L o a d i n g

Marcos
Santos
Images CyberSecurity
Engineer

About Me

From Developer to Defender: My Global Cybersecurity Odyssey

Here's how I can help!

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

MY RESUME

Icons
Linux Security Engineer
IGEL

- Code Review
- Vulnerability Management
- SAST Scanner with Sonar
- SCA Scanner with SonarType
- Pipeline creation with Jenkins and TeamCity
- Implementation of checks for Linux

11/2024 - Current
Icons
CyberSecurity Security Researcher
Greenbone AG

- Observation and analysis of the latest vulnerability reports
- Creation of Windows and Linux Compliance vulnerability search rules using OpenVas
- Implementation of test routines to identify vulnerabilities
- Implementation of checks for Windows patch level and all standard tools for Windows
- Direct cooperation with customers for special applications

03/2023 - 10/2024
Icons
CYBER SECURITY COORDINATOR
Nova8

- Preparation of Pre-Sales Processes
- Creation of PoC Reports and presentations to the Board
- Creation and configuration of environments, SAST, DAST, IAST and SCA
- Realization of PoC of SAST, DAST, IAST and SCA products
- Presentation of final meeting with CISO and customer directors
- Creation of vulnerability search rules
- Integration with CI/CD Tools, IDE, Bug Tracking, etc.
- Vulnerability management based on OWASP TOP 10, NIST, FISMA and PCI compliance
- Fixing vulnerabilities with the help of SAST tools
- Azure Firewalls/WAF/KMS
- Tools: Checkmarx, Acunetix, Neuralegion, Probely, WhiteSource, Imperva

03/2021 - Current
Icons
INFORMATION SECURITY ANALYST
BRScan

- Code Review with Veracode
- Vulnerability analysis using SAST tools (Veracode)
- Application Testing
- Fixing vulnerabilities with the help of SAST tools
- Vulnerabiliy Management
- Modification and creation of queries and procedures
- Documentation of new features to the system
- Preparation of test scripts
- Tools: Veracode, Checkmarx, Synopsis, Fortify

03/2020 - 03/2021
Icons
Cyber Defense
FIAP

In this two-year program, you will learn essential cybersecurity practices such as risk management and data protection laws (LGPD and GDPR), and progress to advanced Offensive Security techniques, including Penetration Testing, Forensic Analysis, and Threat Intelligence, ultimately gaining the skills to develop automation tools with Python and JS, apply Hardware Hacking concepts, and incorporate Artificial Intelligence to fortify critical infrastructures against ever-evolving cyber threats.

08/2021 - Current
Icons
INFORMATION TECHNOLOGY MANAGEMENT
Anhanguera

The Information Technology (IT) college program provides a comprehensive education covering programming, software development, computer networks, information security, databases, and project management. In the early years, students study basic subjects like mathematics, programming logic, and algorithms, moving on to advanced topics such as software engineering, artificial intelligence, and cybersecurity. Classes blend theory and practice through labs and projects, alongside internships and final projects that equip students with practical experience for the job market.

06/2016 - 12/2018
Icons
Fundamentos e Práticas de Cibersegurança.: Abordagem Prática para Profissionais de Cibersegurança (Portuguese Edition)
Kindle eBook

The book was created based on my professional experiences over the years in the Cybersecurity market. With that, I gathered what I learned and decided to publish a book for those who are starting out in the market. With that, I included some cases and how the resolution was made in order to help and grow the cybersecurity community.

2024 - 2025
Icons
O Guia Definitivo de Checkmarx One
Online Course

With over 5 years using and also teaching about the Checkmarx Cybersecurity tool, I decided to create an online course with more than 5 modules related to teaching how SAST, SCA, IaC work, among other tools and the entire process that this includes such as implementation in CI/CD tools, Integration with repositories, threat modeling process, Vulnerability Management process, Bug Tracking, application tuning, customization of vulnerability search rules and much more.

2023 - Current
Icons
DevSecOps Podcast
Podcast

Podcast formed by Cassio Pereira where I am Co-Hosting and we talk about topics related to Cybersecurity, from training to controversial topics such as AI in the cybersecurity environment, data protection and other topics

2021 - Current
Icons
CyberSec News
Youtube Channel

Channel created in order to inform news related to Cybersecurity, where daily I present 4 informative news focused on some topics such as Data leaks, Cyberattacks, Cybersecurity, Malware, Ransomware, Social Engineering and other various topics related to the area

2024 - Current