Designed and implemented a robust security pipeline for DevSecOps, integrating initiative monitoring processes and automations at all phases of the application development cycle, with a focus on early risk mitigation (shift-left).Effective leadership of technical teams, defining detailed work plans, establishing clear analysis steps and closely monitoring all activities. Conducted meticulous review of results and provided meaningful metrics to assess and track the evolution of the… Show more Designed and implemented a robust security pipeline for DevSecOps, integrating initiative monitoring processes and automations at all phases of the application development cycle, with a focus on early risk mitigation (shift-left).Effective leadership of technical teams, defining detailed work plans, establishing clear analysis steps and closely monitoring all activities. Conducted meticulous review of results and provided meaningful metrics to assess and track the evolution of the organization's cybersecurity maturity.Proactive people management, developing and implementing personalized personal development plans for each team member. Established and maintained open communication to manage team expectations, in addition to efficiently managing issues related to timekeeping, vacations and refunds.Specialization in defining solutions and implementing state-of-the-art tools to achieve the strategic objectives of information security, vulnerability management and maintaining compliance of the organization's assets. Ensure ongoing alignment of security practices with regulatory standards and industry best practices. Show less

Team leadership focused on cybersecurity in keeping up with development teams bringing information security as an essential part of the projects;Technical evaluation of system architectures looking for security flaws and possible improvements;Preparation and execution of information security committees focusing on the management vision of improvements and definition of action plans.

Leadership of multidisciplinary teams in secure development monitoring and penetration testing projects;Writing, reviewing and presenting technical and management reports;Assessment of security requirements and penetration testing in web and mobile systems;Monitoring and training developers in the secure development flow, helping from threat modeling at the beginning of the business idea to certification tests in productive environments.

Security assessment of systems, web applications and wireless network (Penetration Test and vulnerability analysis);Development of technical projects, consulting and auditing of information security with large organizations;

Security assessment of systems, web applications and wireless network (Penetration Test and Vulnerability Analysis);

Security assessment of systems, web applications and wireless network (Penetration Test and vulnerability analysis);Development of technical projects, consulting and auditing of information security with large organizations;Development and application of secure configuration methodologies (hardening) for Windows and Linux servers, respecting the level required for each service;Pre-audit and consultancy for PCI-DSS certification in entities that process card data.Elaboration of… Show more Security assessment of systems, web applications and wireless network (Penetration Test and vulnerability analysis);Development of technical projects, consulting and auditing of information security with large organizations;Development and application of secure configuration methodologies (hardening) for Windows and Linux servers, respecting the level required for each service;Pre-audit and consultancy for PCI-DSS certification in entities that process card data.Elaboration of tools for the execution of activities (Checklist for GAP analysis, responsibility matrices);Evaluation and preparation of documentation (policies, procedures and work instructions);Audit of the physical environment;Execution of Pentest (penetration test) in web environments and infrastructure.Preparation of reports for both operational and management levels. Show less