e
elma_security

Rodrigo S.

@elma_security

DevSecOps and ASPM Specialist ISO 27001 and GDPR Auditor

Brésil
Anglais, Portugais
Certaines informations sont présentées en anglais.
À propos de moi
I bridge the gap between hard engineering and corporate compliance. As a DevSecOps and AppSec specialist, I deploy automated ASPM (Application Security Posture Management) orchestration to analyze source code and infrastructure-as-code before production. My focus is converting complex technical vulnerabilities (SAST/SCA) into actionable remediation patches and clear compliance mapping (ISO 27001, GDPR, LGPD). I help startups and enterprise clients secure their software supply chains, protect cloud infrastructure, and mitigate financial or regulatory risks effectively.... Plus d’infos

Compétences

e
elma_security
Rodrigo S.
hors ligne • 

Voir mes services

Évaluation des risques
I will perform a complete secure code review, sast and dast vulnerability scan
De250 $US / projetPlus de détails
Conseil DevOps
I will do scan your source code for security vulnerabilities and exposed API keys
De30 $US / projetPlus de détails

Portfolio

Expérience professionnelle

Self_Employed

Self Employed

Indépendant • 4 yrs 7 mos

Application Security (AppSec) & DevSecOps Engineer

Mar 2024 - Present2 yrs 3 mos

Engineered automated DevSecOps pipelines integrating SAST, DAST, and SCA (SBOM). Built autonomous AI tools to scan codebases, detect critical vulnerabilities (SQLi, XSS, Secret Leaks), and block high-risk CI/CD deployments. Specialized in securing APIs, Docker containers, and cloud infrastructure using custom Python automation.

Cyber Security Auditor & Automation Specialist

Feb 2024 - Present2 yrs 4 mos

Conducted automated vulnerability assessments and compliance audits (ISO 27001) for enterprise software. Developed custom Python-based Application Security Posture Management (ASPM) tools to analyze Git repositories and generate executive security reports with exact CVSS v3 scoring and cryptographic integrity validation.