I am an Engineering Leader with almost 9+ YoE in professional software development and 3+ YoE of managing teams of software engineers. I previously held the title of Head of Engineering of a Series C startup, where at one point I was managing up to 20 engineers, including engineering managers, software engineers, data scientists and SREs.
I have a track record of building core customer-facing products, operating high-scale distributed systems, and developing high-performing teams.
I have a strong background in backend and distributed systems, including a PhD in Network Security with 7+ YoE in distributed systems research and in pan-european sponsored projects, and I am the author of several international research papers, patents in network performance monitoring and search relevancy, and two books on network attack injection.
Twitter is a microblogging and social networking service with hundreds of millions of monthly active users. At the Notifications Infrastructure team, we process up to hundreds of billions of notifications a day and are the service-of-record for email addresses and phone numbers at Twitter.
Entelo (Series C) is a recruiting platform that applies intelligence to big data to help modern recruiters find, qualify, and acquire talent. We process over 6TB data daily, which poses very interesting challenges, from scalable ingestion of data to building accurate machine learning models. Entelo is a first-class recruiting platform powered by AI with an ever-growing customer base of over 700 customers, including big names such as Facebook, Amazon, Uber, Netflix, Slack, PayPal, Lyft, Asana, among others.
ThousandEyes (Series D) is a Network Performance Monitoring solution that provides visibility into the entire application service delivery chain for SaaS performance management, including internal and external network-level information paired with application and routing data. ThousandEyes is central to the global operations of the world’s largest and fastest growing brands, including Comcast, eBay, HP, 100+ of the Global 2000, 60+ of the Fortune 500, 5 of the 6 top US banks, and 20 of the 25 top SaaS companies (as of 2018).
As one of the first handfull full-time engineers at ThousandEyes (in 2012), I was part of the core backend/R&D team that was responsible for the cross-platform software running on several thousands of network agents that make up the ThousandEyes monitoring network.
LASIGE is a research unit of the Department of Computer Science and Engineering (DI) of the University of Lisbon (ULisboa), Faculty of Sciences (FCUL). It develops activities in a number of relevant areas of computer science and engineering (CSE), including: Security and dependability (Navigators Group).
As a Researcher I have worked for the Navigators Group at LASIGE on Network Security and Dependibility. I have over seven years of experience in pan-european research projects, and I am the author of several international research papers, patents in network performance monitoring and search relevancy, and two books on network attack injection.
MSc on Vulnerability Assessment Through Attack Injection at University of Lisboa(2006)
The increasing reliance on networked computer systems demands for high levels of dependability. Unfortunately, new threats and forms of attack are constantly emerging to exploit flaws in these systems, compromising their correctness. An intrusion in a network server may affect its users and have serious repercussions in other services, possibly leading to other security breaches that can be exploited by further attacks. Software testing is the first line of defense against these attacks because it can support the discovery and removal of vulnerabilities. However, searching for flaws is a difficult and error-prone task and has been known to miss the detection of critical vulnerabilities. This book presents a novel methodology for the discovery of vulnerabilities that systematically generates and injects attacks, while monitoring and analyzing the target system. Several innovative solutions related to this approach are covered, including ways to infer a specification of the protocol implemented by the server, the generation of a comprehensive set of attacks, the injection and monitoring of the target system, and the automatic analysis of results.
AWS Lambda function to fetch books from Goodreads, serialize, and push to Airtable. Modified from original repo: Adapt to lambda function and replace harcoded keys with env variables; Specify ruby version; Add Makefile for convenience; General refactoring; Don’t override all records by default (optimize for specific updates, such as unread to read); Cache activerecord calls to .all (since these trigger API calls); etc.
AWS Lambda function to query Meetup.com for events from a given group and automatically RSVP on specific events.
Wrapper around QuantConnect’s open source algorithms, which allows to run several algorithms under the same QCAlgorithm object (and shared portfolio).
A Google Chrome Extension that replaces New Tab with a beautiful TODO list.
Chrome Store: Tabula (New Tab To-do List)
Chrome Extension that changes the appearance of Google Docs documents with a beautiful distraction-free writing environment. It replaces the background and sheet textures, hides away the toolbar and the comments section. Use it in full screen mode for best effect. Enjoy.
Chrome Store: Distraction-Free for Google Docs
A protocol reverse engineer tool written in Java. ReverX is able to derive the language (message syntax) and grammar (protocol state machine) from network traces. Since this solution only resorts to interaction samples of the protocol, it is well-suited to uncover the message formats and protocol states of closed protocols and also to automate most of the process of specifying open protocols. It currently supports text-based protocols (eg, FTP, POP, etc.) and it provides a limited support for binary-based protocols (eg, DNS).
This is my Java implementation of the Exbar (Lang, K. J., 1999) algorithm for inferring a minimum size DFA (deterministic finite automaton) consistent with a training set. Please refer to the research paper “Faster algorithms for finding minimal consistent DFAs”for additional details.
This Applescript allows iTunes to sync ratings to a local file. You can then publish this file across different computers to synchronize ratings with other iTunes libraries. I suggest some sync file service such as Dropbox in order to have the ratings file instantaneously in sync. Then, all you have to do is run this script from time to time from iTunes and it will automatically synchronize your song ratings.
First attack injection tool for the automatic detection of security vulnerabilities in network servers. AJECT is capable of generating and injecting a large number of attacks that aim at causing unexpected behavior, indicative of vulnerabilities. AJECT is composed of a remote injector and a local monitor, capable of tracing the server’s execution (UNIX signals, memory, etc). (Java/C++)