Na Dfense, além de ser responsável pela condução da segurança interna, tenho um papel central de cuidar do relacionamento e interface com os CISOs dos clientes, provendo uma ancoragem de confiança e conselheiro sobre experiências e soluções para cada negócio.

O seu podcast de cibersegurança apresentado por Bruno Lauterjung (TI INSIDE) e comentado por Felipe Thomé.

Dentro do Instituto Regar, nós desenvolvemos o acompanhamento de pessoas que buscam melhor colocação no mercado de trabalho de tecnologia da informação porém não possuem recursos tecnológicos, humanos nem financeiros para se prepararem para a competitividade atual.Desenvolvemos um trabalho de orientação guiada para avançar na capacitação e transformar a vida do profissional de uma situação comum para ser uma pessoa diferenciada.Também realizamos parcerias com empresas que queiram apostar nessa inclusão porém não possuem meios de internalizar uma curva de aprendizagem. Essa proximidade nos torna apto a acelerar essa curva para esses profissionais, os entregando melhores ambientados para cada empresaNão somos coach!Não somos headhunting!Não somos jobs seeker!Somos um grupo de voluntários que buscam dar mais oportunidades para as pessoas que precisam, a fim de levar mais condição de igualdade para encarar o tão competitivo mercado de trabalho.

Strategic Oversight: Develop and implement a comprehensive information security and engineering of access management strategy in line with the company's goals, culture and objectives;Risk Management: Identify, evaluate, and prioritize IT, security and access risks, ensuring that risk levels are managed within defined tolerance thresholds;Policy & Procedure Development: Create, maintain, and oversee the implementation of iFood Security Framework;Access Management: Oversee the design, implementation, and management of secure access control mechanisms (SSO), ensuring they are well connectec and integrated; Also, ensuring the proper level of access is applied in a perfect shape of permissions; Business Continuity: Develop, test, and maintain business continuity plans, ensuring the organization's resilience against disruptions;Regulatory Compliance (BACEN and PCI): Ensure the organization is compliant with BACEN (Central Bank of Brazil) regulations and Payment Card Industry (PCI) standards. Coordinate and oversee periodic compliance checks;Audit Support: Coordinate with internal and external auditors, providing necessary support and ensuring that audit recommendations are addressed in a timely and effective manner;Team Leadership & Development: Lead and mentor the team, fostering a culture of continuous improvement and professional growth, leading exciting people on the journey; Stakeholder Collaboration: Collaborate with different departments and leaders within the organization to integrate security, access management, business continuity, and regulatory considerations into all projects.Vendor Management: Evaluate and select solutions/vendors related to the department’s focus, ensuring alignment with the company’s strategy and budget.Reporting: Regularly report to senior leadership on the status of initiatives, risks, and compliance within the realm of information security but for all other business areas.

Mentoring pro bono in a study group to prepare CISSP candidates to the exam.

Security tooling configuration – Lead to bring into current services and platforms new capabilities, including tuning, configuration and optimisation;Security tooling maintenance and support – Manage the maintenance and support of security tools group-wide and services, including contracts, budgets and service agreements to meet requirements;Security Services (Identity & Access Management) – Provide Group-wide IDAM services including application onboarding IDAM life-cycle;Security Services (Vulnerability Management) – Provide Group-wide Vulnerability Management services, including the oversight and reporting on patching and support compliance; on asset management; and on Penetration Testing/Bug Bounty remediation activity;Budget control and optimisation – Work in-line with strategic workstreams to continually improve the efficiency and cost of security tooling or, for current and new services.

Head of IT Cybersecurity Operations - Latam|||| Team members: 33Responsible for leading;Detection, Monitoring & Audits: Baselines and Asset Management, active monitoring of cyber eventsResponse & Recovery: Pro active incident avoidance activities and incident response for cybersecurity Engineering: Conduction of projects and minor demands of security controls, tooling and vulnerability managementPAM/IAM: Core team to integrate servers, applications, infrastructure and core solutions, acting in agile model and N2 for access management user servicesIT Infrastructure Audits: SPoC for Internal, External and SOxTechnical leader for long-term (3yrs) Cybersecurity Maturity Programme Pairing with local BISO and Global Security Leaderships

Go To Market! Development of cybersecurity opportunities to increase the maturity of cyber to our clients regarding strategy, risks, compliance, resiliency, data privacy, identity and access management and next generation security operation response.Pipeline control, development of technical and commercial proposals and engagement of areas to compose solutions for more multiples service lines.Conduct projects (management of human and financial resources, scope, quality and expectations) of strategy, risks, compliance, resiliency, data privacy, identity and access management and next generation security operation response implementations.Professional advice for career development of team members at trainee level, consultants and seniors.Also, responsible to structure architecture, engineering and emerging technologies products, projects and offers as Chapter Leader.

