Renan Toesqui Magalhaes
Enterprise Security Architect

Renan Toesqui Magalhaes

Staff Security Engineer | Cloud & Application Security | Zero Trust Advocate

About Me

Hello, my name is Renan. Building on a technical foundation in DevSecOps and systems administration, I have transitioned from securing critical banking infrastructure for the Brazilian Payment System (SPB) to driving enterprise security initiatives as a Staff Engineer. My trajectory has evolved from hands-on infrastructure management to leading complex, cross-functional technical strategies that bridge the gap between technical security and overarching business objectives.

My current focus is on enabling engineering teams to develop software securely by providing the necessary frameworks and tools, including a proactive AI security posture to increase development velocity. I specialize in executing the company vision by leading large-scale projects that align technical security with business goals. Central to my approach is the implementation of Zero Trust principles, ensuring that security is a seamless, resilient, and supportive part of the organization's growth. I bridge the gap between deep technical execution and GRC initiatives, such as ISO27001 and GDPR, to foster a culture where security accelerates delivery.

Core Competencies

AppSec & Security Culture

Application Security AI Security Posture Threat Modeling Security Workshops Purple Teaming Shift-Left Security

Cloud & Infrastructure

Amazon Web Services (AWS) Kubernetes (EKS) Zero Trust Architectures CI/CD Pipeline Security Infrastructure as Code Network Segmentation & WAF

GRC & Compliance

ISO 27001 Certification GDPR Compliance Security Audits Disaster Recovery (DR) ITIL & COBIT

SysAdmin & Engineering

Linux Administration Python Programming Shell Scripting Monitoring (Prometheus/Grafana) Log Aggregation (ELK)
Click on any capability badge above to filter corresponding professional experiences and projects!

Professional Journey

SoSafe GmbH

January 2022 - Present
July 2025 - Present

Staff Security Engineer | Cloud & Application Security | Zero Trust Advocate

"Cyber Security Awareness"
  • GRC & Compliance: Support the company through certification processes, specifically focusing on ISO27001 standards and facilitating responses to GDPR requirements.
  • Security Coordination: Act as a technical reference for the company’s security landscape, coordinating with different departments to align security initiatives with business goals.
  • AI & AppSec Posture: Develop frameworks for AI security posture to help engineers utilize AI tools safely and efficiently in their development workflows.
  • Infrastructure Strategy: Contribute to the design and implementation of zero-trust security models to enhance organizational resilience.
ISO27001 GDPR AI Security AppSec Zero Trust AWS Threat Modeling Security Workshops Shift-Left Security IaC Network Segmentation & WAF Python Security Audits Shell Scripting
July 2022 - July 2025

Senior Security Engineer

"Cyber Security Awareness"
  • Security Automation & Infrastructure: Optimized AWS security pipelines by integrating automated security gates and validation testing to standardize product security across the development lifecycle.
  • Scalable Security Services: Designed and deployed internal security services and processes to reduce manual overhead and improve organizational response to threats.
  • Compliance & Posture Management: Managed continuous security assessments and environment hardening to ensure ongoing adherence to ISO27001 and GDPR standards.
  • Strategic Advisory: Partnered with executive leadership to provide technical cost-benefit analyses, ensuring security tooling investments aligned with budgetary and business goals.
  • Security Culture & Enablement: Facilitated security-by-design workshops for developers, shifting security responsibilities left and fostering a proactive security mindset within engineering.
  • Architectural Resilience: Promoted and integrated a Zero Trust security model to enhance infrastructure defense and minimize internal risk.
  • Cross-Functional Collaboration: Collaborated within a Purple Team framework to align offensive security findings with defensive monitoring and remediation strategies.
AWS AppSec CI/CD ISO27001 GDPR Zero Trust Purple Teaming Threat Modeling Security Workshops Shift-Left Security IaC Network Segmentation & WAF Python Security Audits Shell Scripting Monitoring Log Aggregation
January 2022 - June 2022

Senior Platform Engineer

"Cyber Security Awareness"
  • Developed and maintained a state-of-the-art, secure web platform, empowering developers to seamlessly deploy, test, and run their products.
  • Orchestrated the implementation and upkeep of features within the SoSafe platform.
  • Mentored peers and conducted workshops for developers and engineers.
  • Engaged actively in agile work processes.
  • Contributed to the design of cloud architecture and technology selection.
Platform Kubernetes AWS CI/CD IaC Threat Modeling Security Workshops Network Segmentation & WAF Python Security Audits Shell Scripting Monitoring Log Aggregation
February 2019 - December 2021

Senior DevSecOps Engineer | Cloud Infrastructure & Security Automation

X-SENSORS GmbH / Ainda.ai

"Industry 4.0"

As the founder architect for the organization’s cloud presence, I drove the end-to-end design and execution of a scalable infrastructure that supported dozens of engineers in a high-growth startup environment. I managed the transition from initial concept to a production-ready ecosystem, focusing on closing critical security and systems gaps.

