Guiding Yellow information security operation amid the latest business development. Ensuring security practices, monitoring, risk management and threat mitigation.Managing IT security resources assuring business continuity, systems availability, disaster recovery and security incident response readiness.Providing technical expertise on risk assessment, vulnerability management and mitigation, hands on network and cloud security, compliance with SAAS systems like Office365 suite… Show more Guiding Yellow information security operation amid the latest business development. Ensuring security practices, monitoring, risk management and threat mitigation.Managing IT security resources assuring business continuity, systems availability, disaster recovery and security incident response readiness.Providing technical expertise on risk assessment, vulnerability management and mitigation, hands on network and cloud security, compliance with SAAS systems like Office365 suite, managing third party MDR and security engineering. Show less

As the principal Cybersecurity Engineer, it is a hands-on job for Incident Response, Vulnerability Testing and Management, Threat Analysis and Mitigation, Develop Security Controls, Application Security Review, Use Case Automation, Security Analytics and Correlation, Cloud Security Integration, Threat intelligence Integration, Manage Security Systems, Define Detection Rules and fine tune alerts for SOC team.The job also included: Lead security operation, oversee security access models, MFA,… Show more As the principal Cybersecurity Engineer, it is a hands-on job for Incident Response, Vulnerability Testing and Management, Threat Analysis and Mitigation, Develop Security Controls, Application Security Review, Use Case Automation, Security Analytics and Correlation, Cloud Security Integration, Threat intelligence Integration, Manage Security Systems, Define Detection Rules and fine tune alerts for SOC team.The job also included: Lead security operation, oversee security access models, MFA, run Security PoC, report findings risk management, review and remediate penetration test results, create security metrics, coordinate security managed services and support compliances practices like SOX and CMMC. Write and review security incident response plan (IRP), security policy, procedures and operational handbooks.- SIEM: Cortex XSIAM, RSA Netwitness (correlation, log tailoring, user analytics, DLP policies, automation).- EDR: Contex XDR.- Vuln. Management/testing: Tenable SC, Nmap, OwaspZap, BurpSuite, Metasploit, Nikto.- SOAR: Cortex Xsoar.- Threat Intel: Cortex TIM, Wildfire, ProofPoint TRAP, VirusTotal, MitreAT&CK.- AWS: GuardDuty, CloudWatch, SecurityHub, CloudTrail, IAM, Inspector, Detective.- Azure: Azure AD, MFA/Conditional Access, Event Hub, Azure Monitor.- Email Security: ProofPoint and O365 Security.- Firewall: Palo Alto NGFW, Panorama, DataLake, URL Filtering. Show less

Contractor for ADNOC - Abu Dhabi National Oil Company.At Cybersecurity Engineer role with a client, cyber defense and threat analytics are the core of my function, being responsible to improve Security Operation KPIs, security use cases development, incident analysis and response, cybersecurity compliance with local regulations. Support on cloud security migration and security monitoring.- Run Email security analysis with Proofpoint, Fireeye and open source tools.- SIEM: migration… Show more Contractor for ADNOC - Abu Dhabi National Oil Company.At Cybersecurity Engineer role with a client, cyber defense and threat analytics are the core of my function, being responsible to improve Security Operation KPIs, security use cases development, incident analysis and response, cybersecurity compliance with local regulations. Support on cloud security migration and security monitoring.- Run Email security analysis with Proofpoint, Fireeye and open source tools.- SIEM: migration from IBM Qradar to Securonix Snypr, correlation development, fine tune and reporting. - Cloud: fine tune Microsoft Sentinel, create queries and run security investigations.- EDR: Microsoft Defender and Mcafee endpoint/DLP.- Network Access Control and WAF tuning.- Threat Intel: CrowdStrike, IBM XForce and open source tools. Show less

Contractor for ADNOC - Abu Dhabi National Oil Company.At Cybersecurity Engineer role with a client, cyber defense and threat analytics are the core of my function, being responsible to improve Security Operation KPIs, security use cases development, incident analysis and response, cybersecurity compliance with local regulations. Support on cloud security migration and security monitoring.- Run Email security analysis with Proofpoint, Fireeye and open source tools.- SIEM: correlation… Show more Contractor for ADNOC - Abu Dhabi National Oil Company.At Cybersecurity Engineer role with a client, cyber defense and threat analytics are the core of my function, being responsible to improve Security Operation KPIs, security use cases development, incident analysis and response, cybersecurity compliance with local regulations. Support on cloud security migration and security monitoring.- Run Email security analysis with Proofpoint, Fireeye and open source tools.- SIEM: correlation development, fine tune and reporting. - Cloud: fine tune Microsoft Sentinel, create queries and run security investigations.- EDR: Microsoft Defender and Mcafee endpoint/DLP.- Network Access Control and WAF tuning.- Threat Intel: CrowdStrike, IBM XForce and open source tools.- Part of a Global SOC build up (Merge of 5 operations). Show less

Leadership on incident response and security operation for a critical mission Cloud environment. Define security baselines, evaluate security architecture and technical security controls, manage compliance metrics on vulnerability detection/mitigation, penetration testing coordination, third party management, security systems deployment and administration. Threat analysis, automation and threat intelligence. Most common tools on the environment:- Team Leader: managed 7 direct reports (daily… Show more Leadership on incident response and security operation for a critical mission Cloud environment. Define security baselines, evaluate security architecture and technical security controls, manage compliance metrics on vulnerability detection/mitigation, penetration testing coordination, third party management, security systems deployment and administration. Threat analysis, automation and threat intelligence. Most common tools on the environment:- Team Leader: managed 7 direct reports (daily operation, performance/feedback, on call roaster, deliverables and metrics).- SIEM: IBM QRADAR- EDR/AV: Mcafee Move, TrendMicro Deep Security, POCs for multiple EDR systems.- IPS/IDS: Mcafee, PaloAlto.- Vuln. Management: Nessus, Acunetix, Nmap, Metasploit, Burp Suite.- WAF: Imperva Incapsula- Threat Intel: Arbor Atlas, IBM XForce, Palo Alto Wildfire.- DDOS: Arbor APS.- PAM: CyberArk.Managed cloud compliance on ISO 27001, ISAE 3402 and ISO 20000, built a Vulnerability Management Program and a solid SecOps structure.Main Project:Distributed SIEM for Cloud was my main project, with 16 months of duration and U$1 million of investment. I managed to deployment and integrate SIEM across Traditional Datacenter, AWS, AZURE and TOTVS Cloud, I presented it as a show case at IBM Interconnect – Las Vegas USA, March 2017. Show less

Vulnerability Management and security information consulting.During these 12 months I used to support TOTVS security team as a third party with projects development and security operation (full allocation at TOTVS field).My highlights were vulnerability management design, incident response and security consulting (web application tests, cloud auditing and policies review. After this period, I was invited to be TOTVS's employee.

In this role, it was a central vulnerability management project to delivery services to customers around the world (North America, South America, Asia and Europe).It was part of my job perform penetration testing, vulnerability assessement, forensics investigation and specialized reports, review firewall rules and write security recommendations. Attend deadlines of multiple concurrent projects and work with multidisciplinary teams.

Vulnerability analysis, threats investigation, reporting and team support.

Technical support and customers attend