Marcus V.UX Designer
Skills
Professional specialization in IT and Information Security has transitioned towards Software Development and DevSecOps, with an emphasis on mastering key market technologies and programming languages such as ReactJS, NodeJS, Angular, among others, supported by real-world project experience. Early programming knowledge includes languages such as C, C++, Java, JavaScript, LaTeX, PHP, Python, Ruby, SQL, and Shell Scripting.
Career commenced in 2016 in Help Desk and Technical Support roles. Between 2017 and 2018, expanded expertise into disaster recovery management using LTO tape backups and Backup Exec, and initiated an interest in Information Security through anti-malware activities, leveraging advanced machine learning tools. Additionally, active participation in IT and Information Security community events enhanced professional growth during this period.
Since 2019, involvement in various projects has encompassed web applications, mobile apps, and computer networks with a primary focus on security analysis, penetration testing, and secure code analysis across diverse product sectors. Experience in infrastructure has been fortified with risk mitigation projects employing server hardening techniques on Linux servers, primarily using open-source tools to reduce implementation and maintenance costs.
Recognized for a facilitative approach and adaptability to meet business needs, managing multiple projects with varied delivery profiles. Demonstrates strong analytical skills and the ability to recommend actions and solutions focused on improvements, task optimization, and cost reduction.
Information Security Analyst
4/1/2023 - 3/1/2024
Contributed to the creation of comprehensive security documentation for specialized security platforms. Conducted thorough vulnerability analysis and actively monitored projects to identify and mitigate potential threats. Engaged in various general application security (AppSec) activities, ensuring robust security measures and compliance with industry standards. Developed expertise in using security frameworks and tools relevant to application security.Information Security Analyst - Mid-Level | Red Team and AppSec
3/1/2022 - 11/1/2022
Developed and executed black box, gray box, and white box auditing and penetration testing with a strong emphasis on mobile application security. Led phishing projects utilizing Gophish, recognized as a premier phishing framework in the IT market. Conducted static and dynamic code analyses and reviews specifically for mobile applications. Compiled comprehensive vulnerability reports detailing descriptions, classifications conforming to security standards such as PCI-DSS, ISO 27001 and 27002, and OWASP, accompanied by evidence linking exploitation methods, solution recommendations, and references for vulnerability mitigation.
Performed technical and executive reviews of security reports and facilitated security discussions with the security team concerning penetration testing outcomes. Authored security documentation and spearheaded the implementation of security process improvements, also developing new security processes where necessary. Engaged in AppSec activities using top-tier frameworks within the IT industry and implemented agile methodologies within the security team's operations, enhancing overall workflow and efficiency.Information Security Analyst Junior | AppSec
12/1/2021 - 3/1/2022
Developed proficiency in application security (AppSec) activities utilizing leading IT frameworks. Engaged in detailed meetings and project discussions with security architects and developers, contributing to project planning and threat modeling. Provided critical assistance to developers in identifying and resolving security vulnerabilities. Managed software projects comprehensively, overseeing their complete development cycle. Specialized in vulnerability management using AppSec Flow.Information Security Technician | Red Team
6/1/2020 - 9/1/2021
Developed expertise in black box, gray box, and white box auditing and penetration testing; conducted extensive pentesting on web and mobile applications. Executed phishing projects and implemented social engineering strategies. Performed code review through dynamic and static analysis of mobile applications. Created comprehensive security reports detailing descriptions, classifications using PCI-DSS, ISO 27001, ISO 27002, and OWASP standards, evidence of exploitation methods, recommendations for remediation, and reference materials to aid in vulnerability mitigation. Conducted technical and executive reviews of security reports.Junior Information Security Analyst
5/1/2019 - 5/1/2020
Accomplished security audits through black-box and white-box analyses. Conducted penetration testing for Web applications, including those with mobile architectures. Performed static and dynamic code analysis on mobile applications. Created detailed vulnerability reports, providing descriptions and classifications aligned with security standards such as PCI-DSS, ISO 27001, ISO 27002, and OWASP. Included in the reports were methods of exploitation, solution recommendations, and references to assist in mitigating vulnerabilities. Provided both technical and executive reviews of project reports.Jr IT Analyst
2/1/2018 - 3/1/2019
Utilized various SAP Logon R3 transaction modules to streamline administrative and executive operations. Managed mobile, fixed-line, and internet telephony accounts effectively. Spearheaded the procurement of corporate technological assets, thereby equipping the corporation with essential operational tools. Implemented disaster and natural catastrophe control measures through LTO tape backups. Enhanced security by mitigating failures with antivirus software. Delivered comprehensive technical support and Help Desk services to users. Administered and managed over 200 mobile devices efficiently. Oversaw the installation, configuration, maintenance, and management of multifunctional printer services. Assembled corporate workstations and performed installations of operating systems and complementary software to ensure seamless operational continuity.
Computer Science at Carioca University Center
2016 - 2024
Ignite - Rocketseat at Rocketseat
12/1/2023Network Security Specialist Certification at ICSI (International CyberSecurity Institute), UK
5/1/2020Ethical Hacking: Command and Control at GoHacking
4/1/2020Cisco Network Operation and Management Course at Cisco Networking Academy
3/1/2020Computer Networks Security Course at SegInfoBrasil
1/1/2020Worksec 2019 - Online Information Security Workshop at Congresso de TI
12/1/2018
Marcus is available for hire
Hire Marcus V.
All Howdy Candidates are vetted for skills and english proficiency.
