Marco Oliveira

Product Manager

Guimarães, Braga, Portugal5 yrs 8 mos experience

Highly Stable

Key Highlights

Certified in CRTP and BSCP.
Over 100 penetration tests conducted.
Strong background in web security and infrastructure.

Stackforce AI infers this person is a Cybersecurity professional with expertise in Application Security and Penetration Testing.

Contact

Skills

Core Skills

Application SecurityPenetration TestingIt Infrastructure ManagementCybersecurity

Other Skills

Secure AuthenticationInjectionSQL InjectionEnglishIT OperationsVulnerability AssessmentVulnerability ManagementTechnical DocumentationIncident HandlingWeb ApplicationsInformation SecurityPython (Programming Language)Security ConsultingSecurityOWASP

About

Passionate pentester and appsec engineer with a strong background in web security and infrastructure. I hold CRTP and BSCP certifications, and I bring experience in penetration testing alongside years as a sysadmin. My expertise lies in uncovering vulnerabilities, strengthening defenses, and continuously learning cutting-edge techniques in web application security. In my free time, I’m diving into bug bounty hunting, refining my skills, and staying up to date with the latest industry trends. Feel free to connect if you'd like to discuss cybersecurity, web application testing, or collaboration opportunities!

Experience

5 yrs 8 mos

Total Experience

2 yrs 3 mos

Average Tenure

1 yr

Current Experience

Philip morris international

Application Security Engineer (external)

Apr 2025 – Present · 1 yr · Lisbon, Portugal · Remote

Assessing web application security
Pentesting (Penetration Testing)
SAST/DAST Tools
Instructing Developers on secure coding practices
Integrating Security steps in CI/CD pipelines
Reporting

Secure AuthenticationInjectionSQL InjectionCybersecurityApplication SecurityPenetration Testing

Devoteam cyber trust

Pentester

Jan 2024 – Apr 2025 · 1 yr 3 mos · Lisbon, Portugal · Remote

Conducted over 100 Penetration tests (Mostly web but also infra)
Assisted with scoping prospective engagements
Burp Suite
Metasploit
NMAP
Bash / Python

Secure AuthenticationInjectionEnglishIT OperationsVulnerability AssessmentVulnerability Management+14

Eurotux, sa

4 roles

Administrador de sistema

Jun 2022 – Jan 2024 · 1 yr 7 mos

Managed over 50+ clients networks
Managed 100+ Servers (Windows, Linux)
Responsible for over 500+ users privileges, access and information security
Firewalls / IDS / IPS / (Sophos, Fortigate, TrendMicro, Draytek, Opnsense, Shorewall)
Endpoint protection / security
Email Security
Backup Solutions (Veeam, BareOs, symantek)
Vmware, oVirt

EnglishCybersecurity ToolsComputer ScienceIT OperationsTechnical DocumentationServer Side+18

Administrador de sistemas júnior

Apr 2022 – Jun 2022 · 2 mos

English

Técnico de suporte em TI

Jun 2020 – Apr 2022 · 1 yr 10 mos

Incident Response
Linux Server Management
Windows Server Management
Virtualization Environments (KVM, VMware, Ovirt, Hyper-V)
Task Automation with Ansible
Monitorization with Icinga
Legacy Environment Migration
Security
Storage and Backup Solutions
End user support
24x7 Support

English

Estagiário de Administração de Sistemas

Feb 2020 – Jun 2020 · 4 mos

In this internship I was able to develop my networking skills as well as linux, and problem solving capabilities.
I was part of a team where I developed an ansible playbook in order to automatically implement a 2 node High Availability Cluster envolving fencing and posgresql.
Also while an Intern, I was also part of a team where we prepared a CTF event targeted for students, in this project I was in charge of Preparing and Implementing the vulnerable machine.

English