Diego Maciel Gomes
Details
Information Technology
INPG - Instituto Nacional de Pós-Graduação
2013 : 2015
Bachelor's degree in Information System
Information Technology
FAMEBLU
Philips
Information Security Officer
Driving and coordinating the Cyber Security Plan and roadmaps of six products. Working closely with leadership and different teams, including development, operations, PSSO, Quality & Regulatory, Marketing, Sales. Supporting the mission of the business to guarantee delivering reliable products to our customers. Some of my activities are :
Risk Assessments, Security Testing implementation and architecture (VA Tenable.io, Tenable.sc, InsightVM, SAST, DAST, OWASP), Cyber Security & Roadmap plans, implementation of policies, procedures, risk mitigation,
patching, product security requirement guidance, RFPs, hardening of servers and network including AWS, implementation of IAM for onboarding and offboarding using local AD/ADFS
and SSO and different scripts for automation.
2018 :
Philips
Senior Security Engineer
I am part of Global Product Security & Services Office (PSSO) from Royal Philips and driving two different products, managing Security improvements and guidance to create securely solutions to our customers. Product Security Officer is a Senior Manager role that applies security in the SDLC, defining trainings, awareness, security requirements, risk assessments, VA, SAST, DAST and Pen Testing. Together with the leaderships and Quality & Regulatory, we create the Cyber Security and Remediation plan following the business roadmap. Working on and coordinating incident response, vulnerability testing and patch management to guarantee the health of our products and implementing hardening on the systems, including local computers and servers, Cisco Firewall, VPN and Zscaler proxy. Also helping the business with DoD requirements, RFP, RMF, STIG, NIST, HIPAA, ISO 27k1. Performing reports and follow-ups with general managers and different Directors, including Head of PSSO and KPI meetings to get the enforcement for Security around business units, following the Philips Product Security Policies. Helping Dev, R&D teams to understand the security requirements, how to implement and apply the fixes on the products.
2015 :
Philips
Information Security Specialist / Product Security Officer
Responsible for the IT Security, creating and managing whole security framework for, like firewalls, routers, switches, IPS, VPN, web filter, email filter, endpoint security, risk assessments, pen testing, policies & procedures, security and architect definitions, including Windows, Linux and network hardening.
2009 : 2015
Cooperativa Central Ailos
Information Security Analyst
Responsible for the IT Security environment, applying security configurations, patch management, incident response and performing pen testing. Also managing Windows and Linux environment, network topology, backup design and risk assessments.
2007 : 2009
Hospital Santa Catarina de Blumenau
Information Security Analyst
Skills
Amazon Web Services (AWS), Anti-spam, Cisco IPS, Cisco Routers, Cisco Security, Cisco VPN, computer forensics, computer security, Cybersecurity, DAST, DevSecOps, DICOM, epolicy orchestrator, Firewalls, Forensic Analysis, fortify, HP Data Protector, HP Storage, Incident Handling, Information Security, Information Security Management System (ISMS), Intrusion Detection, itil, Linux, Linux System Administration, McAfee Antivirus, microsoft office, Microsoft Windows, MySQL, Nagios, Network Administration, Network Security, operating systems, penetration testing, Product Security, risk assessment, rmf, SAST, secure sdlc, Security, Security Policy, Shell Scripting, sql, Squid, Symantec Endpoint Protection, training, Unix Shell Scripting, VPN, vulnerability assessment, VPN (Rede privada virtual), Rede de computadores, Segurança de rede, Administração de redes, sistemas operacionais, segurança de terminais, infraestrutura, segurança da informação, suporte técnico, tecnologias cisco, Symantec Endpoint, Linux System, VPN (Rede privada
About
Information & Product Security professional. I use my knowledge and expertise to help the business, working with different teams and leaderships, to make sure we are committed with the Cyber Security Plan. I believe and practice that we should not brake and lock the processes; we need to support and inject security in a best way as possible, supporting the business mission and deliverables.
Profile Photo
