (static analysis, formal verification, abstract interpretation) with hands-on engineering in security-critical production environments. Proven track record of leading cross-functional teams, owning project delivery end-to-end, and thriving in multinational settings across Italy, France, and the United States.
experience
Applied Scientist Intern — Cross-Team Project Lead
Amazon Web Services (AWS) — Austin, TX, USA
May 2026 – Aug 2026
- Leading a cross-organisational security project bridging two independent AWS security teams (Austin and New York), integrating complementary analysis systems into a unified vulnerability detection pipeline.
- Coordinating deliverables and aligning technical direction across distinct engineering cultures, managing bidirectional dependencies within a 12-week timeline.
- Integrating formal verification techniques into scalable security analysis services, contributing to automated vulnerability detection in AI-assisted development workflows.
Applied Scientist Intern — Project Owner
Amazon Web Services (AWS) — New York, NY, USA
Jun 2025 – Sep 2025
- Owned end-to-end delivery of a 12-week security analysis research project, defining scope through customer-driven requirements, managing week-to-week milestones, and aligning stakeholders on technical direction.
- Developed a precision classification methodology that quantified the trustworthiness of ~75% of vulnerability traces, identifying 5 critical sources of over-approximation and enabling systematic filtering of false positives.
- Designed and implemented taint analysis techniques to automatically detect security vulnerabilities in large, safety-critical codebases.
- Performance led to direct invitation for a second internship in an expanded cross-team leadership role (AWS Austin, 2026).
Technical Leader
Alpenite s.r.l. — Venice, Italy
Feb 2021 – Aug 2023
- Promoted from junior developer to Technical Leader in 2 years, leading a team of 3–4 developers across 3 concurrent luxury e-commerce projects (Pinko, Monnalisa, Jil Sander).
- Served as primary technical interface between clients, external vendors (ERP, CRM providers), and the project manager.
- Architected and deployed a middleware integration layer in Go connecting e-commerce, ERP, and CRM systems with JWT-based authentication.
- Managed payment processing integrations (Adyen, Google Pay, Apple Pay) and automated order export pipelines.
Software Engineer
Alpenite s.r.l. — Venice, Italy
Jan 2019 – Feb 2021
- Developed and integrated backend services within Salesforce Commerce Cloud (SFRA/Node.js) for high-traffic luxury e-commerce platforms.
- Contributed to architecture design and production deployment of distributed systems.
education
PhD in Computer Science
Ca' Foscari University of Venice — Venice, Italy
Supervisor: Prof. Pietro Ferrara
Sep 2023 – Apr 2027
- Published at 4 peer-reviewed venues including IROS and TACAS in 2.5 years.
- Member of the Software and System Verification (SSV) Research Group.
- Core developer of JLiSA, a Java static analyser ranked 3rd worldwide at SV-COMP 2026.
- Developing a real-time network security firewall for ROS2 with live traffic introspection, anomalous behaviour detection, and dynamic policy enforcement.
- Research on automated security analysis and static architecture reconstruction of distributed microservices.
- Visiting Researcher at INRIA Antique Lab, ENS Paris (Sep–Dec 2024).
- Teaching assistant for Software Architectures, Programming, System Administration, and Static Analysis (30–150 students).
M.S. in Computer Science — Software Dependability & Cybersecurity
Ca' Foscari University of Venice — Venice, Italy
Sep 2018 – Jul 2023
- Core coursework in Security (system, network, web), Cryptography, Software Correctness & Reliability, Formal Methods for System Verification.
- Thesis: LiSA and ROS — Static Analysis for Robotics.
B.S. in Computer Science
Ca' Foscari University of Venice — Venice, Italy
Sep 2015 – Oct 2018
skills
Security & Verification
- Static Analysis
- Taint Analysis
- Formal Methods
- Abstract Interpretation
- Policy Verification
- Network Security Monitoring
- OWASP
Programming
- Java
- Python
- Go
- C/C++
- TypeScript
- Node.js
- Bash
Frameworks & Tools
- Spring
- FastAPI
- Docker
- Kubernetes
- CI/CD
- Git
- ROS2
- Linux
- Metasploit
- Nmap
- Wireshark
Domains
- Cyber-Physical Systems
- ROS2 Robotics
- Microservices
- Cloud Security (AWS)
- Safety-Critical Software
- Access Control & Policy Enforcement
Emerging Technologies
- Large Language Models (LLMs)
- Agentic AI workflows
- AI-assisted development tools (Claude Code, GitHub Copilot)
certifications & continuing education
- Currently studying for PRINCE2 certification.
- European Patent Office: Create – Protect – Innovate (75h, 2025).
- Summer Schools: Abstract Interpretation (Lipari 2024), Software Security (Marktoberdorf 2024).
languages
- English (fluent)
- Italian (native)
behavioral skills
- Leadership, cross-functional collaboration, project ownership, stakeholder communication, problem-solving, adaptability in international environments.
- Amazon Leadership Principles: ownership, bias for action, delivering results, earning trust, learn and be curious.