$ whoami

André Cavalcante

São Paulo, Brazil 15+ Years in Cyber Security AWS · OSCP · GDSA · CKA

// 01

About

Senior cybersecurity professional with over 15 years of experience in enterprise environments, specializing in cloud security architecture, threat modeling, red team operations, and security operations center design.

Currently a Senior Security Consultant at Amazon Web Services, leading cloud security engagements for enterprise customers — guiding organizations through secure migrations, architecture reviews, and the deployment of AWS-native security services.

Previously at PricewaterhouseCoopers as Manager and Senior Consultant, with extensive hands-on work in penetration testing, threat intelligence, SOAR, and CSIRT buildout across nearly a decade.

Fluent in Portuguese and English. Currently developing Spanish proficiency.

15+

Years of Experience

Certifications

Publications

Languages

// 02

Experience

Amazon Web Services

Mar/2020 — Present · São Paulo

Sr. Security Consultant

Led security workstreams for mass migration engagements, guiding customers in secure transitions to AWS
Performed cloud environment security assessments, identifying risks and recommending solutions
Implemented, reviewed, and optimized AWS security services — IAM, GuardDuty, Security Hub, AWS Config, EventBridge, Inspector, WAF, Macie, and others
Conducted security architecture reviews and designed robust cloud security architectures for enterprise customers
Collaborated with sales teams on pre-sales activities, including developing technical proposals and presenting solutions to customers
Established guardrails and security baselines to build a strong security foundation for clients
Supported the hiring process by conducting interviews, phone screens, and candidate evaluations
Delivered workshops, cloud security awareness presentations, and technical demos

PricewaterhouseCoopers

Apr/2011 — Mar/2020 · São Paulo

Manager · Aug/2018 — Mar/2020

Designed, reviewed, and implemented information security architectures and solutions across enterprise engagements
Served as Technical Lead of the Security Architecture practice
Drove Security Orchestration, Automation and Response (SOAR) initiatives at scale
Oversaw Threat and Vulnerability Management programs, including Red Team operations, penetration testing, and vulnerability assessments
Established SOC/CSIRT managed service processes and the supporting technology stack
Managed teams and projects end-to-end; engaged across the full sales lifecycle from pre-sales through delivery

Senior Consultant · Apr/2011 — Jul/2018

Penetration testing and vulnerability management on web applications, infrastructure and mobile — white, black, and grey box, internally and externally
Red Team exercises using the Cyber Attack Lifecycle (MITRE ATT&CK / Cyber Kill Chain) to simulate advanced persistent threats
Led security incident response engagements and established a formal incident response process
Managed daily information security operations: firewall, proxy, antispam, and antivirus administration
ICS / SCADA / OT environment penetration testing and security assessment
Threat intelligence operations — monitoring external threats across the surface web, deep web, IRC, hacker forums, and social networks
Assurance and consulting against security standards: ISF HealthCheck, NIST CSF, ISO 27001, SOX, and COBIT
Static and dynamic malware analysis to identify and characterize malicious code behavior
Built and operated the PwC Brazil Center of Excellence laboratory, supporting penetration testing and digital forensics engagements

Aurum Software

2010 · São Paulo

Quality Assurance

Designed, developed, and executed automated test suites for software quality assurance

// 03

Education

Universidade de São Paulo (USP)

2009 — 2013 · São Paulo

B.Sc. System Information

Monograph: "Information security with focus in penetration testing and vulnerability analysis in information technology infrastructure"

Escola Técnica Estadual GV

2004 — 2006 · São Paulo

High School — Technical

// 04

Certifications

OSCP

Offensive Security Certified Professional

Offensive Security

GDSA

GIAC Defensible Security Architecture

SANS / GIAC

CKA

Certified Kubernetes Administrator

CNCF / Linux Foundation

CSS

AWS Certified Security — Specialty

Amazon Web Services

SAA

AWS Certified Solutions Architect — Associate

Amazon Web Services

AIF

AWS Certified AI Practitioner

Amazon Web Services

CEH

Certified Ethical Hacker

EC-Council

CERT

CERT®: Advanced Incident Handling

Carnegie Mellon University

// 05

Skills & Tools

Cloud — AWS

IAM GuardDuty Security Hub CloudTrail CloudWatch Control Tower EventBridge Inspector WAF Macie AWS Config SSO Organizations VPC ELB EC2

Penetration Testing

Nmap Burp Suite Metasploit OWASP ZAP SQLmap Maltego Wireshark Netcat Nessus OpenVAS Acunetix hping3

SIEM / SOAR

Splunk ArcSight Demisto / XSOAR RSA Archer

Programming & IaC

Python Terraform CloudFormation Shell Script

Security Operations

SOC / CSIRT Incident Response Threat Intelligence Malware Analysis Red Team ICS / SCADA / OT Threat Modeling

Frameworks & Standards

MITRE ATT&CK NIST CSF ISO 27001 SOX COBIT ISF HealthCheck

Network & Endpoint

pfSense OpenVPN Cisco ESA Blue Coat Squid Symantec SEP McAfee EP

Languages

Portuguese — Native English — Professional Spanish — Basic

// 07

Speaker

01

How AWS helped Banco Pan to scale their AWS Organization policies

FebrabanTech 2025
02

Automating AWS Organization Policies at scale

AWS Summit SP 2025

// 08

Open Source

01

organizations-policy-pipeline

aws-samples · Python · HCL
02

aws-iam-identity-center-pipeline

aws-samples · Python · HCL
03

aft-blueprints

awslabs · HCL · Terraform

// 09

Volunteer Work

Escola da Nuvem

Mentor

Instituto Semear

Mentor

// 10

Contact

contact@cavalca.me

◉

Location

São Paulo, Brazil

linkedin.com/in/andrecvnt

⌥

GitHub

github.com/andrecvnt