e
elma_security

Rodrigo S.

@elma_security

DevSecOps and ASPM Specialist ISO 27001 and GDPR Auditor

Brazil
English, Portuguese
About me
I bridge the gap between hard engineering and corporate compliance. As a DevSecOps and AppSec specialist, I deploy automated ASPM (Application Security Posture Management) orchestration to analyze source code and infrastructure-as-code before production. My focus is converting complex technical vulnerabilities (SAST/SCA) into actionable remediation patches and clear compliance mapping (ISO 27001, GDPR, LGPD). I help startups and enterprise clients secure their software supply chains, protect cloud infrastructure, and mitigate financial or regulatory risks effectively.... Read more

Skills

e
elma_security
Rodrigo S.
Offline • 

See my services

Risk Management
I will perform a complete secure code review, sast and dast vulnerability scan
From$250 / projectMore details
DevOps Consulting
I will do scan your source code for security vulnerabilities and exposed API keys
From$30 / projectMore details

Portfolio

Work experience

Self_Employed

Self Employed

Self-employed • 4 yrs 7 mos

Application Security (AppSec) & DevSecOps Engineer

Mar 2024 - Present2 yrs 3 mos

Engineered automated DevSecOps pipelines integrating SAST, DAST, and SCA (SBOM). Built autonomous AI tools to scan codebases, detect critical vulnerabilities (SQLi, XSS, Secret Leaks), and block high-risk CI/CD deployments. Specialized in securing APIs, Docker containers, and cloud infrastructure using custom Python automation.

Cyber Security Auditor & Automation Specialist

Feb 2024 - Present2 yrs 4 mos

Conducted automated vulnerability assessments and compliance audits (ISO 27001) for enterprise software. Developed custom Python-based Application Security Posture Management (ASPM) tools to analyze Git repositories and generate executive security reports with exact CVSS v3 scoring and cryptographic integrity validation.