Cyber Security Specialist - [ 03/2025 - Current ]

Vodafone

System and Network Architectures

I conduct in-depth security reviews for enterprise projects, ensuring compliance with more than 180 security controls before applications reach production. These assessments cover identity and access management, user and account hygiene, data protection, logging and monitoring, APIs, cloud infrastructure, as well as web and mobile platforms. I collaborate with architects, developers, and engineering teams to validate security-by-design principles, identify risks, and propose practical mitigation strategies. By aligning projects with internal policies and industry standards, I help safeguard critical systems, reduce vulnerabilities, and support the secure adoption of new technologies.

IT Security Consultant - [ 06/2023 - 01/2025 ] - Lisbon

Capgemini Engineering - Client: Telecommunications company

Cybersecurity Analyst | Incident Handler & Investigation & Response | Cybersecurity in IT Team

I have gained valuable experience in cybersecurity while working as part of a Managed Detection and Response (MDR) team. My main responsibilities include monitoring and investigating security incidents using various cybersecurity tools. I also evaluate cybersecurity solutions like EPP, EDR, XDR, email security, and password management. Additionally, I lead internal phishing campaigns to improve security awareness in the organization.
I have implemented key projects such as the Keeper Password Manager and AnyDesk to enhance security and operational efficiency. Furthermore, I have served as the administrator for several critical security tools, including Darktrace, KnowBe4, SafeBreach, Keeper Password Manager, and AnyDesk. These roles have involved configuration, management, and ongoing optimization to ensure our systems remain secure.
I’ve also contributed to creating a new proxy for the company and managing vulnerabilities across servers and workstations. While working closely with the team, I take initiative in supporting management projects that require cybersecurity expertise.
Working in a MDR team, I had the opportunity to work with various security tools, such as:

QRadar is a Security Information and Event Management (SIEM) system that collects and stores logs, serving as the primary tool for incident analysis. This is the most important application in incident investigation because it brings together logs from all applications.

Knowledge about the tool: 90%

Crowdstrike is a security platform used for protection against advanced threats based on artificial intelligence, providing real-time detection, prevention, and incident response. This is the Endpoint Detection Response (EDR) tool used. I gained a lot of experience using this tool carrying out research to resolve incidents and asset management.

Knowledge about the tool: 90%

Darktrace is a tool used for threat detection based on artificial intelligence that monitors and learns from network behavior to identify anomalies and potential threats. In addition to using this tool in incident investigation, I was also the administrator of this tool, creating various models and implementing new mechanisms, such as SSO.

Knowledge about the tool: 90%

Trend Vision One is an Extended Detection and Response (XDR) solution offering proactive protection against threats, also playing a crucial role in email analysis. Important tool for analysing incidents, both in terms of assets and the email environment.

Knowledge about the tool: 80%

SafeBreach is an attack simulation platform that proactively tests the effectiveness of defenses against threats and identifies potential vulnerabilities. I configured the weekly tests that were run on machines with a corporate image. When there were new threats, I took the opportunity to set up test groups to see how well our environment was protected. I was also the administrator of this application.

Knowledge about the tool: 80%

Tenable is a solution for vulnerability management in systems, identifying, assessing, and prioritizing vulnerabilities to enhance security posture. I was never responsible for vulnerability management, but I helped my colleagues several times.

Knowledge about the tool: 70%

KnowBe4 is a platform for simulating phishing attacks and providing training for users, aiming to improve resilience against social engineering threats. I created the necessary processes to carry out several phishing campaigns in the organization, as well as improving the mechanisms so that practically everything was automatic. I was also the administrator of this application

Knowledge about the tool: 100%

Microsoft Defender designed for protecting endpoints and networks. It utilizes behavioral analytics, machine learning, and threat intelligence to detect and respond to advanced cyber threats across endpoints, networks, and cloud environments like Azure. I've used this tool many times as a complement to Trend because of the flow of emails. We also had alerts related to users such as impossible travel.

Knowledge about the tool: 60%

Google Cloud Console provides features for monitoring, managing, and configuring GCP services such as Google Kubernetes Engine (GKE) clusters and APIs. Resolution of various alerts related to cloud security. I also analysed the security of various cloud projects that we were asked to do.

Knowledge about the tool: 50%

Prisma Cloud is a comprehensive cloud security platform designed to protect cloud-native applications across multiple platforms such as AWS, Azure, Google Cloud, and others. It provides features like vulnerability management, compliance monitoring, runtime protection, and threat detection to ensure the security of cloud environments. I didn't get to work on any project with this application, I just had to do some research, nothing much. I was also the administrator of this application.

