Stelios
Gasparinatos
Cybersecurity and technology executive with 15 years of experience across information security, software engineering, and cloud architecture. Founder of Disect.io, delivering ISO 27001 certification, security audits, and vulnerability assessments.
About Me
Cybersecurity and technology executive with 15 years of experience across information security, software engineering, and cloud architecture. Founder of the cybersecurity firm Disect.io, delivering ISO 27001 preparation & certification, security audits, security architecture design, and vulnerability assessments.
Founder & CTO of Finloup SA (raised €2 million in funding), also serving as DPO, leading GDPR, PCI-DSS, ISO 27001 compliance, and cloud security on AWS.
Extensive background in CISO-as-a-Service, risk assessment, ISMS implementation, and OT cybersecurity projects. Led successful ISO 27001 preparation and certification engagements for organizations across multiple sectors.
Designed security architectures aligned with IEC 62443, NIST CSF, and ISO standards for critical infrastructure including metro systems and national transport networks in Greece, Singapore, and Israel.
Professional Experience
Disect.io
Founder & Principal Cybersecurity Consultant
- ▸Founded boutique cybersecurity firm providing GRC and technical security services
- ▸Led successful ISO 27001 preparation and certification engagements for organizations across multiple sectors
- ▸Provided CISO-as-a-Service and advisory on risk management, data protection, and compliance strategy
- ▸Conducted vulnerability assessments and security audits for corporate clients
- ▸Designed security architectures aligned with IEC 62443, NIST CSF, and ISO standards
- ▸Currently designing and implementing an AI-driven GRC platform
Finloup SA
Chief Information Officer / Chief Technology Officer / Security & Data Protection Officer
- ▸Founder and CIO/CTO of Finloup SA, a fintech startup raising €2 million in funding
- ▸Architected and managed cloud infrastructure on AWS supporting secure, scalable financial services
- ▸Designed service architecture using Python, Django, PHP, and JavaScript; led development teams
- ▸Integrated Finloup services with payment providers, open-banking APIs, credit bureaus, ERP/CRM, and governmental systems
- ▸Assessed information security risks and implemented mitigation controls across cloud and application platforms
- ▸Oversaw GDPR and PCI-DSS compliance, acting as Data Protection Officer and Security Officer
- ▸Evaluated and implemented technologies in KYC, payments, e-signature, and e-commerce ecosystems
- ▸Leading digital-transformation initiatives across all operational processes
Cyber Noesis P.C.
Senior Information Security Consultant
- ▸Organized and managed GRC consulting team
- ▸Delivered GRC projects for leading Greek organizations (insurance, digital marketing, banking, physical security sectors)
- ▸Served as Information Security and Data Protection Officer for corporate clients
- ▸Managed information security programs, risk assessments, and ISO 27001 certification projects
- ▸Designed information security architectures for complex IT and OT infrastructures
- ▸Delivered security projects for transport organizations in Greece, Singapore and Israel
- ▸Conducted vulnerability assessments and awareness training programs
- ▸Led security assessments for critical infrastructure systems (ICS/SCADA security designs and controls)
ILKA S.A.
Software Engineer & System Administrator
- ▸Developed software and system solutions supporting critical physical security infrastructure and IoT equipment
- ▸Integrated alarm communication systems between all Greek Banks and the Hellenic Police
- ▸Designed applications in VB.NET and Python; integrated mobile communication services
- ▸Administered Linux, Windows servers and datacenter monitoring systems
- ▸Provided technical support and incident response for mission-critical deployments
Military Service - Greece
Digital Systems & Cryptographic Equipment Operator - Communications
- ▸Managed and maintained the military online correspondence system, ensuring secure and reliable communications
- ▸Assisted in the maintenance and troubleshooting of military servers supporting classified and operational networks
- ▸Participated in cyber defense readiness and war simulation exercises
- ▸Supported encryption systems and digital communication equipment, maintaining operational integrity and compliance with defense-grade security standards
NewsPhone Hellas
Customer Support & Office Clerk
- ▸Handled public insurance customer support and appointment management
- ▸Streamlined administrative processes and issue resolution for medical service requests
Featured Projects
Selected cybersecurity projects for critical infrastructure and national security
Greek Metropolitan Rail Infrastructure – Information Security Architecture & Risk Assessment
Led the Information Security Architecture development for a major Greek metropolitan rail project, covering both Operational Technology (OT) and Information Technology (IT) environments.
- ▸Designed the security zone and conduit model based on IEC 62443/EN 50701 frameworks, ensuring defense-in-depth and secure segregation of systems
- ▸Conducted comprehensive risk assessments and control mapping aligned with ISO/IEC 27001, NIS Directive, and EU cybersecurity regulations
- ▸Collaborated with engineering teams, integrators, and stakeholders to embed cybersecurity-by-design principles
- ▸Provided strategic recommendations for continuous monitoring, incident response, and regulatory compliance assurance
Metropolitan Traffic Management System Cybersecurity Program
Conducted the Information Security Architecture design for the LTA's Metropolitan Traffic Management and Control System, aligning with IEC 62443 and NIST SP 800-82 standards.
- ▸Developed detailed System Security Plans (SSPs) to define and document technical, procedural, and operational security controls
- ▸Performed risk assessments and threat modeling across IT and OT subsystems
- ▸Ensured compliance with international security frameworks and local regulatory requirements
- ▸Collaborated with system integrators and engineering teams to embed cybersecurity-by-design principles
- ▸Delivered actionable mitigation strategies, strengthening the resilience of critical transport infrastructure
Cybersecurity Design for Critical Transport Infrastructure
Conducted independent security architecture assessment and design for the consortium awarded the national transport modernization project.
- ▸Conducted security architecture assessment for the national transport modernization project (2018)
- ▸Evaluated the design and implementation of IT and OT security architectures
- ▸Ensured compliance with IEC 62443, ISO/IEC 27001, and NIST CSF standards
- ▸Reviewed network segmentation, access control models, and incident response readiness
- ▸Advised consortium stakeholders and government representatives on aligning security controls with project governance
Skills & Expertise
Security & Compliance
Cloud & Infrastructure
Development
OT/ICS Security
Certifications
Specializations
Education
M.Sc. in Information Security
University of Piraeus
GPA: 9.4 / 10
Thesis: Malware Development with the Use of Known Techniques
B.Sc. in Computer Science
University of Piraeus
GPA: 7.4 / 10
Thesis: Simulation of hand movement using inertial sensors
Languages
Interests
Get In Touch
Looking for a cybersecurity consultant or CISO-as-a-Service? Let's discuss how I can help secure your organization and achieve compliance.
Services Offered
- ▸ISO 27001 Preparation & Certification
- ▸CISO-as-a-Service
- ▸Security Architecture Design
- ▸GRC Consulting
- ▸Vulnerability Assessments
- ▸OT/ICS Security for Critical Infrastructure
- ▸GDPR & PCI-DSS Compliance
- ▸Risk Assessment & Management
- ▸Cloud Security Architecture (AWS)
- ▸Digital Transformation & Automation