Mario Nascimento

Principal Security Engineer @ Aceve · Lisbon, PT
10+ years · offense + defense + forensics
About

I build and break security systems. 10+ years of experience across offensive security, malware analysis, digital forensic investigations, SOC operations, and DevSecOps. I specialize in reverse engineering, binary exploitation, and adversary simulation — bridging red team techniques with defensive operations. I've led security teams, managed SOC infrastructure, and built internal tooling for incident response, threat hunting, and CTI. Security is most effective when informed by real-world threats, not theoretical scenarios.

Current Work
Principal Security Engineer — Aceve
Leading offensive and defensive security operations: reverse engineering malware, simulating adversary tactics, building detection logic, digital forensic investigations, and threat hunting across production environments.
Previously: IT Security Engineer — SIXT
Led SOC operations, incident response, digital forensics, and bug bounty program. Built internal tools for CTI, PCI-DSS audit logs, endpoint analysis, and automated alert investigation. Managed security team and stakeholder communication.
Previously: Software Security Engineer — Riskified
Secured merchant-side JavaScript deployments, built fraud detection analytics, and tracked behavioral indicators to identify potential threats in real-time.
Core Expertise
  • Reverse engineering & binary exploitation
  • Malware analysis & development
  • Digital forensic investigation
  • Penetration testing (web, network, black/white box)
  • SOC management & incident response
  • Threat hunting & detection engineering
  • DevSecOps & secure infrastructure design
  • Security automation & internal tooling
  • Endpoint hardening (Windows, macOS)
  • Full-stack development & software security
Tech Stack
Languages: Assembly (x86-64), C, C#, Rust, Python, Bash, PowerShell, JavaScript/TypeScript, PHP, Java, Swift, Objective-C, Scala

Security Tools: CrowdStrike, Carbon Black, SentinelOne, Elastic Stack, Metasploit, Cobalt Strike, Burp Suite, IDA, Ghidra, x64dbg, Volatility, Wireshark, Nmap, Suricata, Nessus, OpenCTI, MISP

Infrastructure: Docker, Kubernetes, Rancher, GCP, AWS, Ansible, Cloudflare, Akamai
Contact
Email LinkedIn GitHub