Formal education

2023 - Master's degree Management and Technology, Centro Paula Souza
2022 - 2023 Postgraduate degree Digital Forensics and Cyber Investigation, IDESP
2022 - 2022 Postgraduate degree Ethical Hacking and Cyber Security, UNICIV
2019 - 2022 Bachelor of Technology Computer Systems Networking, IFRN
2018 - 2019 Certificate program Electronics, IMD
2015 - 2018 Certificate programInformatics, IFRN

Professional experience

[2023 - Present] Digital Forensics and Incident Response Specialist - Kaspersky Lab

  • Joined Kaspersky's Global Emergency Response Team (GERT).

[2021 - 2023] Cyber Security Consultant & Professor - Daryus Consultoria e Treinamento

  • Conducted penetration testing in web applications, infrastructures, and mobile applications.
  • Performed reverse engineering of PE and APK files.
  • Conducted computer forensics investigations.
  • Conducted cloud computing audits to ensure security best practices were followed.
  • Provided guidance on secure development practices.
  • Led red team exercises to identify vulnerabilities in organizations' security defenses.
  • Designed and executed phishing campaigns to raise awareness and test employees' security awareness.
  • Led the creation and implementation of robust incident response playbooks, optimizing response strategies for swift and effective resolution.
  • Actively contributed to ISO 27001 audits, ensuring adherence to information security standards.
  • Conducted audits of critical systems to ensure they meet security standards.
  • As a professor of post-graduate courses, instructed students in various topics related to information security, including: Malware analysis and reverse engineering; Mobile and wireless penetration testing; Incident response; Windows & Linux security; Secure programming; Network security; and IoT security.
  • Instructed courses in web application security, secure programming, and ethical hacking, with a focus on the following topics: OWASP Top 10 and Secure Coding Practices; OWASP Proactive Controls and API Security; SAST, DAST, and SCA techniques; DevOps and DevSecOps methodologies; Threat modeling for software security; Network, web application, and wireless network penetration testing.
  • Additionally, taught other related courses, such as Penetration Testing, Open-source Intelligence (OSINT), Ethical Hacking Foundation, Secure Programming Foundation, and NIST Cyber Security Framework.

[2016 - 2022] Researcher, R&D Software Developer, and Tutor - Federal Institute of Rio Grande do Norte

  • Conducted research in information security, focusing on malware analysis and detection, software-defined networks, and moving target defense.
  • Authored and published research papers in multiple conferences and journals to share findings and contribute to advancements in the fields.
  • Conducted research in computer vision and image processing and developed practical applications in the field.
  • Designed and developed an ALPR (Automatic License Plate Recognition) application for embedded hardware, with a patent application filed.
  • Developed an OCR (Optical Character Recognition) application to extract text from images.
  • Created a deep learning-based face recognition application and API.
  • Main programming languages: Java and Python.
  • Other technologies: OpenCV, dlib, REST, Flask, MySQL, RFID.
  • Provided support to students studying operating systems, offering guidance and assistance with course materials.
  • Provided assistance to students studying algorithms and data structures, offering guidance and support with course materials.

[2020 - 2021] Back-end Developer - SutHub

  • Designed and developed multiple Robotic Process Automation (RPA) tools to automate repetitive tasks and improve productivity.
  • Conducted Static Application Security Testing (SAST) in the core system to identify and mitigate potential security risks.
  • Main programming language: Python.
  • Other technologies: Selenium, AWS (EC2, CloudWatch, and S3), MySQL.

[2018 - 2019] Information Security Analyst - Actions Security

  • Helped develop a Web Application Firewall (WAF).
  • Utilized Elastic Stack, Docker containers, and reverse proxies to achieve project goals.
  • Successfully implemented an OpenStack infrastructure, enabling increased efficiency and scalability.
  • Conducted penetration tests in web applications to identify security vulnerabilities.
  • Main programming languages: Python and C.
  • Other tools and technologies: OWASP Top 10, AWS, OpenStack, ModSecurity, Linux.

Research interests

Certifications

CompTIA Advanced Security Practitioner (CASP+) CompTIA Credential ID: WSLN0QL5NME1115Z
ISO/IEC 27001 Lead Auditor PECB Credential ID: ISLA1119651-2023-06
Certified Ethical Hacker (Practical) EC-Council Credential ID: ECC5379860241
Certified Ethical Hacker (CEH) EC-Council Credential ID: ECC8169403257
Pentest+ CompTIA Credential ID: 1035ZEWSF1Q415WQ
LPIC-3: Security Linux Professional Institute Credential ID: LPI000393801
LPIC-2: Linux Engineer Linux Professional Institute Credential ID: LPI000393801
LPIC-1: Linux Administrator Linux Professional Institute Credential ID: LPI000393801
Linux+ CompTIA Credential ID: 9BSTQ4TM5LEE1GKT
Certified in Cybersecurity (ISC)² Credential ID: 1068081
Ethical Hacking Foundation EXIN Credential ID: 6382379.20813916
Secure Programming Foundation EXIN Credential ID: 6382379.20811383
Cloud Computing Foundation EXIN Credential ID: 6382379.20844402

Skills

Honors & Awards

2023 CEH Master
2022 Academic Honors Diploma (Summa Cum Laude)
2022 Distinguished Paper Award, XL SBRC
2019 CVE-2019-7634
2018 Capture The Wave (CTW/CTF) Champion

Patents & Software

BR 10 2018 015493 1 Patent Embedded System for Automatic License Plate Recognition
BR 51 2024 000157 3 Software Heimdall: Solução para detecção de artefatos maliciosos em ambientes IoT por meio de machine learning
BR 51 2022 002010 6 Software PhishKiller
BR 51 2019 000141 9 Software NAVI Face Recognition API
BR 51 2019 000143 5 Software NAVI RPi Face Recognition
BR 51 2019 000144 3 Software NAVI-ALPR
BR 51 2019 000140 0 Software Embedded System for Rainfall Measurement and SNMP Management
BR 51 2018 000086 0 Software OCR-NAVI

Volunteering

[2022 - Present] OWASP Foundation

  • As chapter leader, my responsibilities include efficiently maintaining the chapter, organizing engaging information security meetings, and conducting workshops.

[2015 - 2016] Federal Institute of Rio Grande do Norte

  • Volunteered to develop a mobile app for monitoring water usage at IFRN (campus Natal Central).

CV