Sandro Suffert

Current

• Senior Forensics Consultant at TechBiz Forense
• Security Blogger at suffert.com
• Member at HTCIA

• External Security Consultant at Banco do Brasil S.A.

see less...

1 more...

Past

• CSIRT & SOC Coordinator at Brasil Telecom S.A.
• Post-Graduation Teacher (Digital Crimes and Forensics) at Faculdade UPIS - Brasilia, DF
• Security Consultant at Brasil Telecom S.A.

• System Engineer, Unix and Network Security at Embrapa
• System Engineer, Unix Specialist at Tribunal Superior Eleitoral
• Sysop (System Operator) at Badalhoca BBS

see less...

3 more...

Education

• Universidade de Brasília

Recommended

19 people have recommended Sandro

Connections

436 connections

Industry

Security and Investigations

Sandro Suffert’s Summary

Senior Computer Forensics Consultant at TechBiz Forense Digital (2008-> )

HTCIA - High Technology Crime Investigation Association Member - Mid-Atlantic Chapter (2006-> )

Security Blogger at http://blog.suffert.com (2008-> )

Independent Computer Security and Incident Response Consultant - Banco do Brasil S.A. (2000-> )

Computer Security Incident Response Team (CSIRT) and Security Operation Center (SOC) Coordinator - Brasil Telecom S.A. (2003-08)

Audit/Security Monitoring: Intrusion detection systems, Risk management, Event/log review, Penetration Testing, Security report reviews, HoneyNet Project.

Compliance/Regulatory Requirements: Sarbanes-Oxley, PCI, Effort reporting, Compliance testing / architecture/design

Policies/Risk Management/Asset Management: Create/develop IT policies, Intellectual property, Valuing/assessing tangible assets

Incident Handling: Dealing with legal system, Forensics, Artifact Analysis, Reporting, Root cause analysis

Security Infrastructure: Network / Security architecture, Wireless, Penetration testing, Vulnerability scanning, Firewall administration, Intrusion Detection / Prevention aministration

OS Security: Linux, Solaris, Windows, Unix & clones, IDS Router/Switch/PIX concentration/IDS, DB Security

Security Ops: Operations security, Telecommunication security, Incident handling/response, Interfacing with law enforcement, Security metrics,
Threat/vulnerability analysis, Auditing / controls

Networking Tech Knowledge: 802.11[abg], BIND, Bluetooth, DNS, Firewalls, IPSec/SSL/SSH, Honeypots, Intrusion Detection, Logging, Perimeter security, Proxies, Radius, TCP/IP, Traffic analysis, VPN

Coding: (Win & *nix) PERL, PHP, Python, Ruby, C, Unix shell

Other: Cybersecurity law, Ethics, Trending, Metrics, Phishing response, malware analysis, Ethical hacking/penetration, Information warfare, Steganography

Involved directly on the detection and investigation phases of dozens of arrests of cyber-criminals.

Sandro Suffert’s Specialties:

HTCIA - High Technology Crime Investigation Association Member
ACE - AccessData Certified Examiner
EnCE - Encase Certified Examiner

Computer and Network Forensics, CSIRT, SOC, Security Audits, Security Monitoring, Compliance Requirements, Security Policies, Network Security, OS Security, Security Operations, Incident Handling Response and Coordination, Original Security Development, SOX, Trusted Operating Systems, Malware Analysis, SIM/SEM/SIEM, IPS/IDS/NBAD, E-Fraud Detection, PenTest.

Sandro Suffert’s Experience

• Senior Forensics Consultant

  TechBiz Forense

  (Security and Investigations industry)

  July 2008 — Present (1 year 6 months)

  Senior Incident Response & Forensics Consultant at Techbiz Forense
  
  Consulting on engagements for large brazilian companies (major banking, telecom, oil and insurance companies) and the highest levels of the brazilian government (executive, judiciary, law enforcement, military).
  
  Developing methodologies, and implementing different Incident Response and Computer & Network Forensics Tools: Guidance Encase Enterprise, NetWitness NextGen, HBGary Responder, LTU, Gargoyle, Bit9, StegoSuite, XRY, XACT, FTK, DNA, RACK-A-TACC.
  
  URL: http://www.forensedigital.com.br
  
  GPG info:
  
  pub 1024D/28AEA543
  fingerprint = 21D6 87AA 842A D18C 9D74 7570 9DD1 6FA3 28AE A543
  sub 4096g/E32F32E0 2006-06-01

• Security Blogger

  suffert.com

  (Writing and Editing industry)

  June 2008 — Present (1 year 7 months)

  Security Blogger at http://blog.suffert.com & http://sseguranca.blogspot.com
  
  Audience of 200~300 unique visitors per day
  
  Comments on computer security news, trends and techniques.
  
  Major topics: Information Security, Incident Response, Computer Forensics and High Technology Crimes

• Member

  HTCIA

  (Security and Investigations industry)

  February 2006 — Present (3 years 11 months)

  The High Technology Crime Investigation Association (HTCIA) is designed to encourage, promote, aid and effect the voluntary interchange of data, information, experience, ideas and knowledge about methods, processes, and techniques relating to investigations and security in advanced technologies among its membership.

