Kelvin Clark
Verified Expert in Engineering
Security and Threat Hunt Developer
Rio de Janeiro - State of Rio de Janeiro, Brazil
Toptal member since January 5, 2022
Kelvin is a skilled information security engineer with a background in fintech and banking services and critical infrastructure information security. He is experienced in working for huge companies worldwide. Kelvin has a vast knowledge of technical security areas like incident response and threat intelligence and is mainly focused on offensive security.
Portfolio
Experience
- Penetration Testing - 7 years
- Web Security - 5 years
- OWASP - 5 years
- Open-source Intelligence (OSINT) - 5 years
- RedTeam - 5 years
- Application Security - 5 years
- Wireshark - 4 years
- Threat Intelligence - 3 years
Availability
Preferred Environment
MacOS, Linux, Windows, Web Security, Burp Suite, OWASP, Penetration Testing, GitHub, Information Security
The most amazing...
...vulnerability I've tracked back on a fraud scheme—that isn't easy to disclose due to information confidentiality—allowed me to start a purple team.
Work Experience
Security Engineer Specialist
Cryptocurrency Market
- Researched and built a threat intelligence tool that finds and works with dangerous sites in the Azure cloud.
- Performed phishing modus research, operating and shutting down phishing scams and tracking scammers.
- Ran application security enumeration and penetration testing.
- Helped the incident response team with a few action points.
Third-party Security Engineer
United Healthcare (Amil Saude)
- Assessed the red team in hospitals systems infrastructure and mobile devices applications.
- Managed the red team in its day-to-day jobs and orientation.
- Helped build guidelines and the schedule for penetration tests in the group's companies.
Security Engineer Specialist
StoneCo
- Spearheaded the security of five group businesses incorporated in the holding while going public on the NASDAQ.
- Found numerous vulnerabilities in some famous programs.
- Collaborated with electronic fraud prevention task teams.
- Worked on multipurpose security holes in different projects like banking, PoS security, and the payments gateway.
- Performed DNS research, mapping domains with external multi-distributed DNS, and figuring how to protect the internal network using self-owned DNS servers.
- Provided incident response in numerous cases, working as part of the purple team, acting from discovery to remediation and from targeted phishing to APT.
Freelance Consulting
Freelancer
- Consulting for business about security management of infrastructure and web protection.
- Talked in more than 10 events in Brazil about network vulnerabilities and their countermeasures.
- Teach classes about network exploitation, targeting wireless environments.
Instructor
Senac
- Acted as an instructor on networks, virtualization, Linux, and security for the graduation course.
- Performed as an RHCI Red Hat certified instructor in 2014, archiving the RHCA and RHCE in the same year.
- Served as a Cisco NetClass instructor using a packet tracer to conceive the student's basics of network, static and dynamic routes, and network analysis.
Security Trainee
Conviso Application Security
- Performed Linux server hardening and updated configurations based on NSA RedHat Hardening Document.
- Worked on OSSEC hardening configuration and monitoring with agents and servers.
- Reviewed security code and executed applications' penetration testing.
Experience
Purple Team Creation
Wild Internet Proxy Research
https://medium.com/@kelvinclrk/fuzzingaroundnet-0x01-c62441a8c6e0Incident Response
Certifications
Certified Threat Intelligence Analyst
EC-Concil
OSWP
Offensive Security
Security+
CompTIA
RHCE
Red Hat
LPIC-3
Linux Professional Institute
Network+
CompTIA
Skills
Tools
Wireshark, GitHub, OSSEC, ELK (Elastic Stack)
Paradigms
Penetration Testing
Industry Expertise
Cybersecurity
Platforms
Linux, MacOS, Windows, Burp Suite, Malware Information Sharing Platform (MISP), Azure
Languages
Python
Other
Web Security, Security, Threat Intelligence, Open-source Intelligence (OSINT), Application Security, RedTeam, Anti-fraud, Networking, Incident Response, ISO 27001, Consulting, IT Security, OWASP, Information Security, PCI DSS, Cyber Threat Hunting, Malware Analysis, Virtual Machines, NIST, MITRE ATT&CK, Code Review, Compliance
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring