Cybersecurity Architect

• Jun 2023 - Present

Infosec and Infrastructure Consultant

• Jul 2021 - Jun 2023

𝗧𝗶𝗲𝗿 𝟯 𝘁𝗲𝗰𝗵𝗻𝗶𝗰𝗮𝗹 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Troubleshooting in data center networks containing switches (Cisco and Dell), loadbalancers (F5, Netscaler, and A10), virtualized environments (VMWare NSX and vDS), firewalls (Cisco, Checkpoint, Fortigate, Palo Alto, and Juniper, and proxies (e-mail and internet access) • Accomplished complex requests 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗮𝗻𝗱 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 • Redesigned the interconnection for an IT service provider with its partners (VPN), optimizing usage and increasing resiliency, reducing unavailability incidents by 60% • Redesigned wireless infrastructure on a global scale (Americas, EMEA, and APAC), improving security, saving US10k/year, and maintaining level of service • Improved overall security visibility from the internet access protection solution, adding deeper inspection, resulting in more granular control • Produced over 20 new network diagrams for updated infrastructure, reducing the average request accomplishment time and MTTR around 60% 𝗣𝗿𝗲-𝘀𝗮𝗹𝗲𝘀 𝗱𝗲𝘀𝗶𝗴𝗻 • Collaborated with pre-sales team to structure and present a wireless support proposition, resulting in additional monthly income of EU$5.6k Show less

Information Security Consultant

• Nov 2021 - Nov 2022

𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 • Designed and collaborated with the setup of a SIEM (Q-Radar) and a firewall auditing tool (Algosec AFA and AFF), providing foundations for the subsequent SOC operation to initiate 𝗜𝗻𝗳𝗼𝗿𝗺𝗮𝘁𝗶𝗼𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗥𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • PCI-PIN certification achievement, enabling new business opportunities • PCI-DSS certification renewal, mandatory for business operation on this segment • Developed a security incident response plan and presented to the C-level, whose approval reflected on a greater involvement from other business areas to information security and risk management processes 𝗞𝗻𝗼𝘄𝗹𝗲𝗱𝗴𝗲 𝘁𝗿𝗮𝗻𝘀𝗶𝘁𝗶𝗼𝗻 • Trained an Infosec, Infrastructure, and BI team manager, an Information Security team coordinator, 1 network specialist, 1 HSM, 1 IAM, and 1 compliance analyst, so the operation could continue without my services Show less

Infosec & Infrastructure Manager

• Nov 2020 - Nov 2021

𝗧𝗲𝗮𝗺 𝗹𝗲𝗮𝗱𝗲𝗿𝘀𝗵𝗶𝗽 • Managed 4 teams (IS, Hosting, Network, and DevOps) with 12 employees, delivering projects and operational demands • Created 2 leaderships to focus on deficient areas (Infosec and Network), which resulted in one of them later being promoted as my peer when operation grew • Mentored 4 Infosec employees, resulting in 2 changing companies to take on solutions architect roles and the other 2 being promoted as technical references on their respective areas (IAM and Compliance) 𝗜𝗦 𝗮𝗻𝗱 𝗜𝗧 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 • Deployed CASB/DLP/SWG solution (Netskope), increasing visibility, controlling risks related to information leakage • Collaborated with the migration to Office365, reducing TCO, improving UX and integrating with other security solutions, resulting in greater better visibility • Deployed HSM (Thales Payshield) solution for acquirer operation (LMK, RLMK, ZMK, BDK, PEK, etc), • Improved core business functions performance through F5 DNS feature, reducing latency and improving availability, resulting in a .6 (99.8%) yearly availability increase 𝗜𝗧, 𝗜𝗻𝗳𝗼𝘀𝗲𝗰 𝗮𝗻𝗱 𝗥𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • Created an IS committee, promoting security awareness throughout the company, and attending to compliance requisites • Led the elaboration of ISMS policies, complementing compliance risk disciplines • PCI-DSS certification renewal, mandatory for business operation • Managed a budget of US$3.8M per year • Oversaw contract risk analysis 𝗦𝗲𝗰𝗢𝗽𝘀 • Oversaw the RBAC initiative, mapping job role profiles for each function through extensive interviews, shortening the onboarding process to 1 business day • Developed vulnerability scan routine, which mitigated over 350 vulnerabilities identified throughout the year • Implemented a pen testing routine after development sprints for critical and new apps Relationship management • Negotiated purchases and contracts • Collaborated with governance team for SLA management Show less

