Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Languages
Timeline
Generic

ANDRE MACHADO DA SILVA

Burnaby

Summary

Seasoned Cybersecurity Leader with over 20 years of experience in enterprise security architecture, risk management, and regulatory compliance. Proven expertise in cloud security (AWS, Azure, GCP), zero-trust frameworks, and cyber risk mitigation to safeguard critical business assets. Adept at aligning security strategies with business objectives, ensuring compliance with SOC 2, PCI-DSS, HIPAA, GDPR, and NIST standards. Strong track record in incident response, penetration testing, security governance, and vendor management, driving enterprise-wide security transformation and resilience. Demonstrated ability to lead cross-functional teams, develop security roadmaps, and implement threat intelligence programs to proactively combat emerging cyber threats. As a Chief Information Security Officer (CISO) candidate, passionate about fostering a security-first culture, optimizing security operations, and leveraging cybersecurity as a business enabler in fast-paced, high-growth environments.

Overview

27
27
years of professional experience
1
1
Certification

Work History

Security Engineer

Deltek Inc
09.2023 - Current
  • Enhancing security architecture to improve system resilience and align with industry best practices
  • Supporting and optimizing Zero Trust Network Access (ZTNA) to strengthen identity and access management (IAM)
  • Leading SIEM-based event investigations, identifying and mitigating cyber threats proactively
  • Driving vulnerability management programs, ensuring timely identification and remediation of security risks
  • Conducting internal and external audits to maintain compliance with SOC 2, NIST, and ISO 27001 frameworks
  • Collaborating with cross-functional teams to implement security policies, automation, and best practices

Security Architect

Replicon Inc
11.2017 - 08.2023
  • Developed and executed enterprise-wide cybersecurity strategies, aligning security initiatives with business objectives and ensuring compliance with GDPR, HIPAA, ISO 27001, and NIST
  • Led incident response investigations, mitigating cyber threats and implementing forensic analysis and remediation plans to strengthen resilience
  • Conducted threat intelligence analysis, proactively identifying emerging cybersecurity risks and deploying defensive countermeasures
  • Strengthened security governance frameworks, enforcing security policies and risk management strategies to improve compliance readiness
  • Designed and optimized cloud security architectures (AWS, Azure, GCP) to ensure robust protection of applications and infrastructure
  • Implemented SIEM-based continuous monitoring, enhancing threat detection, response capabilities, and real-time security insights
  • Championed security awareness programs, educating employees on cyber hygiene, phishing defense, and regulatory compliance
  • Evaluated and integrated cutting-edge security technologies, ensuring the implementation of automated security solutions and DevSecOps best practices
  • Established secure coding standards, mitigating vulnerabilities in applications and ensuring compliance with OWASP Top 10
  • Provided executive-level security reports, delivering insights on risk assessments, compliance posture, and security initiatives to C-suite stakeholders
  • Observation: Worked in close collaboration with the Site Reliability Engineering (SRE) department, actively contributing to security-related initiatives
  • Took a hands-on approach by writing code for multiple security-related JIRA items, leveraging Python, Bash, TypeScript, JavaScript, Terraform, and PowerShell to enhance automation, compliance enforcement, and security controls
  • This role enabled the advancement of the organization's cybersecurity maturity, effectively balancing security controls with business needs while fostering a culture of security awareness at all levels

Senior Enterprise Security Consultant / Field-CISO

AMSI Networks
09.2013 - 11.2017
  • Provided strategic cybersecurity consulting, acting as a trusted advisor for enterprise clients
  • Led security architecture design, risk assessments, and compliance initiatives for multiple industries
  • Implemented advanced threat protection solutions, strengthening network and application security
  • Developed and enforced security policies, ensuring compliance with global regulatory standards
  • Conducted security posture evaluations and facilitated technical training on cybersecurity frameworks

Senior Network Security Consultant/ Field-CISO

AMSI Networks
04.2010 - 09.2013
  • Designed and deployed network security solutions for enterprise environments
  • Configured and optimized firewall policies, intrusion prevention systems (IPS), and web application firewalls (WAF)
  • Implemented network segmentation and access control to enhance cybersecurity postures
  • Developed automation scripts (Python, Bash, PowerShell) to improve security monitoring and response