The main responsabilities that I have as Information Security Architect is:- Main contributor of security concepts at designing solutions (systems and applications) phases to ensure quality and accomplish the security requirements overall- Verify the security effectiveness over PenTests and Code Reviews- Ensures inadequate information risks are being addressed and technical, architectural or design decisions will not lead to violations of security policies- Be engaged on all stages of system design and implementation until project completion- Reviewer to design specifications and identify system use scenarios with potential security implications- Evaluate documented system architecture to determine if it meets the secure infrastructure requirements- Assess the system architecture to identify potential security threats and vulnerabilities and determine their impact via Threat Modeling using DFD (C4Model)- Develop internal documents that detail identified threats, technical countermeasures to implement, and other measures which ensure systems fail securely, provide defense in depth, and exercise the concept of least privilege access

Security Operations LeaderSecurity Operations group is responsible to analyze and improve the ongoing environments and act on demands as RFC tasks, services requests and incidents related with security solutions already supported. The team Security Operations is directly responsible to:- Plan and do health check rotines;- Analyze managed environments to apply best practices;- Validate and execute RFC tasks;- Solve incidents and services requests;- Keep all supported solutions up-to-date- Lead and drive the SOCCERT LeaderThe CERT Brazil is an organization responsible to receive, analyze and respond notifications and activities related to security threats and risks, considering internal environments and customers environments. This group is responsible to:- Monitor and notify vulnerabilities;- Vulnerability and Patch Management;- Lead the Security Incidents Response Team;- Responsible for the life-cycle security measures;- Support the information Security Risk Management;

Responsible for IT Infrastructure and Security Projects and ongoing KPIs.Plan activities with Global Teams to fit the Global IT Portfolio to LBU needs and provide infrastructure for all of projects and business requirements.Main responsabilities: Manage local Infrastructure Unit KPIs of SLAs and Quality with ongoing teams, manage the project portfolio to centralize and implement entire global infrastructure and applications according the budget, delegate project and ongoing activities to technical and specialist teams and approach with solutions design global team to develop solutions to help selling and managing new and current business requirements.Some examples of projects in my responsabilities: Planning the Global Wide Services (LDAP) with others LBUs, Self-Service Windows 10 rollout, Change and increase VPN capabilities, wireless infrastructure replacement, remodeling File Server scope, replacement of old Core and Bridges switches and rollout International tools.

Responsible for b2c project as Infrastructure, which aims to add Latin America countries to the productive Rede Natura. Responsible for cost controlling, deadlines, risks, procurement, contracts, quality, scope and communication (Reporting executive and strategic level). Multidisciplinary teams Management as Engineering, SAP Basis, Middleware, Security Information Servers, Backup, Storage and Telecommunications / Network.I was also responsible for minor projects directly linked to business areas such as Mobile Apps construction and rebuild or new registration and functionality sites.

Responsible to manage the service level agreement, I use to practice relationship, PMI and ITIL skills to planning, delivery and keep the IT environment to customer that i´m in.Nowadays, i´m responsible to take care of a largest brazillian retail company with more than 800 stores spread throughout national territory.Environment envolving more than 100 Windows/Linux servers with Citrix, dabatabases (Oracle and MS SQL), webservers, applications and others, all of this integrated to the process of frontend (selling, billing, stock control and exchange) and backend attending HR, IT Tickets control, Legal, Documents, Colaboration and BI.

Responsible for planning and managing special DC projects, I´ve done and delivered project for many kind of industries as financial, e-commerces, services and commodities.Analyzing finance and costs, the success of them all were so good:- More than R$3MM for setup revenue- Considering the monthly recurring revenue values by activation date, ​​exceed monthly post-project values ​​of $ 12MM.

Responsável pelo planejamento na condução do ciclo de venda de produtos Symantec, Cisco, Citrix, CA, McAfee, auxiliando as equipes comerciais utilizando métricas de produção histórica e relacionamento com fabricante através do gerenciamento e estratégia de pré vendas.

Atuando como Consultor de Projetos de Storage e Virtualização