Rafael Brinhosa - Principal Security Architect

Q: Where is Rafael based?

Rafael is based in A dos Cunhados e Maceira, Portugal .

Q: What languages does Rafael speak?

Rafael speaks the following languages: Portuguese (Native), English (Advanced), Spanish (Elementary) .

Q: How many years of experience does Rafael have?

Rafael has at least 28 years of experience. During this time, Rafael has worked in at least 12 different roles and for 12 different companies . The average length of individual experience is 2 years and 4 months . Note that Rafael may not have shared all experience and actually has more experience.

Q: What is Rafael's latest experience?

Rafael's most recent position is Principal Security Architect at Reltio .

Q: What companies has Rafael worked for in recent years?

In recent years, Rafael has worked for Reltio , Volkswagen Digital Solutions , Avaya , and Instituto Federal Catarinense .

Q: Which industries is Rafael most experienced in?

Rafael is most experienced in industries like Information Technology (IT) , Education , and Automotive . Rafael also has some experience in Banking and Finance and Healthcare .

Q: Which business areas is Rafael most experienced in?

Rafael is most experienced in business areas like Information Technology (IT) , Product Development , and Quality Assurance (QA) . Rafael also has some experience in Research and Development (R&D) and Project Management .

Q: Which industries has Rafael worked in recently?

Rafael has recently worked in industries like Education , Information Technology (IT) , and Automotive .

Q: Which business areas has Rafael worked in recently?

Rafael has recently worked in business areas like Information Technology (IT) , Research and Development (R&D) , and Project Management .

Recommended expert

A dos Cunhados e Maceira, Portugal

Experience

Oct 2023 - Present

2 years 5 months

Principal Security Architect

Reltio

Reltio Rockstar 2024.3 award winner
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains
Presented at BlackHat Arsenal 2024

Jul 2022 - Oct 2023

1 year 4 months

Portugal

Cyber Security Specialist

Volkswagen Digital Solutions

Managed CVE-2009-3036 in Symantec IM
Provided local-access cross-site scripting security guidance for critical areas of focus in cloud computing

Jul 2021 - Jul 2022

1 year 1 month

Senior Security Architect - Senior Software Engineer (Security)

Avaya

Compared LSTM and CLCNN machine learning techniques in detecting malicious requests in web attacks

Nov 2016 - Jul 2021

4 years 9 months

Araquari, Brazil

Professor & Software Engineering Manager

Instituto Federal Catarinense

Provided comprehensive instruction in information security, software development, cloud computing, scripting, project management, and related subjects for undergraduate and postgraduate programs
Led software development projects using multiple platforms and technologies such as Django, mobile, React, Vue, and GitLab, integrating cutting-edge research into practical applications

Jan 2016 - Nov 2016

11 months

United States

Senior Application Security Architect - Contractor - Global Information Security

U.S. Bank

Reported directly to the VP of Assurance & Security Consulting
Focused on application security across various platforms and technologies
Provided security consulting services to internal teams and stakeholders
Conducted web application penetration testing to assess security risks
Performed static application security testing (SAST) and dynamic application security testing (DAST) on over 50 applications to identify vulnerabilities and potential threats

Jul 2009 - Jan 2016

6 years 7 months

Senior Cybersecurity Swiss Army Knife & Information Security / Innovation Committee Coordinator

NeoGrid

Developed and implemented comprehensive information security strategies
Ensured application security across various platforms and technologies
Coordinated the information security committee
Conducted security testing to identify vulnerabilities and potential threats
Established security metrics and dashboards for monitoring and reporting
Integrated security best practices into the software development life cycle (SDLC)
Performed web application penetration testing and manual and automated penetration testing
Handled security incidents and coordinated response measures
Utilized tools such as IBM Rational AppScan and custom scripts for in-depth security assessments

Aug 2008 - Jul 2009

1 year

Senior IT Security Consultant

DELL

Conducted IT information security risk assessments to identify potential threats and vulnerabilities
Provided information security project management and guidance for over 40 projects, collaborating with a team of more than 400 developers
Performed static application security testing (SAST) and dynamic application security testing (DAST) to evaluate application security
Executed web application penetration testing to assess security risks and recommend mitigations
Offered security consulting services as a member of the red team, simulating attacks and testing the effectiveness of security measures

Aug 2005 - Jul 2008

3 years

Security Testing - Global Security Testing Board

Electronic Data Systems

Sole member in Brazil of the Global Security Testing Board
Participated in company operations prior to acquisition by HP in 2008

Jun 2005 - Aug 2005

3 months

Researcher - Part-time

Network Management Laboratory - UFSC

Conducted research on web services quality of service and network security

Feb 2004 - Oct 2004

9 months

Network Administrator

DMI - Medical Image Diagnostic Clinic

Oversaw network management to ensure efficient and secure connectivity
Administered information systems and maintained their integrity and availability
Implemented and managed firewall configurations for optimal security
Deployed and monitored intrusion prevention systems (IPS) and intrusion detection systems (IDS)
Administered web servers to ensure smooth operations and high performance
Performed server hardening on both Linux and Windows servers to enhance security and reduce vulnerabilities

Sep 2003 - Dec 2003

4 months

Voluntary Teacher

Committee for Democracy in Information Technology

Taught computer basics on a pro bono basis

Jan 1998 - Feb 2005

7 years 2 months

Co-Founder

TCSUL - South Technology and Communication

Led business development, software development, security testing, and penetration testing efforts

Industries Experience

See where this freelancer has spent most of their professional time. Longer bars indicate deeper hands-on experience, while shorter ones reflect targeted or project-based work.

