|2023 -||Master's degree||Management and Technology, Centro Paula Souza|
|2022 - 2023||Postgraduate degree||Digital Forensics and Cyber Investigation, IDESP|
|2022 - 2022||Postgraduate degree||Ethical Hacking and Cyber Security, UNICIV|
|2019 - 2022||Bachelor of Technology||Computer Systems Networking, IFRN|
|2018 - 2019||Certificate program||Electronics, IMD|
|2015 - 2018||Certificate program||Informatics, IFRN|
[2021 - Present] Cyber Security Consultant & Professor - Daryus Consultoria e Treinamento
- Conducted penetration testing in web applications, infrastructures, and mobile applications.
- Performed reverse engineering of PE and APK files.
- Conducted computer forensics investigations.
- Conducted cloud computing audits to ensure security best practices were followed.
- Provided guidance on secure development practices.
- Led red team exercises to identify vulnerabilities in organizations' security defenses.
- Designed and executed phishing campaigns to raise awareness and test employees' security awareness.
- Actively contributed to ISO 27001 audits, ensuring adherence to information security standards.
- Conducted audits of critical systems to ensure they meet security standards.
- As a professor of post-graduate courses, instructed students in various topics related to information security, including: Malware analysis and reverse engineering; Mobile and wireless penetration testing; Incident response; Windows & Linux security; Secure programming; Network security; and IoT security.
- Instructed courses in web application security, secure programming, and ethical hacking, with a focus on the following topics: OWASP Top 10 and Secure Coding Practices; OWASP Proactive Controls and API Security; SAST, DAST, and SCA techniques; DevOps and DevSecOps methodologies; Threat modeling for software security; Network, web application, and wireless network penetration testing.
- Additionally, taught other related courses, such as Penetration Testing, Open-source Intelligence (OSINT), Ethical Hacking Foundation, Secure Programming Foundation, and NIST Cyber Security Framework.
[2016 - 2022] Researcher, R&D Software Developer, and Tutor - Federal Institute of Rio Grande do Norte
- Conducted research in information security, focusing on malware analysis and detection, software-defined networks, and moving target defense.
- Authored and published research papers in multiple conferences and journals to share findings and contribute to advancements in the fields.
- Conducted research in computer vision and image processing and developed practical applications in the field.
- Designed and developed an ALPR (Automatic License Plate Recognition) application for embedded hardware, with a patent application filed.
- Developed an OCR (Optical Character Recognition) application to extract text from images.
- Created a deep learning-based face recognition application and API.
- Main programming languages: Java and Python.
- Other technologies: OpenCV, dlib, REST, Flask, MySQL, RFID.
- Provided support to students studying operating systems, offering guidance and assistance with course materials.
- Provided assistance to students studying algorithms and data structures, offering guidance and support with course materials.
[2020 - 2021] Back-end Developer - SutHub
- Designed and developed multiple Robotic Process Automation (RPA) tools to automate repetitive tasks and improve productivity.
- Conducted Static Application Security Testing (SAST) in the core system to identify and mitigate potential security risks.
- Main programming language: Python.
- Other technologies: Selenium, AWS (EC2, CloudWatch, and S3), MySQL.
[2018 - 2019] Information Security Analyst - Actions Security
- Helped develop a Web Application Firewall (WAF).
- Utilized Elastic Stack, Docker containers, and reverse proxies to achieve project goals.
- Successfully implemented an OpenStack infrastructure, enabling increased efficiency and scalability.
- Conducted penetration tests in web applications to identify security vulnerabilities.
- Main programming languages: Python and C.
- Other tools and technologies: OWASP Top 10, AWS, OpenStack, ModSecurity, Linux.
- Information Security
- Malware Analysis
- Artificial Intelligence
- Software-Defined Networking
|CompTIA Advanced Security Practitioner (CASP+)||CompTIA||Credential ID: WSLN0QL5NME1115Z|
|ISO/IEC 27001 Lead Auditor||PECB||Credential ID: ISLA1119651-2023-06|
|Certified Ethical Hacker (Practical)||EC-Council||Credential ID: ECC5379860241|
|Certified Ethical Hacker (CEH)||EC-Council||Credential ID: ECC8169403257|
|Pentest+||CompTIA||Credential ID: 1035ZEWSF1Q415WQ|
|LPIC-3: Security||Linux Professional Institute||Credential ID: LPI000393801|
|LPIC-2: Linux Engineer||Linux Professional Institute||Credential ID: LPI000393801|
|LPIC-1: Linux Administrator||Linux Professional Institute||Credential ID: LPI000393801|
|Linux+||CompTIA||Credential ID: 9BSTQ4TM5LEE1GKT|
|Certified in Cybersecurity||(ISC)²||Credential ID: 1068081|
|Ethical Hacking Foundation||EXIN||Credential ID: 6382379.20813916|
|Secure Programming Foundation||EXIN||Credential ID: 6382379.20811383|
|Cloud Computing Foundation||EXIN||Credential ID: 6382379.20844402|
- Portuguese (Native)
- English (Advanced level)
- French (Basic level)
- Programming languages:
- Penetration Testing, Computer Forensics, Malware Analysis, Reverse Engineering, FTK, OWASP Top 10, Linux Administration, AWS, Git, Docker, Elastic Stack, Flask, REST.
Honors & Awards
|2022||Academic Honors Diploma (Summa Cum Laude)|
|2022||Distinguished Paper Award, XL SBRC|
|2018||Capture The Wave (CTW/CTF) Champion|
Patents & Software
|BR 10 2018 015493 1||Patent||Embedded System for Automatic License Plate Recognition|
|BR 51 2022 002010 6||Software||PhishKiller|
|BR 51 2019 000141 9||Software||NAVI Face Recognition API|
|BR 51 2019 000143 5||Software||NAVI RPi Face Recognition|
|BR 51 2019 000144 3||Software||NAVI-ALPR|
|BR 51 2019 000140 0||Software||Embedded System for Rainfall Measurement and SNMP Management|
|BR 51 2018 000086 0||Software||OCR-NAVI|
[2022 - Present] OWASP Foundation
- As chapter leader, my responsibilities include efficiently maintaining the chapter, organizing engaging information security meetings, and conducting workshops.
[2015 - 2016] Federal Institute of Rio Grande do Norte
- Volunteered to develop a mobile app for monitoring water usage at IFRN (campus Natal Central).