
Gilmar Rocha
Verified Expert in Engineering
Back-end Developer
Belo Horizonte - State of Minas Gerais, Brazil
Toptal member since November 7, 2022
Gilmar is a cybersecurity specialist passionate about software development and security. He focuses on the software development lifecycle, including analysis, design, development, testing, and maintenance, because it gives him a clearer view of security issues. As a result, Gilmar knows how to help teams solve these issues.
Portfolio
Experience
- C# - 15 years
- Web Security - 10 years
- Web API - 7 years
- Identity & Access Management (IAM) - 5 years
- Docker - 5 years
- Application Level Gateways - 5 years
- Mobile Security - 3 years
- Blockchain - 2 years
Availability
Preferred Environment
C#, Docker, Web Security, Reverse Engineering, Blockchain, C#.NET, Authentication
The most amazing...
...thing I've developed is the back end for BS2, one of Brazil's first digital banking platforms.
Work Experience
Cybersecurity Tech Lead
MercadoLibre
- Analyzed more than 300 cases of fraud to implement solutions that improved security and directly saved the company $2 million per year.
- Discovered vulnerabilities on mobile applications that could compromise all customers from Mercadolibre.
- Created a solution to map and identify possible data leakage from third-party members that manage Mercadolibre customer data.
Cybersecurity Specialist
Mercado Bitcoin
- Created a threat model for private wallets and custody on the exchange.
- Improved login authentication and authorization on internal and external identity management systems to comply with OAuth.
- Created the security by design guide based on the NIST framework to guide developers and architects in implementing security features.
Senior Security Analyst
Localiza Car Rental
- Developed an identity management system to handle OAuth protocol on multiple internal and external web applications.
- Tracked and fixed security issues on the server side of the Localiza Mobile application.
- Conducted a security test on a mobile application called Meoo, which enabled users to unlock rental cars only using their cell phones.
Cybersecurity Specialist
C&A Loja Online
- Developed Auth0 integration to provide an authentication solution to over 20 million users of C&A's eCommerce website and mobile apps.
- Designed a credit card solution to replace an external credit card provider at C&A. This credit card solution was used by over five million users.
- Implemented AWS Security Reference Architecture (AWS SRA) to the cloud environment.
Senior Security Analyst
BS2 Bank
- Developed security controls on API Gateway to improve external application security.
- Reviewed code of applications to ensure safety and implement security features.
- Set security standards for the web API development process.
Senior Architect and Developer
BS2 Bank
- Created web API services for BS2's bank application.
- Developed user identification and risk score log to prevent fraud.
- Built a security solution to obfuscate users' sensitive data.
Senior Developer
BHS Axter
- Developed a balanced scorecard for Andrade Gutierrez, one of the most important Brazilian engineering companies.
- Built a system to manage billing targets of all Andrade Gutierrez resources.
- Developed a variety of programs to help internal systems to communicate with SAP.
Owner
Varuna Tecnologia
- Created an ERP system for specific engineering companies, focusing on local Brazilian laws.
- Developed a system to monitor heavy machine management.
- Created a suite to construct reports based on XML schemes.
Experience
BS2 Bank
http://www.bs2.comC&A Pay
https://www.cea.com.br/cea-payCustody System Bitrust for Mercado Bitcoin
Skills
Libraries/APIs
Web API
Languages
C#, C#.NET, HTML, JavaScript, Python, Java, CSS
Frameworks
.NET, ASP.NET, .NET Core, ASP.NET MVC
Paradigms
REST, CSRF Protection
Platforms
Docker, Blockchain, Kubernetes, Azure, Amazon Web Services (AWS), Web, Blockchain Platforms
Other
APIs, Secure Web Development, Application Security, Security, Architecture, Code Review, Web Development, CORS, Cross-site Request Forgery (CSRF), Cookies, Cross-site Scripting, IT Security, Web App Security, XSRF, Back-end, eCommerce, Reverse Engineering, Identity & Access Management (IAM), Authentication, Vulnerability Assessment, Web Security, API Gateways, Enterprise Resource Planning (ERP), Mobile Security, Application Level Gateways, Credit Risk, Credit Cards, Risk Models, Vulnerability Management, AWS Cloud Architecture
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring