Rômulo Rocha Email & Phone Number
Who is Rômulo Rocha? Overview
A concise factual answer block for searchers comparing this professional profile.
Rômulo Rocha is listed as Lead Information Security Engineer at Nubank, a with 10115 employees, based in Rio De Janeiro, Brazil. AeroLeads shows a matched LinkedIn profile for Rômulo Rocha.
Rômulo Rocha previously worked as Security Engineer Manager SOC at Nubank and Incident Response Team Manager (CSIRT) at Nubank. Rômulo Rocha holds Pós Graduação, Msi - Master Of Information Security from Universidade Federal Do Rio De Janeiro.
Email format at Nubank
This section adds company-level context without repeating Rômulo Rocha's masked contact details.
Review company-level records connected to Rômulo Rocha before choosing the right outreach path.
About Rômulo Rocha
I am an experienced Information Security professional with over 15 years in the field. My career has afforded me the opportunity to contribute to major projects and organizations, where I have played a key role as an Incident Handler and Technical Manager. I have developed expertise in building and leading CSIRT teams (Incident Response Teams) for critical operations, such as the Rio 2016 Olympic Games, which reached over a billion spectators, and Nubank, LATAM's largest digital bank, serving over 100 million clients. In these roles, I have successfully managed incidents involving international organizations across multiple countries.My expertise has also led me to speak at major security events worldwide, including FIRST.org in the US, secTOR in Canada, Nippon CSIRT Forum in Japan, and three times at the CSIRT Fórum in Brazil.Main Skills:- CSIRT Team & Service Management: Skilled in building from zero and managing services and teams.- Automation with SOAR Technologies: I excel in leveraging SOAR tools to solve real problems and provide data-driven insights, recognizing that a SOC without automation is a failed SOC.- Incident Investigation & Report Writing: Proficient in conducting thorough investigations and producing detailed reports.- Log Analysis Expertise: Extensive experience analyzing logs across platforms like AWS, Google Cloud, web servers, IPS, EDRs, Windows, and more.- Anomaly Detection with Splunk & Regex: Advanced skills in using Splunk and Regex for detecting anomalies.- Extensive knowledge of security tools including The Hive, Jira, Torq, Tines.io, Chronicle, Splunk, MISP, OpenCTI, OsQuery, Microsoft EDR, Palo Alto Cortex, Palo Alto Firewalls, AWS GuardDuty, Cisco Sourcefire, etc.
Listed skills include Pci Dss, Information Security Management, Vulnerability Management, Incident Management, and 46 others.
Rômulo Rocha's current company
Company context helps verify the profile and gives searchers a useful next step.
Rômulo Rocha work experience
A career timeline built from the work history available for this profile.
Security Engineer Manager Soc
CurrentLeading a focused team of engineers and SMEs engaged in answering and creating solution of hard questions/problems to SOC. We build/buy tools and platforms to solve problems.- Is that possible to automatize an L1 triage?- How to be effective in grouping, enriching, and correlating security alerts automatically?- How to scale SOC platforms delivering context and usability to incident responders?- How to deliver quality and consistency in incident coordination and… Show more Leading a focused team of engineers and SMEs engaged in answering and creating solution of hard questions/problems to SOC. We build/buy tools and platforms to solve problems.- Is that possible to automatize an L1 triage?- How to be effective in grouping, enriching, and correlating security alerts automatically?- How to scale SOC platforms delivering context and usability to incident responders?- How to deliver quality and consistency in incident coordination and response?- How to make regulators and stakeholders happy with quality data and reports? Show less
Incident Response Team Manager (Csirt)
Responsible for building an Incident Response Team from scratch, managing a multi-country team, and supporting them to achieve their best work. Starting from day zero to scale up to multiple products and countries. - Building and designing platforms to scale up Security Ops, processing alerts, reducing false positives, and giving autonomy to incident handlers to perform their job.- Managing a diverse multi-country team to help them achieve their best.- After the initial ramp-up… Show more Responsible for building an Incident Response Team from scratch, managing a multi-country team, and supporting them to achieve their best work. Starting from day zero to scale up to multiple products and countries. - Building and designing platforms to scale up Security Ops, processing alerts, reducing false positives, and giving autonomy to incident handlers to perform their job.- Managing a diverse multi-country team to help them achieve their best.- After the initial ramp-up period, we got approved to be a team member of FIRST.org (https://www.first.org/members/teams/nubank_csirt).- Responsible for delivering great services in multiple countries in LATAM, delivering security through services like incident triage, handling, and coordination.- Besides my organization, I'm an active member of FIRST Group which is challenging the status quo and looking for an improvement in how to measure security based on security services, more about our work here (https://www.first.org/global/sigs/metrics/) Show less
Lead Information Security Engineer
Lead Security Engineer at SOC, supporting other engineers and working to scale up our CSIRT team, building:- Metrics to be shared- SOC Process- Incident response capabilities (tooling and process)- Integrations- Strategic roadmap
Senior Information Security Engineer
Member of SOC Squad, working with incident investigation and response areas, responsible for delivering a new policy to deal with incidents, handling incidents and coordinating crisis, investigation, and preparing the foundation to scale a CSIRT team.