  • Oversaw processes including Cloud Architecture, CI/CD integration with tools like Jira, GIT, Jenkins, EKS, Keel.sh, and Slack.
  • Implemented robust security policies, including WAF, LoadBalancers, GeoIP, and Behavior Analysis.
  • Set up comprehensive monitoring systems using Zabbix, Grafana, and Prometheus.
  • Executed system hardening by applying best practices for image building and testing.
  • Designed and managed data pipelines, encompassing streaming, Apache Nifi, MQTT, OPC-UA, data lakes, warehouses, marts, and IoT.
  • Configured log aggregation (ELK) and established network segmentation using Zero-Trust policies.
  • Developed custom backup solutions integrated with AWS S3.
  • Architected distributed microservices systems using Kubernetes orchestration and defined disaster recovery management solutions, including test planning and post-test lifecycle recovery.
AWS Kubernetes (EKS) CI/CD WAF Zero Trust Monitoring ELK Python Shell IaC Security Workshops
March 2018 - February 2019

Senior Cloud & DevOps Engineer | Kubernetes & AWS Specialist

CreativeDrive

"Veni, vidi, vici"

Main driver behind the migration of the entire on-premises infrastructure to AWS Cloud, managing a vast network of servers across both public and private data centers globally.

  • Implemented distributed systems using Kubernetes orchestration and microservices.
  • Streamlined continuous integration and delivery with state-of-the-art tools such as Jenkins and CircleCI.
  • Prioritized cybersecurity, ensuring the implementation of security best practices throughout the infrastructure.
  • Orchestrated and deployed services exclusively on Amazon Web Services (AWS).
  • Devised comprehensive disaster recovery management strategies, encompassing detailed test planning, post-test vulnerability analysis, and full recovery lifecycle oversight.
AWS Kubernetes CI/CD AppSec Disaster Recovery IaC Network Segmentation & WAF Python Shell Scripting
February 2015 - February 2018

Infrastructure & Systems Engineer | Linux & Windows Administration | Network & Security Operations

Cresol Confederação

"Together We're Strong"

Played a pivotal role in managing intricate projects in collaboration with multiple partners, integrating Cresol into the Brazilian financial system.

  • Deployment, maintenance, and debugging of the system in a Jboss environment.
  • Automation of routine tasks to enhance efficiency and executed comprehensive log analysis to ensure system integrity.
  • Conducting benchmarks to evaluate and optimize system performance.
  • Expert administration of Linux systems, specifically RedHat and Debian.
Linux (RedHat/Debian) Automation Log Analysis Benchmarking Network Security ITIL & COBIT Python Shell Scripting
April 2014 - February 2015

IT Infrastructure Analyst | Network Administration & Backup Solutions

Baia Sul Hospital

"Our biggest concern is life"

Entrusted with the comprehensive management of the hospital's IT infrastructure, leading a dedicated team of three professionals in a predominantly Windows server environment.

  • Introduced and integrated open-source tools, implementing various Linux services for enhanced monitoring and management of the tech infrastructure.
  • Successfully implemented an audit system, bolstering the hospital's data integrity and compliance.
Linux Services IT Infrastructure Security Audit Network Management Shell Scripting

Selected Open Source & Projects

Security Labs

"Advanced security research & offensive engineering"

A dedicated fork from the RTM project, Security Labs narrows its focus exclusively on security topics, vulnerability testing, and educational cyber defense discussions.

AppSec Education Security Research

RTM PROJECT

"A knowledge database for everyone"

The RTM project stems from a personal aspiration. It showcases the vast knowledge amassed throughout my sysadmin and cloud security journey, structured as a public open-source knowledge database.

Knowledge Base Sysadmin Documentation

WORKSTATION

"My full environment"

An Automated configuration framework to build and configure a full working Unix environment from scratch. Features customized environment hardening, shell tweaks, and developer tooling.

Environment Build Automation Dotfiles

Education & Certifications

Academic Foundations

2017 - 2019

MBA in Information Security

Cruzeiro do Sul University

"Information security is not just a technology issue, it's a core operational resilience driver."

Deep-dive into cryptographic architectures, TCP/IP vulnerability analysis, penetration methods, disaster recovery planning, and IT governance standard frameworks including ITIL, COBIT, and compliance auditing.

2014 - 2016

B.Sc. in Computer Networks

IES - Grande Florianópolis

"Connecting systems securely while scaling for future growth."

Focused on network design engineering, physical and logical protocols configuration, high-performance cloud virtualization topologies, operational security frameworks, and traffic simulation testing.

Professional Credentials

AWS Certified Security - Specialty

Amazon Web Services (AWS)
Issued Jul 2023 · Expires Jul 2026 | ID: XFY8P14CVJRQ1ZS8

Practical API Hacking

TCM Security
Issued May 2023 | ID: cert_w9fs0npm

Certified Entry-Level Python Programmer

Python Institute [PCEP-30-01]
Issued Sep 2022

Dynamic Presenter

Body Talk
Issued Aug 2024 | ID: 346

Scrum Foundation Professional (SFPC)

Certiprof
ID: 31064901

DevOps Essentials Professional (DEPC)

Certiprof
ID: 31064335

Complete SQL

Softblue Cursos Online
ID: 110642146BE3

Microsoft Windows Server 2003

Fundação Bradesco
ID: B997FD43-6BD1-4AC7-B447-52CC643B3085

Strategic IT Management - ITIL

Fundação Bradesco
ID: 2E0AF8C2-5E52-4082-829B-85B94697B5BF

Hobbies & Personal Interests

Biking
Gaming
Reading Graphic Novels
Martial Arts