Sobre_
Leandro Morales Baier Stefano
[ Legal Expert Witness / Security Researcher ]
- Legal Expert Witness in Information System / Computer Science.
- Consultant and Technical Assistant in Data Security and Technology.
- Worked in the information security sector for the Public Agencies / Security.
- Workshop and. training in information security.
- Associate APEJESP / OPERB / APECOF / and Member of HTCIA / SBCF.
- Member of Portuguese Association of Forensic Sciences - APCF - Portugal
- Partner Director of STWBrasil.
[ PROFESSIONAL QUALIFICATION ]
- Technologist in Information Security - Nove de Julho University.
- High School + Technical education in data processing– Colégio Módulo.
- Certifications - CEH - CHFI - EHF - CCNA - CCNP - RHCE - RCHT - LPI II.
- Post-Graduation in Prevention and Investigation of Digital Crimes – FACEL University (Studying)
[ PROFESSIONAL EXPERIENCE ]
- Fev/2000 – Currently – STWBrasil
Job: Manager / Owner / Network administrator and security
Main Activities: Administration and management of the security and information technology sector of large juridical clients and banks.
Administration of mail server (Courier, Postfix, Amavis, Qmail, Zimbra)
File servers (Samba, NFS,)
Firewalls (PF, IPFW, IPTABLES)
Administration of Routers and Switchs Cisco, HP
VPN (Ipsec, Freeswan, OpenVpn)
Sys Admin in Linux (Debian) Unix (OpenBSD, FreeBSD, Mac Os) Windows (All Version)
Network Monitoring (Cacti, Nagios, Snort, Zabbix).
Analysis and Penetration Tests.
Creation of security policies and risk analysis.
Management of support team for clients, stations and servers.
- 2012- 2015 – Public and Security Agencies.
Provision of Services in information security consultancy for public agencies and support to scientific units - Security.
Main Activities: Workshops and trainings. Forensic expertise in some systems. Analysis Technique and consulting in network systems, Linux and Unix. Hard Disk Data Recover
.
- 2013- Currently - Tecnical Assistent / Legal Expert Witness.
Judicial Technical Assistant, performing computer skills for the parties involved.
Main activities: Expertise in information systems, technical reports, consulting.
Expert Witness qualified in labor, civil and criminal courts of de São Paulo and Region
.
- 2008- Currently – REHL / SSG / Sobral Guzzo / RR7 / Salamone / NEO / Sotopietra / Almeida e Mendonça.
Network Administration and Data Center assembly. Installation, Configuration Management of Linux and Unix systems (Debian / OpenBSD).
Security policies and data security systems (IDS, Firewall, VOIP telephony)
[ QUALIFICATIONS AND PROFESSIONAL ACTIVITIES ]
-
Experience in information technology management.
-
Solid knowledge in networks and internet, TCP / IP, routing and security.
-
Experience in FreeBSD, OpenBSD, Linux, OsX and Windows.
-
Knowledge in Audits, Policies and Security Expertise.
-
Experience in projects and execution of structured cabling and telecommunications networks, routers and switches cisco.
-
Bind, Apache, Squid, E-mail, samba, cacti, nagios, vpns servers.
-
Programming Languages, Shell Script, Java, HTML, Python.
-
Security certifications (Ec-Council, ISC2) and Linux systems (LPI, Red Hat).
-
Associate expert witness in APEJESP and OPERB and member of the HTCIA (Investigation of high technology crimes) and the Brazilian Society of Forensic Sciences.
-
Member of Portuguese Association of Forensic Sciences - APCF - Portugal
-
Workshops on information security.
-
Reviewer and Author of articles for “eForensic-mag” magazine.
-
Member of the Cyberwar Games Infrastructure Project (War Games).
[ COURSES AND CERTIFICATION ]
-
Acr Informática - Assembly and configuration of computers (04/25/2000).
-
Impacta Tecnologia - Linux Basic (02/14/2002).