Senior Information Security Analyst
Working at SOC team, responsible for incident response, playbook creation, processes improvement and investigations. - Incident response- playbook creation- Microsoft EDR/ATP Admin- Malware and Forensics analysis on Windows environment
Senior Information Security Consultant
Information Security consultant, working on incident response and threat hunting.- Working with Splunk to design new rules for SOC;- Forensic investigations and malware analysis;- Log Analysis of webservers, firewalls, ips, authentication tools, active directory, endpoint hardening tools, mobile, etc;- Amazon AWS log analysis;-Deploying and testing solutions for incident response and investigations like Hive, Cortex, Misp and osquery;
Information Security Specialist
Incident response leader at CSIRT, member of team responsible to guarantee cybersecurity of Rio 2016 Summer Olympic Games. Our main challenges are, rapid growth of users, relationship with government agencies, multiple partners to coordinate, enormous exposition in global media and complex infrastructure to deal before and during games time.My main responsibilities:- Responsible to develop strategy for Incident Response implementation;- Leader of Incident Response team… Show more Incident response leader at CSIRT, member of team responsible to guarantee cybersecurity of Rio 2016 Summer Olympic Games. Our main challenges are, rapid growth of users, relationship with government agencies, multiple partners to coordinate, enormous exposition in global media and complex infrastructure to deal before and during games time.My main responsibilities:- Responsible to develop strategy for Incident Response implementation;- Leader of Incident Response team (CSIRT);- Threat analysis and incident response using wireshark, paloalto, sourcefire, splunk, symantec sep, symantec atp and others tools. Correlation of events between SIEM, NIPS, MSS and multiple data sources.- Coordination of a team that is doing deployment of multiples security tools as antivirus, data leak protection, cryptography, and software/patch management (Altiris) from our security partner Symantec. (during project phase);- Vulnerability assessment;- Responsible to coordinate incident flow between different teams (gov, partners, sponsors and committees); Show less
Information Security Analyst
• Incident Response / Malicious Code Management (AntiVirus, Anti-malware, Phishing) / Vulnerabilities Management) : - Designing and implementation of operational process; - Definition of metrics, executive reports and KPI; - Coordination and Guidance for Incident Response Process (identification and mitigation) - Guidance and Operation Designing for Vulnerability/Threats Management Process (using Mcafee Foundstone) - Outbreak and Crisis Management;… Show more • Incident Response / Malicious Code Management (AntiVirus, Anti-malware, Phishing) / Vulnerabilities Management) : - Designing and implementation of operational process; - Definition of metrics, executive reports and KPI; - Coordination and Guidance for Incident Response Process (identification and mitigation) - Guidance and Operation Designing for Vulnerability/Threats Management Process (using Mcafee Foundstone) - Outbreak and Crisis Management; - Content Filtering Management : - Knowledge of Bluecoat Proxy, Bluecoat Content Filtering and Bluecoat Reporter; • Security Awareness Programs : - Instructor of Security Awareness Programs inside the company, more than 40 classes given. - Responsible of content and program updates;• Mobile Security definitions - Part of group that is creating new policies regarding Mobile Security; - Definition of BYOD policies; - Assessment on OS of different devices as IOS, Windows Mobile and Android; Show less
Information Security Consultant
As consultant I did PCI DSS audits, remediation and certification projects, performed auditing process of Security controls like physical security, data cryptography, firewall standards, servers hardening, log management and policies. I did as well implementation of security products like Mcafee Web Security Gateway with SSL Scanner, Vulnerabilities analysis (Mcafee Foundstone, Accunetix and NeXpose), hardening of Windows Servers and penetration testing (Linux tools, Nmap, Nessus, Hydra… Show more As consultant I did PCI DSS audits, remediation and certification projects, performed auditing process of Security controls like physical security, data cryptography, firewall standards, servers hardening, log management and policies. I did as well implementation of security products like Mcafee Web Security Gateway with SSL Scanner, Vulnerabilities analysis (Mcafee Foundstone, Accunetix and NeXpose), hardening of Windows Servers and penetration testing (Linux tools, Nmap, Nessus, Hydra, NetDiscover, Aircrack, etc). Show less
Information Technology And Risk Management Senior Consultant
As consultant I had the opportunity to work in big companies in Brazil and in different types of segments like oil and gas, insurance, banks and technology. My main projects on those fields were , mapping of IT Controls for compliance (SOX and audit), GRC for SAP and testing of it security controls.
