Description

Security Operations Consultant with over seven years of experience keeping diverse environments—from legacy data centers to the cloud—locked down and running smoothly. My approach isn’t just about putting out fires, it’s about building the procedures, the infrastructure and the automation that prevents them in the first place.

What I bring to the table:

• SecOps & Incident Response: I have extensive experience investigating alerts and managing threats across EDR, SIEM, SOAR and firewall platforms.

• Building & Documenting: I don't just build and fix things, I write the "how-to" guides, incident response workflows, security policies and playbooks, so the whole team gets faster and the company compliant.

• Automation: If a task is boring and repetitive, I’ll probably write a Python script or use any means required to automate it. I’m getting into Infrastructure as Code and making life easier through tooling.

• Deep Dives: I have an interest for malware—my Master’s thesis was focused on how ransomware behaves and spreads.

I’m detail-oriented, deeply organized, and I’m always learning because the field never stops moving. Nothing is totally secure, everything can be exploited.

My Next Step: While I’m still hands-on engineer, my current focus is on bridging the gap between technical operations and global standards. I am actively working towards becoming a Certified ISO 27001 Lead Implementer to help organizations build security frameworks that are as strategically sound as they are technically robust.

Languages

Portuguese
Native or bilingual
English
Fluent
Spanish
Conversational
French
Basic

Workplace preferences

Can work on-site

Braga (up to 50km)

Holcim
Security Operations Consultant
December 2025 - Today (6 months)
Braga, Portugal
Network Operations Mentorship & SecOps Automation:
- Provided pos-migration support to the newly formed global network team, acting as the technical lead for troubleshooting and maintaining the Cloud/IaC environment;

- Assisted the team in Infrastructure as Code operations, helping them navigate the repositories, debug the pipelines, and maintain the infrastructure;

- Responded to daily network issues/requests, ensuring the availability of network services for global operations;

- Designed and proposed automated end-to-end certificate management architectures using AWS Certificate Manager and open-source solutions such as Let's Encrypt, to replace third-party private Certificate Authorities;

- Developed Python-based monitoring scripts integrated directly with internal alerting systems;

- Managed both external DNS (AWS Route 53) and internal DNS (Infoblox) infrastructures.
Scripting Automation Network Security automation Infra as Code AWS
The Workshop
Senior Security Operations Engineer
June 2024 - September 2024 (3 months)
Madrid, Spain
Led important initiatives to establish a Security Operations Center (SOC) by analyzing business requirements and prioritizing security needs to align with organizational goals;

Evaluated and tested multiple commercial and open-source security tools to ensure integration with SOC architecture;

Developed and improved critical documentation, including Standard Operating Procedures (SOP's), Playbooks & Workflows, and How-To guides to make risk assessment, alert investigation, and incident response more efficient;

Designed and built custom scripts to give the SecOps team better visibility into the organization's security posture, improving detection and response capabilities;

Audited configurations and policies of the security toolset to identify critical vulnerabilities, implementing remediations to harden organizational defenses;

Coordinated the SecOps team's daily efforts, guiding work priorities and making key decisions to say aligned with the company's strategic plans.
Accenture
Security Delivery Specialist
December 2022 - June 2024 (1 year and 6 months)
Madrid, Spain
Worked on a 24/7/365 team to provide continuous security monitoring services;

Remained up-to-date with the latest cyber threats, vulnerabilities, common attack methodologies, and infection vectors;

Applied a strong understanding of TCP/IP and core networking protocols to security event analysis;

Performed in-depth investigations of security events, triaging and escalating them into incidents, and managing the response using EDR technologies;

Created SQL scripts to extract useful data to provide context to security incidents while writing detailed reports for clients;

Communicated technical ideas clearly to people at all levels of the organization;

Helped build new cybersecurity services to guarantee the delivery of high-quality solutions to clients;

Developed a custom Python tool called "RetroHunt", used to scan historical data for newly discovered IOC's (threat hunting), to confirm clients weren't compromised before a vulnerability was publicly disclosed;

Built strong relationships with clients through clear communication, improving client confidence in the services provided;

Trained new team members and led onboarding programs for new clients;

Planned and managed projects, ensuring complete and proper execution.