André da Silva
Professional Journey

Helping Secure the Digital Landscape
— Human and AI

From infrastructure foundations to architecting enterprise security — and now to researching how AI is reshaping the threat landscape.

🏗️
Security Professional
📅
Since 2007
🎓
5 Certifications
17+
Years in Cybersecurity
5
Roles & Engagements
5
Certifications
2007
Career Start

Professional Profile

Customer-centric cybersecurity professional with a proven track record across diverse technical domains. Skilled in diagnosing complex issues, leading investigations, and building scalable, automated security frameworks that align with enterprise objectives and evolving threat landscapes.

Experienced in transforming data into actionable intelligence through advanced analytics, adversary emulation, and the integration of open-source and commercial security solutions — fostering collaboration and innovation so security functions as an enabler of business growth, not a blocker.

Experience collaborating with leading cybersecurity vendors and enterprise clients globally, developing end-to-end solutions that combine innovation, practicality, and compliance — transforming complex challenges into scalable capabilities to detect, respond to, and defend against evolving threats.

Career built around continuous learning and technical excellence — from hands-on digital forensics and incident response to security operations design, across the full spectrum of cybersecurity operations. Academic background in telecommunications and informatics engineering, with professional certifications across multiple security disciplines.

Core philosophy: it's not about if organizations get attacked, it's about readiness when it happens. How do defenses behave under pressure? Are they validated against real-world threats? Focus on creating measurable, repeatable processes that continuously test and improve security posture — helping organizations move from uncertainty to confidence in their defensive capabilities.

Career Timeline

June 2025 - Present

Senior Security Engineer

Global Security Solutions Provider

Design and deliver end-to-end technical security solutions for enterprise customers, collaborating with cross-functional teams to translate business requirements into robust security designs. Lead technical presentations, demos, and proof-of-concept (PoC) engagements, providing strategic technical guidance that ensures adherence to security best practices, compliance standards, and seamless integration.

BAS Architecture CTEM Frameworks MITRE ATT&CK Mapping Security Validation Enterprise Architecture Risk Assessment Threat Modeling Purple Teaming Attack Surface Management Security Orchestration NIST CSF Zero Trust Architecture
October 2024 - June 2025

Technical Success Manager

Global Security Solutions Provider

Implemented a customer success framework across multiple regions, achieving 95%+ customer satisfaction scores for enterprise cybersecurity programs. Served as trusted advisor for onboarding, adoption, and value realization, collaborating cross-functionally with Sales, Support, Product, and Engineering. Developed best practices and playbooks that standardized customer success strategies and improved retention. Delivered periodic business reviews with ROI metrics, tracked KPIs, and provided data-driven recommendations.

BAS Platform Implementation Security Assessment Customer Engagement Technical Consulting Red/Blue Team Operations Compliance Mapping Threat Intelligence Security Automation KPI Development
April 2013 - October 2024

Senior Technical Support Engineer

Enterprise Security Vendor

Primary point of contact for 100+ key enterprise accounts, maintaining 95%+ customer satisfaction ratings. Managed customer relationships and delivered technical support, advising on product utilization, automation, and orchestration to drive measurable operational efficiency gains. Led post-sales consulting, technical support, and automation guidance, collaborating with customer cyber leadership and operations teams on tailored risk management strategies. Conducted operational reports, health checks, quarterly business reviews with clear ROI, and on-site training programs.

Digital Forensics (DFIR) Threat Hunting Incident Response Memory Forensics Malware Analysis Log Analysis (SIEM) Volatility Framework Splunk/ELK EnCase/FTK Wireshark/tcpdump Timeline Analysis IOC Development Threat Intelligence 11 Years
November 2012 - March 2013

Technical Support Engineer

Cloud Infrastructure Provider

Provided high-level technical support for virtualization products focusing on networks and storage. Diagnosed and resolved complex technical issues ensuring minimal downtime. Delivered training sessions to customers to help them effectively use enterprise infrastructure products and reduce the frequency of technical issues.

Security Product Support Troubleshooting & Debugging Endpoint Security Security Configuration Technical Documentation Customer Training Windows Security Network Diagnostics
October 2007 - October 2012

Infrastructure Engineer

Regional IT Services Provider

Designed, managed, and deployed IT infrastructure including servers, storage, and networks. Implemented security best practices and configured network systems. Managed backup and disaster recovery solutions. This role established the technical foundation for subsequent cybersecurity specialization.

Infrastructure Design Network Security System Architecture Firewall Configuration VPN/IPSec IDS/IPS Deployment Active Directory Windows Server Linux Administration Network Segmentation Cisco/Juniper VMware/Hyper-V

Certifications & Training

Continuous professional development through specialized security training

🛠️
Hacker Tools, Techniques, Exploits, and Incident Handling
SANS SEC504 • 2016

Advanced penetration testing methodologies, exploitation techniques, and comprehensive incident response procedures for identifying and mitigating sophisticated cyber threats.

SANS / GIAC GCIH
🖥️
Windows Enterprise Incident Response
Mandiant Academy • 2020

Windows-focused incident response, investigating security breaches in enterprise environments, analyzing Windows artifacts, and conducting forensic investigations across Active Directory infrastructure.

Mandiant Academy
🌐
Network Traffic Analysis
Mandiant Academy • 2020

Deep packet inspection, protocol analysis, network anomaly detection, and traffic pattern analysis using tools like Wireshark, tcpdump, and Zeek for identifying malicious network activity.

Mandiant Academy
🔍
Cyber Intelligence Foundations
Mandiant Academy • 2020

Cyber threat intelligence analysis, IOC development, and strategic intelligence methodologies to identify and understand advanced persistent threats and adversary tactics.

Mandiant Academy
🎯
Creative Red Teaming
Mandiant Academy • 2021

Adversarial attack simulation, creative exploitation techniques, and red team operations to test organizational defenses using real-world attack scenarios and MITRE ATT&CK tactics.

Mandiant Academy

Professional Philosophy

📚

Continuous Learning

Cybersecurity evolves rapidly. Commitment to continuous learning through hands-on practice, professional certifications, and staying current with emerging threats and technologies.

🎯

Results-Driven Excellence

Theory meets practice with measurable outcomes. Focus on actionable security strategies that deliver quantifiable improvements and clear ROI to organizational security posture.

🤝

Customer-Centric Success

Customer experience drives every decision — a proven track record of sustained partnership value, with 95%+ satisfaction ratings across 100+ enterprise clients. Customer success isn't a goal; it's the foundation of every engagement.

Let's Connect

Interested in discussing security architecture, breach and attack simulation, or collaboration opportunities?

Get in Touch View Skills