Marcio Rodrigues
Coordenador de Cybersecurity at Santander Global Tech- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
Topline Score
Bio
Experience
-
Santander Global T&O
-
Spain
-
IT Services and IT Consulting
-
100 - 200 Employee
-
Coordenador de Cybersecurity
-
Jul 2020 - Present
Working in the DETECT BR team as a coordinator, in charge of Threat Detection and Advanced Analytics activitiesActivities:Identify Intelligence information sourcesConduct an analysis of the incoming intelligence vs. impactCouple intelligence analysis with proactive recommendationsMap regional threats and security platforms along with local CISOs in order to improve alerts’ effectivenessCCM’s execution on order to validate existing security alerts’ effectiveness and suggest enhancementsUse Cases and Alerts creation based on threat landscapePerform Intelligence briefingsCoordination with CTU Lead and Comms teamProduce reports covering intelligence productsCorrelates threat actor profiles and TTPs to attack vectorsHunt for malicious behavior within the enterpriseDevelop active defense techniquesRecommend changes to security device policies
-
-
-
Riachuelo
-
Brazil
-
Retail
-
700 & Above Employee
-
Coordenador de Cybersecurity
-
Sep 2019 - Jul 2020
In charge of the Cybersecurity team, managing activities related to Detect, Protect and Respond disciplines in order to enhance the organization’s resilience against cyber threats and to improve the cybersecurity maturity level.Activities:Management of MSS SOC/SIEM activities and coordination with Cybersecurity teamUse Cases and Alerts creation based on threat landscapeTuning of SIEM alerts in order to improve their effectivenessSIEM data sources definition and logs onboardingCCM’s execution on order to validate existing security alerts’ effectiveness and suggest enhancementsThreats’ investigation and containmentSecurity incident’s identification and communication with stakeholdersCybersecurity projects management and status reporting for the executive boardSecurity Platforms’ administration and operationEnhancements in security platforms’ security policiesVulnerability ManagementCloud security controls implementation (AWS, Azure and GCP)Conduct analysis of the incoming intelligence vs. impactCouple intelligence analysis with proactive recommendationsCybersecurity KRIs reporting
-
-
-
Santander Global T&O
-
Spain
-
IT Services and IT Consulting
-
100 - 200 Employee
-
Coordenador de segurança da informação
-
Jan 2018 - Apr 2019
Working in the DETECT BR team as a coordinator, in charge of Advanced Cyber Defense activitiesActivities:Identify Intelligence information sourcesConduct an analysis of the incoming intelligence vs. impactCouple intelligence analysis with proactive recommendationsMap regional threats and security platforms along with local CISOs in order to improve alerts’ effectivenessCCM’s execution on order to validate existing security alerts’ effectiveness and suggest enhancementsUse Cases and Alerts creation based on threat landscapePerform Intelligence briefings Coordination with CTU Lead and Comms teamProduce reports covering intelligence productsCorrelates threat actor profiles and TTPs to attack vectorsHunt for malicious behavior within the enterpriseDevelop active defense techniquesRecommend changes to security device policies
-
-
-
Produban
-
Spain
-
IT Services and IT Consulting
-
400 - 500 Employee
-
Consultor de segurança da informação
-
May 2013 - Dec 2017
Working in Security Architecture department, responsible for security projects implemantation and management. Conduction of PoCs with security platforms in order to improve the organization security controls in place. Activities:Responsible for Security Architecture Cybersecurity projects management and status reporting for the PMO and the executive boardExecution of PoCs in order to improve the organization resilience against advanced threatsTechnical support to the operations team related to the platforms administration and troubleshootingExecution of security features improvements on the security Implementation of Splunk solution as a SIEM and development of dashboards and alerts enabling the team to reduce the time for security incidents respondImplementation of several redBorder IPS sensorsManagement of activities related to the Datacenter Campinas Migration Project in order to move security assets to the new datacenterSegregation of security platforms used by Santander and Produban
-
-
Education
-
Universidade de São Paulo