Douglas Luna

About

Secured complex multi-account Cloud environments, integrated DevSecOps into CI/CD pipelines, and hardened Kubernetes clusters at scale. Architected end-to-end security strategies designed to meet compliance requirements across the Banking, Financial Services, Telecom, and Healthcare sectors. Technical certifications: credly.com/users/douglasluna Specialized Skillset - Cloud Providers: Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure - Security Frameworks & Standards: SOC 2, ISO 27001, NIST CSF, CIS Benchmarks, MITRE ATT&CK - Incident Response: Leading cyber incident response plans from detection to final reporting - Security Awareness: Phishing simulations and Security training - Security Platforms: Wiz, Palo Alto Prisma Cloud, AWS Security Hub (CNAPP, CSPM, CWPP, DSPM, EDR) - Infrastructure as Code (IaC): Terraform, OpenTofu and CloudFormation - DevSecOps & Shift Left Security: GitHub Actions, GitLab CI/CD, Snyk, SAST, SCA - Kubernetes & Container Security: Trivy, kube-bench, EKS, GKE, AKS, Kubernetes self-managed - Runtime Security: Falco and Kubescape - Policy-as-Code (PaC): Kyverno, Open Policy Agent (OPA) and Checkov - Proficiency in Python, Go, and Bash for security automation

Experience

• Staff Security Engineer | Cloud Security, DevSecOps, Platform Security at iFood
  

• Member of Technical Staff | Security Engineering at Swile
  

• Security Engineer, Specialist | Cloud Security, DevSecOps, Kubernetes, Incident Response at Claro Brasil
  

• Security Engineer, Specialist at Claro Brasil
  

• Cybersecurity Specialist | Cloud Security, DevSecOps, Kubernetes, Automation & IaC at Bradesco
  

• Cybersecurity Specialist at Bradesco
  

• Staff Security Engineer at iFood
  

• Security Engineer | Cloud Security | Incident Response | DevSecOps | Red Team at Genial Investimentos
  

• Cybersecurity Specialist | Cloud Security, DevSecOps, Kubernetes, Incident Response at Dasa
  

• Cybersecurity Specialist at Dasa