Help Desk Level 3 Support Analyst
Help desk giving support to all offices in Brazil (almost 20). The majority of this work was troubleshooting issues related to network operations, windows support and specific printers problems.
Colleagues at Nubank
Other employees you can reach at nubank.com. View company contacts for 10115 employees →
Elves Sampaio 🏳️🌈
Colleague at NubankSão Paulo, Brazil
View →
GS
Guilherme Soares
Colleague at NubankSão Paulo, Brazil
View →
VT
Victor Tavares
Colleague at NubankSão Paulo, Brazil
View →
IH
Ian Hellström
Colleague at NubankGreater Hamburg Area, Germany
View →
MR
Miguel Rodrigues Mauricio
Colleague at NubankJundiaí, São Paulo, Brazil
View →
MB
Maria Beatriz
Colleague at NubankSão Paulo, Brazil
View →
PG
Pedro Gabriel Martins Cesario
Colleague at NubankSão Paulo, Brazil
View →
IA
Isabelle Almeida
Colleague at NubankSão Paulo, Brazil
View →
MZ
Mariane Z.
Colleague at NubankSão Paulo, Brazil
View →
GA
Graziele Arantes
Colleague at NubankSão Paulo, Brazil
View →
Rômulo Rocha education
Pós Graduação, Msi - Master Of Information Security
Bacharelado, Computer Systems Analysis/Analyst
Frequently asked questions about Rômulo Rocha
Quick answers generated from the profile data available on this page.
What company does Rômulo Rocha work for?
Rômulo Rocha works for Nubank.
What is Rômulo Rocha's role at Nubank?
Rômulo Rocha is listed as Lead Information Security Engineer at Nubank.
Where is Rômulo Rocha based?
Rômulo Rocha is based in Rio De Janeiro, Brazil while working with Nubank.
What companies has Rômulo Rocha worked for?
Rômulo Rocha has worked for Nubank, Vale, Tempest Security Intelligence, Comitê Organizador Dos Jogos Olímpicos E Paralímpicos Rio 2016™, and Cipher - Segurança Da Informação.
Who are Rômulo Rocha's colleagues at Nubank?
Rômulo Rocha's colleagues at Nubank include Elves Sampaio 🏳️🌈, Guilherme Soares, Victor Tavares, Ian Hellström, and Miguel Rodrigues Mauricio.
How can I contact Rômulo Rocha?
You can use AeroLeads to view verified contact signals for Rômulo Rocha at Nubank, including work email, phone, and LinkedIn data when available.
What schools did Rômulo Rocha attend?
Rômulo Rocha holds Pós Graduação, Msi - Master Of Information Security from Universidade Federal Do Rio De Janeiro.
What skills is Rômulo Rocha known for?
Rômulo Rocha is listed with skills including Pci Dss, Information Security Management, Vulnerability Management, Incident Management, Incident Response, Antivirus, Security Operations Center, and Information Security Consultancy.
Search by job title, company, industry, location, and seniority. Export verified B2B contact data when you need it.
Start free trialCheck these profiles if this is not the Rômulo Rocha you were looking for.
View similar profiles