Security Engineer · AppSec & Pentest

I make happen.

I'm Lucas Reis, a security engineer (AppSec) at PagBank and a pentester. I study Computer Science at UFABC — a Brazilian federal university whose interdisciplinary foundation shaped how I bridge theory and practice — and I coordinate the Green Team Hacker Club, playing and teaching CTF. I've studied security on my own since before university, driven by making things happen.

Background
Go Ahead ITISC2University of Cambridge
Lucas Reis// portrait.jpg

About

I've studied information security on my own since before university. At UFABC — a Brazilian federal university — I got a solid, interdisciplinary academic foundation that shaped how I think about security.

Today I'm a security engineer (AppSec) at PagBank — pentesting Web, API and Mobile, plus threat modeling, SAST, DAST and DevSecOps. Before that I was a security analyst (SIEM, MITRE ATT&CK, AWS) and researched cryptography: the internal state of block ciphers like AES and TEA.

For over two years I've coordinated the Green Team Hacker Club, teaching Web Hacking, Cryptography, Forensics, Reverse Engineering and Binary Exploitation, and captaining our CTF team. I also aspire to software engineering — above all, I like making things happen.

AppSec
Security Engineer @ PagBank
UFABC
Computer Science · UFABC
Green Team
Coordinator since 2022
ISC2
Certified in Cybersecurity

Career

Experience & certifications.

Where I've worked, researched, and taught — from a federal university lab to AppSec in production.

01

Security Engineer · AppSec

Oct 2024 — Present

PagBank · São Paulo, SP

Pentesting Web, API and Mobile; threat modeling, SAST, DAST and DevSecOps across cloud, on a mobile-focused (iOS/Android) security team. OWASP day to day.

PentestThreat ModelingSAST · DASTDevSecOpsCloudMobileOWASP
02

Cyber Security Trainee

Nov 2023 — Jul 2024

Go Ahead IT · São Paulo, SP

Administered IBM QRadar SIEM, worked with MITRE ATT&CK and AWS, automated in Python and wrote playbooks — rotating across networks, collaboration, contracts and security.

SIEM · QRadarMITRE ATT&CKAWSPythonPlaybooks
03

Information Security Coordinator

Sep 2022 — Present

Green Team Hacker Club · UFABC · Santo André, SP

Lead the team and teach Web Hacking, Cryptography, Forensics, Reverse Engineering and Binary Exploitation. CTF player and captain.

Team LeadershipWeb HackingCryptographyForensicsReverse Eng.Binary ExploitationCTF
04

Research Fellow · PDPD

Nov 2022 — Nov 2023

UFABC · Santo André, SP

Studied the evolution of the internal state of block ciphers — AES and TEA, modes of operation and entropy, implemented in C.

CryptographyAES · TEABlock CiphersEntropyC

Certifications

ISC2Certified in Cybersecurity · 2023
CiscoCCNA · CyberOps · Cloud Security · Network Technician
CambridgeEnglish B1 · 2019
Get in touch

Let's make something happen.

Looking for an AppSec engineer or pentester, want to talk security and CTF, or just connect — my inbox is open.

[email protected]