Security Engineer · AppSec
Oct 2024 — PresentPagBank · São Paulo, SP
Pentesting Web, API and Mobile; threat modeling, SAST, DAST and DevSecOps across cloud, on a mobile-focused (iOS/Android) security team. OWASP day to day.
Security Engineer · AppSec & Pentest
I'm Lucas Reis, a security engineer (AppSec) at PagBank and a pentester. I study Computer Science at UFABC — a Brazilian federal university whose interdisciplinary foundation shaped how I bridge theory and practice — and I coordinate the Green Team Hacker Club, playing and teaching CTF. I've studied security on my own since before university, driven by making things happen.
Go Ahead IT
ISC2
University of CambridgeAbout
I've studied information security on my own since before university. At UFABC — a Brazilian federal university — I got a solid, interdisciplinary academic foundation that shaped how I think about security.
Today I'm a security engineer (AppSec) at PagBank — pentesting Web, API and Mobile, plus threat modeling, SAST, DAST and DevSecOps. Before that I was a security analyst (SIEM, MITRE ATT&CK, AWS) and researched cryptography: the internal state of block ciphers like AES and TEA.
For over two years I've coordinated the Green Team Hacker Club, teaching Web Hacking, Cryptography, Forensics, Reverse Engineering and Binary Exploitation, and captaining our CTF team. I also aspire to software engineering — above all, I like making things happen.
Career
Where I've worked, researched, and taught — from a federal university lab to AppSec in production.
PagBank · São Paulo, SP
Pentesting Web, API and Mobile; threat modeling, SAST, DAST and DevSecOps across cloud, on a mobile-focused (iOS/Android) security team. OWASP day to day.
Go Ahead IT · São Paulo, SP
Administered IBM QRadar SIEM, worked with MITRE ATT&CK and AWS, automated in Python and wrote playbooks — rotating across networks, collaboration, contracts and security.
Green Team Hacker Club · UFABC · Santo André, SP
Lead the team and teach Web Hacking, Cryptography, Forensics, Reverse Engineering and Binary Exploitation. CTF player and captain.
UFABC · Santo André, SP
Studied the evolution of the internal state of block ciphers — AES and TEA, modes of operation and entropy, implemented in C.
Certifications
Looking for an AppSec engineer or pentester, want to talk security and CTF, or just connect — my inbox is open.
[email protected]