-
Impacta Tecnologia - Linux Fundamentals of Systems Adm. (02/22/2002).
-
Impacta Tecnologia - Linux Adm. System (06/04/2002).
-
Impacta Tecnologia - Linux Adm. Network (16/05/2002).
-
Impacta Tecnologia - Basic Network Concepts (06/06/2003).
-
Impacta Tecnologia - Structured Cabling I (05/24/2003).
-
Impacta Tecnologia - Structured Cabling II (06/06/2003).
-
4Linux - Security Course - Vulnerabilities Exploitation (09/29/2003).
-
APC - InfraStruXure Type A Training (11/09/2003).
-
IBTA Cisco CCNA 2.1 Net Academy - Module 01/02/03/04 (09/16/2004).
-
IBTA Cisco CCNA 3.1 Net Academy - Module 01/02/03/04 (10/22/2009).
-
Impacta Tecnologia - Preparatory for CCNA certification. (06/31/2009)
-
RED HAT do Brasil - RH 133, RH 253, RH 300 - (06/02/2010).
-
Impacta Tecnologia - Certification - Java Devoloper - (03/04/2010).
-
4Linux - Linux System Administration (18/03/2010).
-
4Linux - Zabbix (07/06/2010)
-
4Linux - Linux Network Servers (05/04/2010)
-
4Linux - Security in Linux Servers Using ISO 27002 (12/07/2010).
-
4Linux - Pentest - Network Intrusion Techniques (02/08/2010).
-
4Linux - HA - High Availability Cluster – Linux Server (06/10/2010).
-
Cert.br - Overview of Creating CSIRT (27/09/2010).
-
Cert.br - Information Security for Technical Staff (27/08/2010).
-
Cert.br - Fundamentals of Incident Handling (06/05/2011).
-
Strong Security - Training ECCONCIL CEH (05/08/2011).
-
Strong Security - Training ECCONCIL CHFI (12/10/2011).
-
Strong Security - Training ISC2 CISP (10/11/2011).
-
Tecnoponta – Hard Disk and data recovery course (13/08/2015).
-
Preparatory Course for Judicial Experts - APEJESP (30/03/2016).
-
IPOG - Computational Expert Course (12/05/2016).
-
Daryus - Ethical Hacking Course - EXIN (05/03/2016).
-
Daryus - Ethical Hacking Course - Daryus (10/06/2016)
-
Daryus - ISTF - ISO 27002
[ NETWORK CERTIFICATION ]
-
CCNA Cisco Certification – 3.1.
-
CCNP Cisco Certification – 3.1.
-
Impacta Tecnologia Certification– ICS Cabling Enginner.
-
3M do Brasil Certification – Structured Cabling cat 5e and 6.
-
Novell Data Center Technical Specialist.
[ LINUX CERTIFICATION ]
-
Red Hat Certification – RHCE.
-
Red Hat Certification – RHCT.
-
Red Hat Certification – RHCSA.
-
LPI I / II Certification.
-
Impacta Tecnologia Certification – ICS Networking Enginer Linux.
-
SUSE Linux Certification - SCLA / SCLP 11/12.
[ INFORMATION SECURITY CERTIFICATION ]
-
CEH – Ethical Hacking Certification – EC-Concil.
-
CHFI – Hacking Forense Investigator Certification – EC-Concil.
-
Exin - EHF - Ethical Hacking Foundation Certification
-
Exin - ISTF - ISO 27002
[ ADDITIONAL INFORMATION ]
-
Available for travel.
-
Flexibility and commitment.
-
Fluent English with travel and international courses and certifications (Londres - UK 2010).
-
Workshops on free software events and information security (Fisl, linuxcom, Sec +, ISC Security Expo, Fenacom, Uninove and others).
-
Training and Workshop in companies.
-
Computer Expert in institutions and organizations for the defense of women (Marias da Internet) .
-
Participation in the community of information security and events (Bsides, H2HC, etc).