Infosec Manager

• Aug 2020 - Nov 2020

𝗠𝘂𝗹𝘁𝗶𝗱𝗶𝘀𝗰𝗶𝗽𝗹𝗶𝗻𝗮𝗿𝘆 𝘁𝗲𝗮𝗺 𝗹𝗲𝗮𝗱𝗲𝗿𝘀𝗵𝗶𝗽 • Managed 3 different teams (Information Security, IT Support, and Salesforce) composed of 6 employees with different degrees of experience, reducing the average time to resolve a request by 20%𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗥𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • Elaborated and published a comprehensive ISMS policies and procedures, providing the foundation for the information security and risk management initiative and further reflecting on developing information security awareness throughout the company𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆 𝗮𝗻𝗱 𝗔𝗰𝗰𝗲𝘀𝘀 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 (𝗜𝗔𝗠) • Initiated the questionnaire for department x role access mapping, resulting in an initial RBAC approach that reduced the identity provision, management, and decommission process in 30% Show less

Information Security Specialist

• Apr 2020 - Aug 2020

𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗮𝗻𝗱 𝗥𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁• Collaborated with the first draft of the risk assessment, which developed into several activities to be accomplished by different departments with information security support• Defined milestones for LGPD compliance achievement, which resulted in later compliance

Sênior Infrastructure & Security Analyst

• Jun 2017 - Apr 2020

𝗕𝘂𝘀𝗶𝗻𝗲𝘀𝘀 𝗠𝗼𝗱𝗲𝗹 • Collaborated with the definition of targeted customer segment 𝗜𝗦 𝗮𝗻𝗱 𝗜𝗧 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 • Defined the IT and IS requisites to achieve business goals • Created HLD of the proposal for evaluation of other business areas, obtaining approval • Created an IT and IS LLD, on which future growth and additional features could be built upon • Configured the following solutions: Cisco (ISR, Nexus, Catalysts, WLC, Aironet, ASA, FTD, and FMC), F5 (BigIP LTM, WAF, iRules, and Silverline), VMWare (vCenter, ESXi, and vDS), Windows (CA) and Dell (VRTX) • Collaborated with the following config: Nutanix, Commvault, Redhat (RHEL, Openshift, 3Scale, and AMQ), Windows (Server 2012+, SQL, AD, DHCP, DNS, and Exchange), Oracle (Golden Gate and ODA), AWS, and Zabbix + Grafana. • Delivered 2 highly-available data centers, 1 company headquarters, and remote access • Delivered interconnections with government facilities (CIP), associations (Mastercard, VISA, AMEX, and ELO), and other partners (DXC) for online card transactions and batch process • Delivered underlying e-commerce, POS, and TEF infrastructures • Delivered redundant medium to large size customer interconnectivity 𝗥𝗲𝗹𝗮𝘁𝗶𝗼𝗻𝘀𝗵𝗶𝗽 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • Conducted an RFQ document containing the build of materials and services needed, evolving into RFPs where pricing negotiation took place, managing to acquire what was initially needed within the budget (US$3M) • Handled the delivery of all assets on necessary locations • Successfully negotiated a autonomous system and public IPv4/v6 address space with local authorities (registro.br) 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗮𝗻𝗱 𝗿𝗶𝘀𝗸 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • Achieved internal security assessor (ISA) certification for PCI-DSS compliance purposes • Trained employees on the PCI discipline for cryptographic key cerimonies • Assured that associations (Mastercard, VISA, etc) regulations were in place • Achieved the PCI-DSS certification Show less

Senior Infrastructure Analyst

• Nov 2016 - May 2017

𝗧𝗶𝗲𝗿 𝟮/𝟯 𝗦𝘂𝗽𝗽𝗼𝗿𝘁 • Performed troubleshooting on homogenous networks with Cisco devices (routers, switches, WLCs, APs, and ISE) on LATAM • Performed troubleshooting on IBM private cloud (Softlayer) • Managed Infoblox DDI (DNS, DHCP, and IPAM) • Assisted on hosting (Windows and Linux) troubleshoot 𝗣𝗮𝗿𝘁𝗻𝗲𝗿 𝗿𝗲𝗹𝗮𝘁𝗶𝗼𝗻𝘀𝗵𝗶𝗽 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • Co-responsible for managing IBM SLAs for data-center hosting contract 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 • Conducted the technological refresh of switching and wireless infrastructure Show less

