Experience

• 

  Citi

  Apr 2004 - Jan 2008

  Database architect oracle/sql server

  Responsible for the development and architecture of clustering projects for mission-critical SPB systems on Unix AIX with GPFS and DBM for Citifinancial and CitiGroup Brasil;Management of incidents/problems of high criticality and financial impact;Creation of high availability RAC 10g projects with Data Guard;Management of Physical and Logical Backup/Recovery processes with and without RMAN andHardware Backup (BCV) and/or SRDF;Grouping of mission-critical environments;Implementation of Grid Control and Agents to enable monitoring of Oracle databases;Definition of security policies for access to Databases;Responsible for all database infrastructure projects;Focus on Performance and Tuning of Databases and Java Web Applications; Show less

• 

  Tim

  Jan 2008 - Aug 2008

  Database architect oracle/sql server

  Responsible for the availability of Production Bases in operating systems (Unix AIX/HPUX and Sun Solaris, Linux and Windows);Database Administration in versions 7,8i,9i and 10g; Single node migrations to RAC 10g on Red Hat Linux;Management of highly critical problems and escalation of sev 1 tickets with Oracle;Migration of the 62Tb DW to a new architecture (EMC DMX4000 Operating System and Storage);Responsible for migrating the prepaid core system (Billing); Creation of RAC 10g high availability projects with Data Guard;Support for the DBA team in escalating severity 1 tickets at Oracle; Management of Backup/Recover (BCV) and/or SRDF processes;Application of security policies for access to Databases;Analysis and partitioning solutions for complex objects, using composite partition;Implementation Advanced replication (Oracle Streams /Advanced Queue);Focus on Database and application tuning, reducing batch process time and hardware consumption; Show less

• 

  Editora globo

  Sept 2008 - Dec 2012

  Data & analytics manager

  Managed multidisciplinary teams of Database, BI, DBM and Back End Development (Java) teams, supporting the operation (On Going) and back end project team;Planning the area's budget and defining investment strategy;Interface between business and IT areas, aiming to leverage business in specific BI campaigns;Totvs corporate system management and integrations;Management of SLA's aiming at continuous improvement in service between areas;I identified and implemented several points of improvement in processes carried out in the infrastructure that brought infrastructure cost reductions and improved performance;Constant interface with Financial, controlling, Marketing and Purchasing business areas, aiming to identify problems and possible business solutions;Reporting directly to CFO Fabio Amato; Show less

• 

  Natura

  Jan 2013 - Oct 2017

  Data security lead it

  Data Security focal point in the Hardware Consolidation project during the infrastructure transition and HP x Natura Systems Support; Team Leader/Architect (Hands-On) responsible for the entire setup of the consolidation project Natura servers, using Oracle Database, Weblogic and SOA architecture, including mission-critical SAP databases for 24 x 7 invoices; Responsible for Data Security projects, including Data Masking, Audit Vault, and hardening processes on Database servers and OIM identity management;Management of AWS and OCI multi-cloud environments; Active participation in the DR project, including the entire impact assessment process on the business (BIA) and design of the suggested architecture with suppliers (Oracle, Microsoft and AWS); Support in risk analysis processes during configuration item changes (servers/Storage), analysis of critical incidents with high impact on the business; IAM - Analysis and corrections of users, access groups and permissions, meeting internal/external audit demands; Show less

• 

  Universidade cidade de são paulo

  Nov 2017 - Sept 2021

  Sr. cyber security & cloud infrastructure operations manager

  Responsible for remodeling the Cloud Infrastructure and Cyber Security area, implementing and fostering the DevSecOps culture with a focus on infrastructure automation (IAC) and security, aiming for continuous integration with the areas of development, observability, infrastructure and Security.Leadership of teams with more than 45 professionals, projects, contracts, suppliers, partners and budget in the Security and Infrastructure area;Change and Incident Management with a focus on root cause resolution; Responsible for the process of preparing and adapting compliance and governance in Bovespa CSED3 Pre-IPO processes and internal/external audits;Main projects:- Development and implementation of the Strategic Security Plan;- Migration of MultiCloud environments (AWS, GCP) IaaS, PaaS and SaaS;- Management and implementation of the DRP and BCP project;- Third Party Risk Management (TPRM);- Implementation and development of policies and governance on Vulnerability Management and hardening;- Definitions and compliance strategy for SaaS Application and federations;- Implementation of Security projects, IAM, Firewall Migrations, Implementation of WAF, Data Security, CSPM, CWPP, SAST and DAST; Show less

• 

  Unico idtech

  Sept 2021 - Oct 2022

  Sr. staff cloud security

  Leadership in the Security area for multicloud environments, promoting an information security culture.Implementation of DLP/CASB projects, Cloud x SIEM Events Integration, Cloud Armor /LB, WAF and Security Command Center;Development of reports on Gap Analysis and generation of Cloud Security indicators; Knowledge of agile methodologies and secure development cycle (DevSecOps / SSDLC) and CI/CD pipelines;Implementation of code validation processes, static (SAST) and dynamic (DAST) security analysis;Leadership of Identity Automation and Management (IAM) projects;Creation of Risk Dashboards/KPIs in conjunction with the Vulnerability and Risk Management areas;Main projects:- Implementation of Security controls and quality gates for Kubernetes workloads (Istio/Service Mesh), RBAC, Network Police and Firewall Rules;- Responsible for developing IAM cloud access management (Workgroups, RBAC, BDAC);- Definitions and compliance strategy for SaaS Application federations;- Responsible for the Data Security project, including the implementation of DLP and security definitions;- Creation of Security Policies and Operational Procedures;- Cloud Armor and Security Control Center integration with SIEM; Show less

• 

  Santander brasil

  Oct 2022 - Nov 2024

  Sr. cyber security manager

  Senior Leadership of the Cloud Security Operations and Cloud Security Engineering area of Grupo Santander Brasil. Developing and implementing regional and global security and compliance standards for Public Cloud environments (Azure, AWS and GCP). Actively participating in projects Cyber/Cloud Security, such as Zero Trust, Data Security, Cloud Security, IAM, SaaS Security, DevSecOps and Governance aimed at risk reduction, remediation and operational automation in mission-critical environments. Strategically leading correction processes related to non-conformities to meet CMN 4,893 regulatory requirements and providing guidance for preparing audits (internal and external);Main projects:- Responsible for the CWPP Cloud Workload Protection Platform implementation project for Multicloud environments with critical workload for more than 1200 nodes in Brazil, being the largest OpenShift cluster in Latin America. Definition of policies, deployment strategies, definition of use cases and integrations with SIEM, troubleshooting and risk analysis related to kubernetes environments (AKS/EKS and OpenShift);- Leading rollout of the new CNAPP and development and customization of regional rules (LATAM);- Responsible for the API Security project for critical platforms with API gateway (Apigee), supporting more than 1 billion monthly requests, serving integrations with APIs, workflow and Indicators;- Responsible for defining and implementing global security standards in multicloud environments, including creating policies as code, aiming for scalability of global teams;- Responsible for the CSPM project with a Global scale, interactions with teams from Spain and USA;- Definitions and compliance strategy for SaaS Application federations;- Third Party Risk Management (TPRM); - IAM/CIEM Identity Governance and Operations (RBAC);- Governance and Operation of CSPM/CNAPP/CIEM;- Reporting to the Executive Director; Show less

• 

  Cielo

  Nov 2024 - now

  Executive cyber security manager

  Gerente Executivo de Cibersegurança