• External Security Consultant

  Banco do Brasil S.A.

  (Public Company; 10,001 or more employees; BBAS3.SA; Banking industry)

  January 2001 — Present (9 years )

  Developing Innovative Security and anti-fraud tools.
  Handling and Responding to Security Incidents.

• CSIRT & SOC Coordinator

  Brasil Telecom S.A.

  (Public Company; 5001-10,000 employees; Telecommunications industry)

  April 2006 — June 2008 (2 years 3 months)

  Coordinating the Incident Response Team for Brasil Telecom (AS8167). Handling incidents of internal network, Data Centers and BackBone customers.

• Post-Graduation Teacher (Digital Crimes and Forensics)

  Faculdade UPIS - Brasilia, DF

  (Computer & Network Security industry)

  October 2006 — July 2007 (10 months)

  Post-Graduation Teacher at União Pioneira de Integração Social
  
  Course: Digital Crimes and Forensics

• Security Consultant

  Brasil Telecom S.A.

  (Public Company; 5001-10,000 employees; BRP; Telecommunications industry)

  November 2003 — April 2006 (2 years 6 months)

• System Engineer, Unix and Network Security

  Embrapa

  (Public Company; 5001-10,000 employees; Biotechnology industry)

  January 1997 — November 1999 (2 years 11 months)

• System Engineer, Unix Specialist

  Tribunal Superior Eleitoral

  (Judiciary industry)

  July 1996 — December 1996 (6 months)

• Sysop (System Operator)

  Badalhoca BBS

  (Telecommunications industry)

  March 1992 — February 1996 (4 years )

  Badalhoca Bulletim Board System Operator, the biggest free BBS in Brasilia - Brazil, with over 2000 members.

Sandro Suffert’s Education

• Universidade de Brasília

Additional Information

Sandro Suffert’s Interests:

computer forensics, incident response, computer and network security, high tech investigations, security tools coding, new technology, network forensics, security evangelism

Sandro Suffert’s Groups:

HTCIA Mid-Atlantic Chapter - Member of High Technology Crime Investigation Association (www.htcia.org)

AKA: Sandro Romera Suffert / Sandro Süffert

•    CSORoundtable
•    RSA Conference
•    Telecom Professionals
•    SOX Professionals
•    Digital Forensics Association (DFA)
•    Information Security Community
•    Complex Event Processing Users Group
•    National Information Security Group
•    IT SECURITY EXPERT
•    SAP Security (+1000)
•    SecurityMetrics
•    e-Crime Forum
•    Global Information Security Professionals
•    Security-Database Tools Watchers
•    Enterprise Security
•    Information Security Network
•    Anti-Fraud experts
•    EnCE
•    BSD UNIX
•    Governance, Risk and Compliance Management (GRC)
•    Fraud Control
•    UnB - Universidade de Brasília (University of Brasília)
•    Evidence Lifecycle Management (ELM)
•    Security Information and Event Management (SIEM)
•    Surveillance Technology
•    Security Leaders Group
•    International Information Systems Forensics Association
•    Financial Crime Risk, Fraud and Security
•    Security Operation Center
•    Governança, Riscos e Conformidade em TI
•    Computação Forense Brazil
•    Forensic Focus
•    Journal of Business Continuity and Emergency Planning
•    Tecnologia da Informação
•    CEIC Conference
•    CYBER SECURITY Forum Initiative - CSFI
•    eSociedade de Forense Digital & eDiscovery
•    Scam Stop
•    Worldwide Covert Surveillance Network
•    Forensic Technology Careers
•    Data Loss Prevention (DLP) Forum
•    Networking Brasília (TI & Telecom)
•    ACE - AccessData Certified Examiner - Chapter Brazil
•    American English Pronunciation for Professionals (English and Portuguese)
•    ISACA Brasília Chapter
•    CSIRT Brasil
•    FRAUDBUSTERS®
•    Brasil Telecom Alumni

Sandro Suffert’s Honors:

Invited Painelist ("Privacy and Identity Theft") and Lecturer ("AccessData FTK 3" and "New Encase Technologies") at ICCyber 2009 - VI International Conference On Cyber Crimes (Brazilian Federal Police Event) in Natal, RN - Brazil

Invited Lecturer ("Controlling and Automating Forensics Methodologies") at CNASI-RJ (March, 2009)

Invited Lecturer ("Forensics Models and Processes") at ICCyber 2008 - V (Brazilian Federal Police Event) in Rio de Janeiro - RJ - Brazil

Invited Lecturer ("Security Operations Center Implementation") at ICCyber 2007 - IV (Brazilian Federal Police Event) in Guaruja - SP - Brazil

Invited Lecturer at IBM Security Day 2007 Round Table on MSSP´s - Brasilia - DF - Brazil

Seat at Anatel´s CBC-1 (2004-2008) - Brazilian Telecommunication Agency Security Permanent Comission

Invited Lecturer at SECGOV 2005 & 2006 - Telecommunications and Incident Response Panels for Brazilian Government.

Sandro Suffert’s Contact Settings

Interested In:

• job inquiries
• expertise requests
• business deals
• reference requests
• getting back in touch