Bio
Experience in Purple Team as a researcher, carrying out evaluation and development of mitigations and attack detections.
Solid experience in planning, implementing, monitoring, and improving the technical operational environment in Microsoft platform focusing on security by design, hardening, threat modeling, vulnerability assessments and analysis, ensuring the full operation of applications and the environment.
Solid experience in both OnPrem and Cloud infrastructure, network, Windows Operating Systems, Information Security practices according to NIST, CIS Critical Security Controls, Mitre ATT&CK, LGPD/GDPR legislation, access control and identity and advanced monitoring in Microsoft environments using XML and PowerShell language, effectively contributing to SOC Intelligence Management.
Experience in implementing Microsoft Security Development Lifecycle methodology for managers and development teams, from both processes and practices perspectives, shifting- left security by designing DevSecOps CI/CD Pipelines integrating market security standards such as OWASP, Mitre ATT&CK, SANS among others.