Knowledge about the tool: 40%

Keeper Password Manager is a secure password management tool that helps generate, and manage passwords, as well as protect sensitive information with encryption and advanced security features. This was my first big project in the organization, I had to manage the project, I had to understand the requirements and figure out how I could achieve them. I set up several meetings involving the teams needed to create the application in the internal application and in Azure, create SSO, create a migration model between the old tool and Keeper. I also ran several training programmes for internal users and reinforced the use of Password Manager several times. I was the administrator of this application.

Knowledge about the tool: 100%

AnyDesk is a remote desktop software that enables users to securely access and control computers or devices from anywhere, allowing for efficient remote support and collaboration. After analysing the requirements for this project, I had to make a build for our users so that they can only connect to other machines and never receive connections. I was the administrator of this application.

Knowledge about the tool: 90%

Research Engineer - [ 02/2022 - 06/2023 ] - Leiria

Higher School of Technology and Management of the Polytechnic of Leiria

Full Stack Developer | Research Exchange | Security Developer | Pentester

As a Full Stack Developer at SmartSIGN S2X Research Exchange, I spearheaded the development of a sophisticated web application at managing intelligent Road Signs and Roadside Units (RSUs) by leveraging the Google Maps API. This initiative aligned with the objectives of Intelligent Transport Systems (ITS).
Furthermore, this project served as an integral part of my master's thesis, wherein comprehensive studies were conducted on security frameworks and methodologies for penetration testing. Drawing upon these insights, an application protection plan was devised, adhering to OWASP TOP 10 standards. Subsequently, a rigorous penetration testing phase was executed following the PTES methodology and the OWASP WSTG checklist to ensure robust security measures.
This experience underscores my proficiency in developing complex web applications, my adeptness with a diverse range of technologies, and my commitment to upholding stringent security standards in software development.
Key accomplishments of this endeavor include:

Developing the backend infrastructure using PHP within the Laravel framework, ensuring seamless functionality and performance.

Crafting a dynamic frontend interface utilizing Vue.js, enhancing user experience and interactivity.

Designing and implementing a robust MySQL database comprising over 200 tables to facilitate efficient data management.

Establishing an API to facilitate seamless communication between backend and frontend components, facilitating smooth data exchange and customer interaction.

Additionally, the project integrated several other technologies including HTML, CSS, Bootstrap, Google API, GIT, and Jira Software for streamlined project management.

Implementing measures aligned with the OWASP Top 10 standards fortified the application against prevalent security risks. By addressing critical vulnerabilities outlined by OWASP, such as injection flaws, broken authentication, and sensitive data exposure, the application's security posture was significantly enhanced, ensuring robust protection against common cyber threats.

Following the PTES methodology in penetration testing validated the application's security measures, identifying and fixing vulnerabilities to increase its resilience against cyber threats.

Web Developer - [ 01/2018 - 06/2018 ] - Leiria

Avalibérica

PHP | Laravel | Rest API | Java | Android

Correction of identified or known bugs in the current system.
Update of the mobile access API.
Development of the mobile application (Android) in Java.
Implementation and migration of the website frontend from Laravel to the Play framework in Java.
Implementation of a new interface for the website.

Master's in Cybersecurity and Digital Forensics - [ 09/2021 - 04/2024 ] - Leiria

Higher School of Technology and Management of the Polytechnic of Leiria

During my master's degree in cybersecurity and digital forensics, I delved into a comprehensive curriculum designed to equip me with the skills and knowledge necessary to navigate the intricate landscape of cybersecurity. I studied courses covering security of networks and computers, analysis forensics, information security policy and risk analysis, secure administration of computer systems, offensive and defensive cybersecurity, as well as management and analysis of security reports and handling computer security incidents.

Degree in Computer Engineering - Information Systems - [ 09/2018 - 07/2021 ] - Leiria

Higher School of Technology and Management of the Polytechnic of Leiria

During my degree's in Computer Engineering, I honed skills in programming (C, Java, C#, PHP, JavaScript, SQL), tackled mathematical concepts (discrete math, linear algebra, probability theory), and engaged in diverse projects covering software development, artificial intelligence, database management, system design, and network programming.

Professional Higher Technician in Computer Systems Programming - [ 09/2016 - 06/2018 ] - Leiria

Higher School of Technology and Management of the Polytechnic of Leiria

In my Professional Higher Technician program in Computer Systems Programming, I acquired foundational knowledge in programming languages such as C, Java, PHP, and JavaScript. Through this curriculum, I gained proficiency in essential programming concepts and techniques, laying the groundwork for my journey in software development.

