Cristian Souza

[2021 - Present] Cyber Security Consultant & Professor - Daryus Consultoria e Treinamento

• Conducted penetration testing in web applications, infrastructures, and mobile applications.
• Performed reverse engineering of PE and APK files.
• Conducted computer forensics investigations.
• Conducted cloud computing audits to ensure security best practices were followed.
• Provided guidance on secure development practices.
• Led red team exercises to identify vulnerabilities in organizations' security defenses.
• Designed and executed phishing campaigns to raise awareness and test employees' security awareness.
• Conducted audits of critical systems to ensure they meet security standards.

• As a professor of post-graduate courses, instructed students in various topics related to information security, including: Malware analysis and reverse engineering; Mobile penetration testing; Secure programming; Network security; and IoT security.
• Instructed courses in web application security, secure programming, and ethical hacking, with a focus on the following topics: OWASP Top 10 and Secure Coding Practices; OWASP Proactive Controls and API Security; SAST, DAST, and SCA techniques; DevOps and DevSecOps methodologies; Threat modeling for software security; Network, web application, and wireless network penetration testing.
• Additionally, taught other related courses, such as Penetration Testing, Open-source Intelligence (OSINT), Ethical Hacking Foundation, Secure Programming Foundation, and NIST Cyber Security Framework.

[2016 - 2022] Researcher, R&D Software Developer, and Tutor - Federal Institute of Rio Grande do Norte

• Conducted research in information security, focusing on malware analysis and detection, software-defined networks, and moving target defense.
• Authored and published research papers in multiple conferences and journals to share findings and contribute to advancements in the fields.

• Conducted research in computer vision and image processing and developed practical applications in the field.
• Designed and developed an ALPR (Automatic License Plate Recognition) application for embedded hardware, with a patent application filed.
• Developed an OCR (Optical Character Recognition) application to extract text from images.
• Created a deep learning-based face recognition application and API.
• Main programming languages: Java and Python.
• Other technologies: OpenCV, dlib, REST, Flask, MySQL, RFID.

• Provided support to students studying operating systems, offering guidance and assistance with course materials.
• Provided assistance to students studying algorithms and data structures, offering guidance and support with course materials.

[2020 - 2021] Back-end Developer - SutHub

• Designed and developed multiple Robotic Process Automation (RPA) tools to automate repetitive tasks and improve productivity.
• Conducted Static Application Security Testing (SAST) in the core system to identify and mitigate potential security risks.
• Main programming language: Python.
• Other technologies: Selenium, AWS (EC2, CloudWatch, and S3), MySQL.

[2018 - 2019] Information Security Analyst - Actions Security

• Helped develop a Web Application Firewall (WAF).
• Utilized Elastic Stack, Docker containers, and reverse proxies to achieve project goals.
• Successfully implemented an OpenStack infrastructure, enabling increased efficiency and scalability.
• Conducted penetration tests in web applications to identify security vulnerabilities.
• Main programming languages: Python and C.
• Other tools and technologies: OWASP Top 10, AWS, OpenStack, ModSecurity, Linux.