Infrastructure Specialist

• Aug 2013 - Jun 2016

𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗮𝗿𝗰𝗵𝗶𝘁𝗲𝗰𝘁𝘂𝗿𝗲 • Design and deployment of Cisco solutions (routing, switching, and firewall), Checkpoint (firewall), Citrix (Netscaler), and interconnectivity (MPLS, Internet, and dark fiber) • Remote access VPN setup (Cisco Anyconnect) • Design and deployment of new associations interconnection (AMEX, ELO, Ticket, VR, and Sodexo) • Redesign of internal interconnectivity, resulting in a monthly OPEX reduction of U$2k 𝗧𝗶𝗲𝗿 𝟯 𝘁𝗲𝗰𝗵𝗻𝗶𝗰𝗮𝗹 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Troubleshooting card processing transaction issues (latency, jitter, synchronization issues, etc) 𝗣𝗮𝗿𝘁𝗻𝗲𝗿 𝗿𝗲𝗹𝗮𝘁𝗶𝗼𝗻𝘀𝗵𝗶𝗽 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 • Co-responsible for new solutions negotiation • Co-responsible for collocation management contract with TIVIT Show less

Team Leader

• Aug 2012 - Jul 2013

𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝘀 𝗱𝗲𝘀𝗶𝗴𝗻 • Structured a 24x7 NOC operation, including hiring, shift planning, selection of tools, and KPI 𝗧𝗲𝗮𝗺 𝗹𝗲𝗮𝗱𝗲𝗿𝘀𝗵𝗶𝗽 • Managed a team with 6 employees for tier 1/2 support 𝗧𝗶𝗲𝗿 𝟮 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Provided tier 2 network and business (card processing) support for the whole team on more complex issues 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴 • Delivered KPIs to customer’s management, indicating improvements and deficiencies that needed to be addressed Show less

Monitoring Technician

• Mar 2010 - Aug 2012

𝗧𝗶𝗲𝗿 𝟮 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Performed tier 2 networking troubleshooting on service degradation and unavailability • Optimized WAN through WAAS tuning 𝗠𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴 𝗱𝗲𝘀𝗶𝗴𝗻 𝗮𝗻𝗱 𝗼𝗽𝘁𝗶𝗺𝗶𝘇𝗮𝘁𝗶𝗼𝗻 • Tuned the monitoring tools, tailoring the needs to each customer 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴 • Produced technical reports for customer IT consumption, resulting in optimization over networking IT assets 𝗧𝗶𝗲𝗿 𝟮 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Performed tier 2 networking troubleshooting on service degradation and unavailability • Optimized WAN through WAAS tuning 𝗠𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴 𝗱𝗲𝘀𝗶𝗴𝗻 𝗮𝗻𝗱 𝗼𝗽𝘁𝗶𝗺𝗶𝘇𝗮𝘁𝗶𝗼𝗻 • Tuned the monitoring tools, tailoring the needs to each customer 𝗥𝗲𝗽𝗼𝗿𝘁𝗶𝗻𝗴 • Produced technical reports for customer IT consumption, resulting in optimization over networking IT assets

Tier 1 Analyst

• Sep 2009 - Mar 2010

𝗧𝗶𝗲𝗿 𝟮 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Troubleshoot on transmission networks (ATM) with MGX series devices • Coordination on dispatch and intervention for field technicians over AMERICAS and EMEA regions 𝗧𝗶𝗲𝗿 𝟮 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Troubleshoot on transmission networks (ATM) with MGX series devices • Coordination on dispatch and intervention for field technicians over AMERICAS and EMEA regions

Infrastrucure Operator

• Jul 2009 - Sep 2009

𝗧𝗶𝗲𝗿 𝟭 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Handled incidents and requests related to CA products within US 𝗧𝗶𝗲𝗿 𝟭 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Handled incidents and requests related to CA products within US

Trainee / Support Analist / Delivery Coordinator

• Mar 2008 - Jun 2009

𝗧𝗿𝗮𝗶𝗻𝗲𝗲 • Participated in a group of 8 trainees where basic IT concepts were given, where I was awarded highest score in class 𝗧𝗶𝗲𝗿 𝟭/𝟮 𝘀𝘂𝗽𝗽𝗼𝗿𝘁 • Provisioned end user IT devices (laptops, desktops, phones, etc) for daily usage • Troubleshooted malfunctioning issues related to end user experiences 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗰𝗼𝗼𝗿𝗱𝗶𝗻𝗮𝘁𝗶𝗼𝗻 • Oversighted IT implementation activities on Santander temporary agencies such as circuit installation, printers, desktops, ATMs, etc 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻𝘀 𝗱𝗲𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 • Configured and deployed mobile solutions installed on PMESP (São Paulo State Police) vehicles, enabling license plate and documentation consultation Show less