Rafael M.

Experience

• 

  Musa Clinica Mulher & Saúde

  Jun 2013 - Jul 2014

  Intern

  Assist and monitor incidents and transfer related to the company's software; Provide technical support (hardware); Perform and monitor the progress of database backup routines (SQL Server 2008)

• 

  Musa Clinica Mulher & Saúde LTDA

  Jun 2014 - Jun 2015

  Prestador de serviços em TI
• 

  CGI Group

  Nov 2015 - May 2019

  Main activities:• Review of accesses, users and trusts;• Implementation of hardening on Windows servers;• Automations and improvements via PowerShell;• Administration of technical environments; Active Directory Domain Administration/Support;DNS and DHCP Administration/Support;Hyper-V Administration/Support (Windows Server 2012 R2);Administration/Support of the RDS (Remote Desktop Services) solution;Administration/Support of the VMWare environment

  • Technical Systems Analyst II

    Sept 2018 - May 2019

  • Junior Support Analyst

    Nov 2015 - Sept 2018
• 

  Avanade

  Jun 2019 - Jan 2021

  Responsible for supporting and leading an Information Security squad making deliveries using agile methodologies for a large customer in the health area.Main activities:* Definition and review of policies, standards and procedures related to Information Security, such as: Information Security Policy, Information Classification Policy, Patch Management Procedure, Incident Response Procedure, among others;* Presentation and training of management areas and end users on processes and procedures related to Information Security;* Creation and execution of simulated scenarios to respond to Information Security incidents;* Development of automation scripts to solve problems related to the area;* Creation of an inventory of information assets contemplating the aggregation of the information collected, providing a unified basis to aid in decision making;* Implementation of the workstation hardening process;* Assessment of security tools capabilities.* Present the results of the sprints to management Show less

  • Senior Information Security Analyst

    Jun 2020 - Jan 2021

  • Information Security Analyst

    Jun 2019 - Jun 2020
• 

  CPFL Energia

  Feb 2021 - Jun 2021

  Senior Information Security Analyst
• 

  Hospital Albert Einstein

  Jul 2021 - Nov 2022

  Information Security Specialist

  Information Security Specialist, acting as focal point and responsible for security engineering demands related to technological infrastructure.Main activities: * Implementation of security projects and tools (proof of concept, pilot, deployment and hand-over); * Research, development and testing of new security solutions; * Development and review of security architecture for technology environments; * Validation and implementation of best security practices for the various technologies in the park; * Implementation of projects to reduce the park's attack surface (Hardening); * Support in defining and maintaining the vulnerability management process; * Development of custom scripts and tools for automations and improvements in the working model (powershell and python); * Discussion, planning and prioritization of demands with technical teams; * Support in defining and maintaining the area's work method; * Presentation of executive indicators for management; * Conducting technical and management committees to address prioritization and progress of demands, projects and goals; * Review and improvement in security engineering processes. Show less

• 

  Cora

  Dec 2022 - Jan 2024

  Senior Information Security Analyst

  Information Security Analyst, working mainly between the Security Architecture and Blue Team disciplines.Main duties and deliverables:Design and implement the SIEM and SOAR environment;Be responsible for connecting log sources, defining and tunning alert rules and filtering false positives in the SIEM;Participate in the development of the security strategy, defining objectives, projects and metrics for the period;Develop, together with the governance team, an information security risk map, covering vectors, sub-vectors, risks, threats and mitigating controls;Be a focal point for current technical queries regarding information security;Assist in the implementation of security and data protection rules in the DLP and SWG tool;Assist in the implementation, maintenance and compliance with best practices in the EDR tool;Respond to security incidents at a technology level;Assist in responding to compliance/financial incidents;Assist in defining Blue Team documentation (e.g. incident response procedure);Implementation of security tools and projects;Implementation of initiatives to reduce the attack surface (Hardening);Assist in implementing a security baseline and process for asset security management;Assist in the development of technology to integrate different data sources with the aim of active security management without installing additional agents;Development of scripts and tools to assist in automation and security improvements (Python);Be a point of contact and provide consultative support on best security practices for the times;Analysis of security requirements in new tools, projects and functionalities;Threat modeling;Assistance in spreading the Cybersecurity culture and implementing standards such as Security and Privacy by Design; Show less

• 

  Neon

  Apr 2024 - now

  SR Information Security Analyst

  Information Security Architecture and Engineering Analyst (Blue Team) with experience in leading strategic projects and implementing security controls. Key achievements:Led the complete restructuring of the WAF solution, including:- Analysis and optimization of inbound web traffic- Development of custom protection rules- Implementation of advanced security mechanisms- Risk-based and user journey-based prioritizationArchitected and implemented corporate data protection project, covering:- Implementation of DLP and CASB controls- Development of information classification process- Creation of incident response playbooks- Alignment with stakeholders and process documentation- Operationalization of data leak monitoringDeveloped automations and implemented security controls through:- Creation of Python and PowerShell scripts for security control automation- Implementation of hardening via Ansible and Python- Development and management of GPOs for security strengthening- Automation of compliance and audit processes- Creation of custom scripts for asset discovery and inventoryActively participated in the implementation of Privileged Access Management (PAM) solution, establishing privileged access policies and controls- Developed risk assessment framework for new projects and software, acting as security consultant for development teams- Manage and optimize critical security solutions (EDR, DLP, CASB, WAF), ensuring adherence to best practices- Contributed to Cloud Security strategy through stakeholder alignment and remediation of vulnerabilities found in CSPMTechnologies and Tools: WAF, PAM, DLP, CASB, EDR, CSPM, Cloud Security, Python, PowerShell, Ansible, GPO, Hardening, Blue Team, Risk Analysis Show less