Open to opportunities

Allan User

@all4n

Message

Security Engineer driving multi-cloud security with automation and SIEM engineering.

Brazil

Message

What I'm looking for

I’m looking to strengthen multi-cloud security through automation and AI-enabled triage, with strong SOC/SIEM engineering. I want a team that values secure-by-design, fast detection/response, and measurable risk reduction.

I’m a Security Engineer with 2+ years of hands-on experience in Cloud Security, Blue Team operations, and Security Engineering. I strengthen cloud security posture across AWS, Azure, and GCP by building security automations and optimizing detection and response through SIEM engineering.

I’ve helped reduce incident response times from hours to minutes by improving alert fidelity and decreasing analyst workload. I built an AI-driven phishing analysis automation that reduced email triage time from hours to minutes, and I integrated AI-based analysis (AWS Bedrock + DeepSeek) into ticket workﬂows to speed triage decisions with contextual recommendations.

In daily SOC work, I manage SIEM operations, including alert triage, log analysis, detection rule tuning, incident reporting, and threat hunting. I also developed over 30 custom SIEM use cases and tuned log parsing to reduce false positives, while automating SOC ticket enrichment using threat intelligence sources like AbuseIPDB and VirusTotal.

I care about secure-by-design across the full security lifecycle, from identity to endpoint and governance. I’ve supported ISO 27001, SOC 2, and Cyber Essentials compliance with control implementation and audit evidence, managed IAM via Okta and Google Workspace, improved CSPM on AWS, administered MDM platforms, and even built a full-scale VPN solution from the ground up—plus ongoing vulnerability-focused research through bug bounty work.

Experience

Work history, roles, and key accomplishments

Current

Security Engineer

Current

Rocket Chat

Dec 2025 - Present (6 months)

Managed enterprise IAM operations (Okta, Google Workspace) and built a VPN solution from the ground up with access management, backups, and security hardening. Improved AWS cloud security posture with CSPM, administered MDM compliance, and developed AI-driven phishing analysis that reduced email triage time from hours to minutes.

IAM Google Workspace MDM Administration SIEM & Blue Team Operations Log Analysis Incident Response

Cybersecurity Analyst

Compass UOL

May 2024 - Nov 2025 (1 year 6 months)

Investigated, responded to, and escalated security incidents across AWS, Azure, and GCP while improving multi-cloud vulnerability remediation workflows. Built and tuned SIEM detections (30+ use cases) and automated SOC enrichment and response, including AWS Lambda blocks for malicious WAF IPs that reduced response times by over 90%.

Incident Response Vulnerability Management SIEM Engineering Trend Micro Conformity Trend Vision One AWS Lambda AI Assisted Triage (Bedrock

Cloud Security Intern

Compass UOL

Oct 2023 - Mar 2024 (5 months)

Supported cloud security best practices in real AWS environments by working with IAM and secure architecture topics. Applied threat modeling, risk assessment, and defense strategies to cloud-native applications to strengthen overall security design.

AWS IAM Cloud Networking Security Architecture Threat Modeling Risk Assessment Defense In Depth Cloud Best Practices Cloud Security

IT Intern

Soﬀner Tecnologia

Feb 2022 - Oct 2023 (1 year 8 months)

Developed and deployed an intranet solution using Docker and Nextcloud, including automated backups to support data integrity and high availability. Automated synchronization of hardware and software inventory with the management platform and provided technical support to internal and external clients to resolve issues promptly.

Docker NextCloud Inventory Management Systems Administration Technical Support Data Integrity

Education

Degrees, certifications, and relevant coursework

Fatec Araraquara

Bachelor's degree in Information Security, Information Security

2022 - 2024

Bachelor’s degree in Information Security at Fatec Araraquara from 2022 to 2024.

Independent Security Research

Independent Security Research, Cybersecurity

Activities and societies: Performed bug bounty research and reported vulnerabilities to DJI (Hall of Fame), as well as disclosures to HPE and IKEA (e.g., injection flaws, sensitive data exposure, default credentials, and broken access controls).

Conducted independent security research and bug bounty work to strengthen web application security and offensive security expertise.