Looking for a job

Paschoal Diniz

@paschoaldiniz

Message

DevSecOps & AppSec engineer delivering secure SDLC, hardened pipelines, and AI automation.

Brazil

Message

What I'm looking for

I’m looking to help teams ship fast with security by design—building secure SDLC, threat modeling, and automated testing in CI/CD, plus practical cloud/IaC hardening and AI-assisted workflow automation (without compromising security).

I’m an Application Security and DevSecOps engineer with 20+ years in IT and 15+ dedicated to cybersecurity. I’ve designed and managed AppSec programs based on OWASP SAMM, secured CI/CD pipelines for a major European telecom (MEO/Altice Portugal), and operated large-scale environments of 400+ servers and 20,000+ workstations under ISO 27001/ITIL governance.

I’m hands-on across the full secure SDLC—threat modeling, secure code review, and security testing with SAST/DAST/SCA/IaC automation—plus cloud security and infrastructure as code. As an independent consultant (AI Servers), I deliver secure cloud infrastructure, DevSecOps, and AI automation; I designed and operate Post4All end-to-end, harden delivery pipelines with automated security testing, and build AI-based workflow automations with n8n and LLM tooling while keeping security firmly “baked in.”

Experience

Work history, roles, and key accomplishments

Current

DevSecOps & AI Consultant

Current

AI Servers

Aug 2023 - Present (2 years 10 months)

Delivered end-to-end secure SDLC for Post4All social-media SaaS, implementing threat modeling and production DevSecOps across AWS/Azure/OCI with Terraform and container orchestration. Hardened CI/CD pipelines with automated security testing and Cloudflare Zero Trust/WAF, and built LLM-assisted workflow automations using n8n.

Terraform AWS Azure OCI Docker Swarm Traefik Gitlab CI N8n

Application Security Consultant

Conviso

Oct 2022 - Aug 2024 (1 year 10 months)

Created and managed client AppSec programs using OWASP SAMM to assess maturity, define action plans, and track improvement over time. Conducted threat modeling, security architecture reviews, and secure code reviews in Java and JavaScript, integrating SCA/SAST/DAST/IaC scanning into client CI/CD pipelines and leading Security Champions training.

OWASP SAMM Threat Modeling Secure Code Review Java JavaScript SCA SAST DAST IaC Scanning CI CD Security Integration Security Architecture Review

Independent ICT Consultant

Dec 2012 - Oct 2022 (9 years 10 months)

Delivered DevSecOps and security for MEO Telecom (Altice Portugal), securing automated CI/CD pipelines and implementing SCA/SAST/DAST testing (SonarQube, OWASP ZAP, Dependency-Check, TruffleHog) plus WAF protections. Managed Linux and Windows server estates, virtualization (VMware/Hyper-V/Proxmox), and monitoring stacks (Nagios, Grafana, Loki).

CI CD Security SCA SAST DAST SonarQube OWASP ZAP TruffleHog WAF Linux Windows Administration

Cybersecurity Analyst

ISH Tecnologia

Jan 2010 - Sep 2012 (2 years 8 months)

Protected a government environment of 200+ servers and 20,000 workstations by managing Juniper IDS/IPS and VPN, Symantec Endpoint Protection and Mail Security, Linux iptables firewalls, and HAProxy load balancing. Performed vulnerability assessments and penetration testing with Nmap, Metasploit, SQLMap, Wireshark, and Snort, producing remediation reports to improve security posture.