You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Gustavo MarinhoGM

Gustavo Marinho

Mobile DevSecOps Engineer | Flutter Security

€400/day
Valencia, ES
3-7 years
Flutter
Dart
DevSecOps
Cybersecurity
Android

Average response time: 1 hour

About Gustavo

Elevating Mobile Engineering with Enterprise-Grade Security

I help European enterprises build, scale, and secure high-performance cross-platform applications. As a DevSecMobile Engineer, I bridge the gap between seamless Flutter/Dart development and stringent cybersecurity standards, including GDPR, ISO 27001, and NIST.

In a market saturated with rapid-bootcamp coders, I bring the rigorous, structural mindset of a formally trained engineer. Holding a Master's degree in Cybersecurity and a Bachelor's in Engineering, I don't just build beautiful user interfaces—I architect secure systems from the ground up. My hands-on background in SOC operations, vulnerability testing, and applied cryptography allows me to shift security "left" seamlessly into the mobile development lifecycle.

Core Deliverables & Freelance Services:

• Secure Mobile Architecture: End-to-end development of robust Flutter/Dart applications utilizing Clean Architecture, MVVM, and reactive programming to separate UI logic from business rules.
• DevSecOps Integration: Engineering highly automated CI/CD pipelines (e.g., GitHub Actions) embedding SAST/SCA (Snyk) and automated mobile security framework assessments (MobSF).
• Proactive Threat Mitigation: Hardening mobile applications against critical vulnerabilities (SQLi, XSS, CSRF) and implementing secure, encrypted API communications.
• Code Auditing & Quality Assurance: Upgrading existing codebases, refactoring for long-term maintainability, and ensuring continuous inspection with tools like SonarQube.

Whether you need an architect to build a secure enterprise application from scratch or an engineer to harden and modernize an existing mobile infrastructure, I provide the exact specialization required to protect your users and deliver a flawless technical product.

  • Portuguese

    Native or bilingual

  • English

    Conversational

  • Spanish

    Conversational

Remote only
Primarily works remotely

Experience

  • Independent / Freelance Project
    DevSecMobile Engineer & Architect
    SOFTWARE PUBLISHING
    February 2026 - Today (4 months)
    Valencia, Spain
    Architected, developed, and launched a secure, reactive mobile application from the ground up, implementing enterprise-grade security standards and a complete DevSecOps pipeline.

    Key Responsibilities & Deliverables:

    • Secure Architecture: Designed a highly maintainable and scalable mobile architecture utilizing MVVM, reactive programming, and clean dependency injection to separate UI logic from business rules.

    • DevSecOps Pipeline: Engineered a robust 4-stage CI/CD pipeline using GitHub Actions to automate testing, build, and security deployments.

    • Vulnerability Mitigation: Integrated Static Application Security Testing (SAST) and Software Composition Analysis (SCA) via Snyk to proactively identify and resolve vulnerabilities.

    • Continuous Security: Implemented automated mobile security assessments utilizing MobSF (Mobile Security Framework) to guarantee application integrity prior to deployment.

    • Quality Assurance: Ensured code stability and strict adherence to Clean Code practices through comprehensive unit testing and Detekt integration.
    DevSecOps Cybersecurity Android CI/CD Kotlin
  • Fundação para os Estudos e Formação nas Autarquias Locais - FEFAL
    Cybersecurity Engineer - DevSecOps & Automation
    SOFTWARE PUBLISHING
    July 2025 - September 2025 (2 months)
    Coimbra, Portugal
    Engineered automated security solutions and conducted comprehensive vulnerability assessments, embedding privacy-by-design into development workflows.

    Key Responsibilities & Deliverables:
    • Security Automation: Developed secure Python automation scripts for structured data extraction, strictly enforcing GDPR compliance and data privacy standards.
    • Vulnerability Testing: Executed advanced automated mapping and manual penetration testing utilizing industry-standard tools (OWASP ZAP, Burp Suite) to identify and mitigate critical web and API vulnerabilities.
    • DevSecOps Integration: Advocated for and applied secure coding practices, demonstrating how to shift security left in the software development lifecycle.
  • SOLOCAP Geotecnologia Rodoviaria
    Security Analyst & SOC Operations
    SOFTWARE PUBLISHING
    March 2022 - June 2024 (2 years and 3 months)
    Belo Horizonte, Brazil
    Managed proactive threat detection and enterprise infrastructure security, aligning operations with stringent international security frameworks (ISO 27001, NIST).

    Key Responsibilities & Deliverables:
    • Threat Detection & SIEM: Monitored, analyzed, and escalated critical security incidents using Splunk Enterprise, significantly reducing mean time to detect (MTTD) potential breaches.
    • Vulnerability Management: Executed rigorous periodic vulnerability scans across enterprise systems to proactively identify weaknesses and reduce the corporate attack surface.
    • Enterprise Infrastructure: Managed secure OS deployments, Active Directory/GPOs, and network configurations, ensuring all architectures adhered to zero-trust principles and compliance requirements.
    • Incident Escalation: Acted as a primary line of defense in Security Operations, correlating logs and network traffic to identify anomalous behavior and secure corporate assets.

Recommendations

Be the first to recommend Gustavo

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • MSc in Software Engineering - Cybersecurity
    University of Coimbra
    2026
    Formally trained in advanced software engineering and enterprise security architecture. All academic coursework and credits completed; currently finalizing thesis for defense. Academic Focus & Achievements: • Thesis: DevSecOps — Researching and developing methodologies for automated vulnerability detection and secure code patch generation utilizing GenAI. • Core Competencies: Secure Software Development, Applied Cryptography (PKI, RSA), Network Defense Architecture, and Intrusion Detection Systems.
  • Postgraduate in Information Technology (Infrastructure)
    Faculdade Iguaçu
    2023
    Specialized in IT infrastructure, establishing a rigorous technical foundation in system architecture, network configurations, and enterprise deployment environments. This infrastructure expertise directly informs and strengthens my current DevOps and CI/CD pipeline engineering.
Check out Gustavo's education

Skill set

Kotlin
Application Security
software architect
CI/CD
GitHub Actions
Snyk
OWASP
MobSF

Categories