Mico Estrada

Security Consultant

Mico Estrada is a seasoned Security Consultant with a 7-year track record in fortifying application security for SaaS and on-premises platforms. Renowned for his ability to conduct in-depth security assessments and vulnerability scans, Mico effectively neutralizes threats and enforces robust security protocols. His expertise in secure coding, application firewalls, and patch management shields applications from vulnerabilities like SQL injection, XSS, and CSRF. A strong proponent of integrating security into the SDLC, he works closely with developers to embed security measures from the outset. Mico's comprehensive security strategies not only minimize breach risks but also ensure adherence to regulatory standards such as PCI-DSS. His leadership in security overhauls for critical financial applications and collaboration with cross-functional teams underscores his commitment to maintaining a stringent security posture across the organization.

Flavio Velozo da Silva

Network Security Engineer

Flavio is a Network Security Engineer with expertise in Data centers, Security, and IP Networks. He specializes in Cisco and Palo Alto technologies, guiding clients in deploying optimal infrastructure and security solutions. Flavio has a robust background spanning major financial institutions and service providers, leading design and implementation projects covering security, network, data center, and cloud solutions. He has contributed to high-profile initiatives like the Cisco security solutions for the Rio 2016 Olympic Games and significant service provider backbone upgrades, demonstrating his ability to deliver complex projects with precision and technical excellence.

Francisco Irio

Application Security Engineer

Franscisco Irio, an Application Security Engineer and Senior Penetration Tester with 12 years of experience, excels at collaborating with system owners and developers to enhance security practices. He conducts comprehensive security reviews, identifies vulnerabilities, and proactively addresses risks. Proficient in security assessment tools. Francisco leads assessments, penetration tests, and bug bounty responses. He is skilled in CI/CD tools, utilizing Jenkins for pipeline security. His toolkit includes BurpSuite, OWASP ZAP, and Fiddler for penetration testing, and Veracode, Snyk, Netsparker, and Whitehat for vulnerability scanning. Francisco excels in conducting thorough security reviews, proposing enhancements, and collaborating with system owners and lead developers to implement security best practices. With a deep understanding of common web application vulnerabilities, such as XSS and CSRF, Francisco is well-versed in OWASP Top 10 and their mitigation strategies. He possesses extensive knowledge of computing security fundamentals and is an expert in web frameworks and underlying protocols. As a team player, He actively contributes to the common cybersecurity goal and the company's visiona and has experience working with development and QA teams to ensure application security principles are enforced throughout the SDLC process.

Sai Niteesh Gundu

Cyber GRC Analyst

Sai Niteesh is an accomplished Cyber Governance Risk Compliance Analyst with 5+ years of experience in Cyber Security. He excels in GRC and application security, conducting risk assessments for application deployments and working with ISO 27001, SOC1, SOC2, GDPR, and NIST frameworks. Sai Niteesh is also skilled in cloud security assessments for AWS, GCP, and ALI cloud, collaborating with stakeholders to reduce organizational risks. With proficiency in RSA Archer, he develops advanced workflows and applications for Vendor Risk Management and Anti Bribery and Anti-Corruption. As a crucial member of SOX-Governance teams, Sai Niteesh ensures meticulous controls testing and quality checks. His expertise and dedication make him a valuable asset in Cyber Security and Governance.

Subrata Das

Cyber GRC Lead

Subrata Das, an accomplished cybersecurity professional, brings over 12 years of expertise in various areas including GRC, AWS Cloud Security, and Security Operations. With a focus on risk management, audit compliance, and findings management, Subrata leverages tools like Archer, IGRCS, and Jira to deliver exceptional results. His extensive experience encompasses working on multiple compliance programs such as HIPAA, GDPR, SOC1, SOC2, and NIST-CSF. Notably, Subrata holds certifications in ISO 27001 and 31000 Risk Management, demonstrating his commitment to industry best practices. He excels in stakeholder management and has a proven ability to build strong relationships. Currently serving as a Cybersecurity GRC Lead, Subrata plays a vital role in conducting application risk assessments, security posture assessments, and vendor risk assessments. His skillset includes conducting business impact assessments, designing effective controls, and performing internal audits. Furthermore, Subrata possesses valuable knowledge of security architecture, having closely collaborated with architect teams in his previous positions.

Jesus Celaya

IT SOX Audit Associate

Jesus is a highly experienced IT SOX Audit Associate with 12 years of expertise in IT control management. Jesus excels in evaluating and analyzing Third-Party Risk Management for IT Vendors and Suppliers and oversees the review and management of official documentation from IT Vendors, ensuring compliance with CCM, SIG, SOC 2 Type II Reports, IT Security Policies, NIST compliance, PCI, and compliance attestations. He effectively presents risk findings to upper management, delivering comprehensive reports and risk mitigation and improvement recommendations. Jesus successfully manages projects related to Risk, Audit, Compliance, and Governance for multiple clients, ensuring successful project delivery and client satisfaction. He leads Internal Audit projects, Compliance initiatives, and ISO Internal Audits, ensuring compliance with established requirements and providing recommendations for improvement. Jesus demonstrates expertise in creating and managing official company policies and documentation, ensuring alignment with regulatory standards and industry best practices.