Building secure, resilient backend systems and APIs while defending high-risk environments against real-world threats.
I'm Gabriel Ferreira, a Security-focused Software Developer and Application Security Engineer based in Brazil.
I specialize in Application Security, API Security, Threat Detection, and Defensive Security. I combine strong backend development expertise with a security-first mindset — designing resilient architectures, implementing robust defensive controls, and proactively identifying vulnerabilities to protect systems against real-world attacks.
| Area | Focus Areas |
|---|---|
| Application Security | OWASP Top 10, authentication & authorization, input validation, secure SDLC, threat modeling |
| API Security | Secure webhooks, replay attack prevention, API abuse protection |
| Vulnerability Analysis | Web testing, Burp Suite, PortSwigger Academy, vulnerability discovery & triage |
| Threat Detection | Behavioral analysis, bot detection, log analysis, machine learning signals |
| Defensive Security | Defensive architecture, automated security pipelines, resilience engineering |
Independent Application Security Engineer — Remote
- Design and implement secure architectures for SaaS platforms in high-risk environments
- Develop behavioral bot detection and fraud prevention systems
- Build secure webhook solutions and API protections against abuse and replay attacks
- Create automated threat detection and response pipelines
- Perform vulnerability analysis to strengthen system defenses
Open to opportunities in Application Security, Security Engineering and Defensive Security.
