Open to opportunities

Ronald Barbosa

@ronaldbarbosa

Message

Experienced Penetration Tester with a focus on security assessments.

Zimbabwe

Message

What I'm looking for

I seek a role that fosters collaboration and continuous learning, where I can further enhance security practices and contribute to impactful projects.

I am a Penetration Tester and Application Security Engineer with extensive experience in delivering impactful security assessments across complex environments. My journey in cybersecurity has equipped me with a proven track record in performing full-scope penetration tests on web applications, APIs, mobile platforms, infrastructure, and wireless networks. I thrive on the challenge of identifying vulnerabilities and providing actionable remediation guidance to enhance security posture.

Collaboration is at the heart of my approach. I work closely with engineering and DevOps teams to integrate security practices throughout the Software Development Lifecycle. My expertise in threat modeling, secure design, and code analysis allows me to produce clear findings that help teams mitigate real-world risks. I am passionate about continuous learning and technical excellence, and I strive to build strong relationships with both technical and non-technical stakeholders.

Experience

Work history, roles, and key accomplishments

Penetration Tester & Application Security Engineer

Wirpo

Jul 2021 - Dec 2022 (1 year 5 months)

Performed end-to-end penetration tests targeting web applications, APIs, mobile apps, and internal infrastructure, contributing to the remediation of high-impact CVEs across enterprise systems. Facilitated structured threat modeling workshops using STRIDE methodology, improving security awareness and design-level protections. Delivered hands-on guidance to development teams on secure coding, vulne

Penetration Testing Application Security API Security Mobile Security Infrastructure Security Threat Modeling Secure Coding Vulnerability Management

Information Security Analyst

Network Secure

Jan 2021 - Jun 2021 (5 months)

Monitored and triaged security events across network and endpoint systems, responding to threats in real time and supporting incident response investigations. Conducted vulnerability assessments and internal risk reviews, producing reports that informed changes to firewall configurations, access policies, and endpoint protection strategies. Collaborated with Red Team operators and SOC staff to tun

Incident Response Vulnerability Assessment Risk Management Endpoint Protection SOC Threat Detection

Senior Penetration Tester

IBLISS Digital Security

Jan 2023 - Present (2 years 6 months)

Led and executed complex penetration tests across web, mobile, API, infrastructure, and wireless environments, identifying critical vulnerabilities and delivering actionable remediation guidance. Conducted in-depth threat modeling sessions during early application design, uncovering security flaws before development and aligning recommendations with secure design principles. Collaborated with engi

Penetration Testing Application Security Mobile Security API Security Infrastructure Security Threat Modeling CI CD SDLC OWASP

Software Developer

Freelancer

Aug 2020 - Dec 2020 (4 months)

Developed custom web applications and high-performance landing pages for small businesses using React, Node.js, and Next.js, focusing on user experience and scalability. Built and deployed a full SaaS platform using Next.js, managing both front-end and back-end components and implementing SEO-friendly architecture. Created Python-based automation tools to streamline data handling, API integrations