Smart Sign Web Application - [ 02/2022 - 06/2023 ] - Leiria

Full Stack Developer | Research Exchange | Security Developer | Pentester

• I deployed a web application named "Application Web Smart Sign," developed using PHP with the Laravel framework and JavaScript with the Vue.js framework. This application serves the purpose of managing road signs and Roadside Units (RSUs) for placement in various locations. Leveraging the Google Maps API, users can efficiently interact with geographical data.
  
  Following deployment, I implemented robust security mechanisms, drawing upon the OWASP Top 10 guidelines. This included the integration of two-factor authentication (2FA) via mobile app or email, password reset functionality, protection against brute force attacks, input validation, and comprehensive logging of user authentication activities and user management operations.
  
  Subsequently, I conducted a thorough penetration test using the PTES methodology and OWASP checklist with a grey-box approach. This involved simulating real-world attack scenarios to identify and address vulnerabilities within the application. Through this process, several vulnerabilities were uncovered and promptly remediated, ensuring the application's resilience against potential cyber threats.

• 
  
  

  The thesis delves into the practical application of cybersecurity principles, including the deployment of OWASP-compliant security measures and the execution of penetration testing using the PTES methodology, to ensure the robustness and resilience of the developed web application.

  Download my Thesis

  Portuguese version only

Some projects developed during the master's degree - [ 09/2021 - 06/2022 ] - Leiria

• Configuration of Security Extensions in Database Services

  This project describes the installation, configuration, and testing of security-related extensions in two distinct database services: MySQL and MongoDB. After a description and testing of the various extensions used in the services, comparisons between the two applications in the context of security will be presented.
  This analysis aims to understand how advanced database services are regarding security, seeking authentication and auditing configurations, as well as configurations for encrypting content and communications.

  Comparative Study: Analysis of SIEM Systems

  I conducted a comparative analysis of four essential cybersecurity tools: Splunk Free, OSSIM, Securonix, and ELK Stack. This analysis is crucial as these tools play a vital role in safeguarding organizations against cyber threats. By evaluating their features, capabilities, and suitability for different organizational needs, I provided valuable insights into the strengths and weaknesses of each tool.

  Analysis of a SIEM System: Elastic Stack

  This project involved the implementation of a SIEM solution using the Elastic Stack. Multiple tests were conducted to showcase its significance in enhancing cybersecurity measures. Additionally, a comprehensive analysis was performed using RapidMiner software and Microsoft PowerBI, providing deeper insights into the effectiveness and functionality of the implemented solution. This project not only demonstrates hands-on experience with SIEM technologies but also highlights proficiency in data analysis and visualization tools.

• Digital Forensic Analysis of the Withings Health Mate App

  This project focused on evaluating security measures in the Withings Health Mate application on Android 9. Despite implementing two-factor authentication, the application was found to store data without encryption. This highlights the need for improved security practices in application development.

  Performing a pentest on a real target

  Conducted a comprehensive pentest assessment focusing on network configurations and website vulnerabilities. Employed onsite testing procedures with strict adherence to confidentiality agreements. Identified and documented vulnerabilities in wireless networks, device enumeration, and website security. Provided actionable recommendations to enhance organizational security measures. Collaborated effectively with stakeholders to ensure project objectives were met.

  Kubernetes: Installation and configuration

  This project describes the installation and configuration of the Kubernetes container orchestration system. This configuration is oriented towards administration and security, addressing topics such as clustering, container management, logging, auditing, and authentication.

UD Serra - Sports Management Platform - [ 03/2021 - 07/2021 ] - Leiria

Full Stack Developer

• The sports management platform for club employees is designed to globalize the sports world, accommodating multiple clubs and fostering interconnectivity. Its primary goal is to address the challenges faced by sports associations and clubs with limited budgets, streamlining association management.
  The coaching dossier within the application meets mandatory requirements for club federations, such as training dossiers and athlete records.
  This project involved a real client, a sports association intending to expand into a multi-club application, aiming to enhance club management and pursue federation status.
  Development considerations included scalability and client-imposed requirements. The project utilized the Laravel framework, agile methodologies, and Jira software for task and project monitoring.

• The solution successfully facilitates club, team, athlete, and coach management, along with providing a Digital Trainer Dossier for training planning and performance statistics guidance, applicable across various sports clubs and disciplines.
  The solution successfully facilitates club, team, athlete, and coach management, along with providing a Digital Trainer Dossier for training planning and performance statistics guidance, applicable across various sports clubs and disciplines.