Experienced in Information Technology (22 years), Education (5 years), Automotive (1.5 years), Banking and Finance (1 year), and Healthcare (0.5 years).

Information Technology

Education

Automotive

Banking and Finance

Healthcare

Business Areas Experience

The graph below provides a cumulative view of the freelancer's experience across multiple business areas, calculated from completed and active engagements. It highlights the areas where the freelancer has most frequently contributed to planning, execution, and delivery of business outcomes.

Experienced in Information Technology (27.5 years), Product Development (10.5 years), Quality Assurance (8 years), Research and Development (6 years), and Project Management (5.5 years).

Information Technology

Product Development

Quality Assurance

Research and Development

Project Management

Summary

Accomplished Information Security Expert, boasting over 20 years of experience in fields like Security Architecture, Application Security and Pentesting. I excel in crafting tailor-made Information Security programs, assessments, and frameworks that align with risk management, security, and governance practices to bolster organizational resilience. My expertise spans manual and automated security testing, Pentesting, DevSecOps, SCA, SAST, and DAST.

Skills

Information Security
Computer Security

Languages

Portuguese

Native

English

Advanced

Spanish

Elementary

Education

Jan 2017 - Oct 2023

Universidade Federal de Santa Catarina

Doctor of Philosophy, On Hold · Computer Science (Information Security) · Florianópolis, Brazil

Oct 2011 - Jun 2012

Universidade Federal do Paraná

Specialization · Strategic Management · Curitiba, Brazil

Oct 2007 - Jun 2010

Universidade Federal de Santa Catarina

Master · Computer Science (Information Security) · Florianópolis, Brazil

...and 1 more

Certifications & licenses

CCSK

Certified Ethical Hacker (CEH) v11

ISC(2) CSSLP

ISTQB

Profile

Created

November 2025

Need a freelancer? Find your match in seconds.

Try FRATCH GPT

Frequently asked questions

Do you have questions? Here you can find further information.

Where is Rafael based?

Rafael is based in A dos Cunhados e Maceira, Portugal.

What languages does Rafael speak?

Rafael speaks the following languages: Portuguese (Native), English (Advanced), Spanish (Elementary).

How many years of experience does Rafael have?

Rafael has at least 28 years of experience. During this time, Rafael has worked in at least 12 different roles and for 12 different companies. The average length of individual experience is 2 years and 4 months. Note that Rafael may not have shared all experience and actually has more experience.

What roles would Rafael be best suited for?

Based on recent experience, Rafael would be well-suited for roles such as: Principal Security Architect, Cyber Security Specialist, Senior Security Architect - Senior Software Engineer (Security).

What is Rafael's latest experience?

Rafael's most recent position is Principal Security Architect at Reltio.

What companies has Rafael worked for in recent years?

In recent years, Rafael has worked for Reltio, Volkswagen Digital Solutions, Avaya, and Instituto Federal Catarinense.

Which industries is Rafael most experienced in?

Rafael is most experienced in industries like Information Technology (IT), Education, and Automotive. Rafael also has some experience in Banking and Finance and Healthcare.

Which business areas is Rafael most experienced in?

Rafael is most experienced in business areas like Information Technology (IT), Product Development, and Quality Assurance (QA). Rafael also has some experience in Research and Development (R&D) and Project Management.

Which industries has Rafael worked in recently?

Rafael has recently worked in industries like Education, Information Technology (IT), and Automotive.

Which business areas has Rafael worked in recently?

Rafael has recently worked in business areas like Information Technology (IT), Research and Development (R&D), and Project Management.

What is Rafael's education?

Rafael holds a Doctorate in Computer Science (Information Security) from Universidade Federal de Santa Catarina, a Master in Computer Science (Information Security) from Universidade Federal de Santa Catarina and a Bachelor in Information Systems from Universidade Federal de Santa Catarina.

Does Rafael have any certificates?

Rafael has 4 certificates. Among them, these include: CCSK, Certified Ethical Hacker (CEH) v11, and ISC(2) CSSLP.

What is the availability of Rafael?

Rafael is immediately available part-time for suitable projects.

What is the rate of Rafael?

Rafael's rate depends on the specific project requirements. Please use the Meet button on the profile to schedule a meeting and discuss the details.