Experience
Leading company-wide security management, R&D/ML team building AI security agents, incident response, and SOC 2 Type 2 compliance. Shaping security products for the on-chain economy.
Led Web3 and Smart Contract technical team. Product architecture, security best practices, hosted Hacker Hangouts, and represented Immunefi at industry events.
Reviewed and triaged smart contract vulnerability reports, assessed severity and impact, provided mediation between protocols and hackers.
3-month scholarship to hunt for bugs full-time. Code reviewing, smart contract auditing and security researching.
Served on the 9/12 multisig securing Arbitrum, the #1 L2 blockchain with $12B+ TVL. Emergency response, security consultation, and incident response.
Teaching the 22-week Advanced Solidity Bootcamp covering AMMs, fuzzing, security, EVM assembly, proxies, elliptic curve cryptography, and DeFi lending.
Aeronautics and Astronautics. Portugal's top engineering school.
Projects
AI Security Agents
Building ML-powered security agents at Immunefi, shaping the future of security products for the on-chain economy.
RareSkills Solidity Bootcamp
Instructor for the Advanced Solidity Bootcamp—a comprehensive 22-week curriculum for professional smart contract developers.
Node Guardians CTFs
Built security-focused CTF quests including Beanstalk exploit recreation, Huff campaigns, and fraud proofs challenges.
Speaking & Media
Why you should be hunting on Web3 Bug Bounties
Presented on the key distinctions of Web3 bug bounty hunting and how blockchain provides more assurances to whitehats. Covered significant hacks, hacker communications, and million-dollar bounties.
Auditors & Bounty Hunters: who should secure your bags?
Panel discussion with Oliver Hörr (hats.finance), Erik Arfvidson (Euler Labs), and Josselin Feist (Trail of Bits), moderated by Matthias Egli (ChainSecurity).
The Hacker Mentality: What makes one Succeed in the Bug Bounty World
Talk exploring the mindset and strategies that lead to success in bug bounty hunting, presented at TrustX during DevConnect Istanbul.
Solidity's most common security pitfalls (and its best safeguards)
Talk on the most common security vulnerabilities in Solidity smart contracts and the best practices to prevent them.
Featured Quote on Back Cover
“I've taught crypto devs for many years. If you want to go from zero to hero in smart contracts, Mastering Ethereum is the definitive no-fluff guide I recommend above all to achieve that.”
Hacking Back: Why Offensive Cyber Operations Are a Legal Minefield
“This is why firms should focus on operating under frameworks that prevent these scenarios entirely, like scaling bug bounty programs that channel security efforts into authorized, constructive activities. When security researchers work within this framework, they're protected legally, companies get stronger security, and innocent third parties are never put at risk.”
Lazarus Group's favorite exploit revealed — Crypto hacks analysis
“[North Korean hackers] focus on a small number of high-value targets and can play a very long game, combining detailed technical knowledge with social engineering and spear-phishing capabilities.”
Hack Analysis: 0xbaDc0dE MEV Bot, September 2022
“In this article, we will be analyzing the exploited vulnerability in the 0xbad smart contract without looking at any actual source code. We'll analyze the massive profit arbitrage transaction and see what we can learn from there, but also try a few decompiling tools to help us reach the same conclusion as the hacker.”
Two probes will explore the early Solar System
“The points derive from the three-body problem, which considers the gravitational pull of just two bodies (in this case, the Sun and Jupiter), and then the few points where smaller points can remain stable are found through algebraic methods. The Trojan asteroids are celestial bodies that gathered around Jupiter's L4 and L5. The Lucy mission is crucial to understanding the history of the solar system.”
Contact
Let's Connect
Interested in Web3 security, AI, or potential collaboration? Feel free to reach out through any of these channels.