Network and IP Telephony Architect Consultant

AMSI Networks
07.2003 - 03.2010
  • Designed and deployed enterprise network infrastructures, ensuring high availability and scalability
  • Managed VoIP systems (Avaya, Alcatel) and optimized LAN, WAN, and wireless architectures
  • Led structured cabling and data center design projects, improving network reliability

IT Architect Consultant

AMSI Networks
01.1998 - 06.2003
  • Designed and implemented IT infrastructure solutions, including Active Directory, Exchange, and cloud management
  • Developed and enforced backup strategies and antivirus solutions to enhance data protection
  • Administered Linux-based services, ensuring system security and operational efficiency

Education

Master of Administrative Sciences - Specialization in Computer Security & Forensic Administration

Fairleigh Dickinson University
Vancouver, BC
04.2017

Bachelor of Electronics Engineering -

Rio de Janeiro Federal University
06.1996

Skills

  • Security Information & Event Management (SIEM)
  • Penetration Testing & Ethical Hacking
  • Secure Coding & Automation (Python, Bash, Terraform, PowerShell, JavaScript)
  • Identity & Access Management (IAM)
  • Security Audits & Compliance Readiness
  • Endpoint Protection & Data Loss Prevention (DLP)
  • Firewall & Intrusion Prevention Systems (Fortinet, Check Point, SonicWall, Meraki)
  • Cloud Security & DevSecOps Integration

Certification

  • Rapid7 - InsightVM Certified Administrator, 2021
  • Rapid7 - InsightAppSec Certified Specialist, 2020
  • Safetica DLP – Safetica Certified Associate, 2021
  • OneTrust Fellow of Privacy Technology, 2021
  • AlertLogic Log Manager Certified Specialist, 2018

Accomplishments

  • Enhanced Enterprise Security Posture: Designed and implemented security frameworks aligned with SOC 2, GDPR, HIPAA, ISO 27001, and NIST, strengthening compliance and risk management.
  • Zero Trust Security Implementation: Successfully deployed Zero Trust Network Access (ZTNA) and advanced IAM policies, minimizing unauthorized access risks across cloud and on-prem environments.
  • Threat Intelligence & Risk Reduction: Developed proactive threat intelligence programs, reducing cyber risks by identifying and mitigating vulnerabilities before exploitation.
  • Incident Response & Crisis Management: Led security incident response initiatives, ensuring rapid containment, forensic analysis, and remediation to minimize business impact.
  • Security Automation & DevSecOps Integration: Developed automation scripts in Python, Bash, Terraform, and PowerShell, streamlining security monitoring, compliance enforcement, and vulnerability management.
  • Cloud Security Hardening: Strengthened AWS, Azure, and GCP security controls by implementing encryption, IAM policies, and cloud monitoring, improving overall security posture.
  • Security Awareness & Training: Designed and launched cybersecurity training programs, reducing human related security incidents and improving employee awareness of emerging threats.

Languages

English
Portuguese
Spanish

Timeline

Security Engineer

Deltek Inc
09.2023 - Current

Security Architect

Replicon Inc
11.2017 - 08.2023

Senior Enterprise Security Consultant / Field-CISO

AMSI Networks
09.2013 - 11.2017

Senior Network Security Consultant/ Field-CISO

AMSI Networks
04.2010 - 09.2013

Network and IP Telephony Architect Consultant

AMSI Networks
07.2003 - 03.2010

IT Architect Consultant

AMSI Networks
01.1998 - 06.2003

Bachelor of Electronics Engineering -

Rio de Janeiro Federal University

Master of Administrative Sciences - Specialization in Computer Security & Forensic Administration

Fairleigh Dickinson University

Similar Profiles

  • Stephen Scott

    Stephen ScottStephen Scott

    Federal Civilian Government Account Executive at Deltek IncFederal Civilian Government Account Executive at Deltek Inc

    View Profile
  • Suma Kishore Kumar

    Suma Kishore KumarSuma Kishore Kumar

    Director of Marketing at Deltek|RepliconDirector of Marketing at Deltek|Replicon

    View Profile
  • Kritika Gupta

    Kritika GuptaKritika Gupta

    Senior Sales Consultant (US & EMEA) at Deltek| Replicon SoftwareSenior Sales Consultant (US & EMEA) at Deltek| Replicon Software

    View Profile
ANDRE MACHADO DA SILVA