Senior Forensics Consultant

• TechBiz Forense Digital
• May 1, 2011 - Current
• Responsible for SIEM projects and sales engineering, based on ArcSight solutions.

Information Security Consultant / Project Manager

• CIPHER
• May 1, 2010 - May 1, 2011
• Responsible for security consulting projects at the Brasilia branch office and technical relationship with local customers. Experience highlights: - Managed Security Services / SOC (coordination and process design) - SIEM (ArcSight) - Sales engineering - Government / Public sector presales

SOC Coordinator

• Oi/Telemar
• Jun 1, 2009 - May 1, 2010
• The main goal for this position was to coordinate all activities related to security monitoring, specially focused on business risks. For almost one year on this position, my work at Oi's SOC (COpS) involved: - design and plan of SOC infrastructure, systems and processes; - internal and third party teams coordination; - project management; - definition and implementation of compliance controls due to external (SOx) and internal audits; - technical, business and management presentations of SOC projects and results; - definition of techinical specs for products and services acquisitions; - cooperation with internal and external incident response teams; - design and implementation of components to collect, process, correlate and analyze events.

Information Security Consultant / CSIRT and SOC Consultant

• Oi/Telemar
• Oct 1, 2008 - Jun 1, 2009
• My first project at Oi was to conduct the incorporation of the company's SOC services, formerly provided by a third party MSS company, into consolidated internal SOC services provided by Brasil Telecom (which merged with Oi and which was my employer before June 2009). At Brasil Telecom (now Oi), my main activities were: - Development and management of systems for security log handling and correlation, as part of the company's SOC (Security Operations Center); - Administration of the SOC infrastructure and software, including the SIEM solution (Intellitactics ISM); - Incident handling. All the developed activities have helped Brasil Telecom to achieve its goals on external (customers) and internal (corporate) security commitments as a whole, anti-fraud business objectives and SOX compliance.

Information Security Consultant

• True Access
• Oct 1, 2007 - Sep 1, 2008
• Worked on Brasil Telecom CSIRT (similar description for the position above).

Information Security Consultant

• CIPHER
• Nov 1, 2004 - Oct 1, 2007
• Worked as a consultant for different companies in the telecommunications, financial and transport industry. Main activities: - Design, implementation and administration of SIEM solutions; - Software security audits based on ISO 17799 and ISO 15408; - Design, implementation and administration of security devices, both commercial and FOSS; - Pen-tests and VA; - Writing of guides for secure software development; - Source code audits. Has also supported the sales department on technical proposals for custom security solutions and services (like MSS).

Software Engineer

• Aker
• Mar 1, 2003 - Oct 1, 2004
• Worked on the design and development of network security software: firewall (Aker Firewall) and mail gateway (Aker Mail Gateway). Main programming language: C/C++.

Researcher

• ACME! Computer Security Research
• Jan 1, 2001 - Dec 1, 2002
• Collaborated on network security researches, mainly focused on intrusion detection.