André Eleuterio
About André Eleuterio
André Eleuterio is a Senior Security Engineer at Sourcegraph, where he has led security initiatives, achieved SOC2 compliance, and managed third-party penetration tests. He has a background in security roles at GitHub, npm, Inc., and ExxonMobil, and holds a Bachelor's Degree in Computer Engineering.
Work at Sourcegraph
André Eleuterio has served as a Senior Security Engineer at Sourcegraph since 2020. In this role, he has contributed significantly to the company's security posture, including achieving SOC2 compliance. He led the security efforts for Sourcegraph's cloud-based offerings, focusing on architecture review and control development. André successfully managed third-party penetration tests and security incidents, ensuring the integrity of Sourcegraph's systems. He played a crucial role in rebuilding the security team after a period of being the sole member. His initiatives included implementing an internal vulnerability management program and developing security monitoring features for the company's SaaS products.
Previous Experience in Cybersecurity
Before joining Sourcegraph, André Eleuterio worked as a Security Researcher at GitHub for seven months in 2020. He also held the position of Vulnerability Analyst at npm, Inc. from 2018 to 2020. His earlier experience includes working as a Software Security Analyst at ExxonMobil from 2016 to 2018. These roles provided him with a solid foundation in security practices and vulnerability management, which he has applied in his current position.
Education and Expertise
André Eleuterio holds a Bachelor's Degree in Computer Engineering from the Federal University of Technology - Parana, which he completed from 2012 to 2017. He also studied Computer Engineering at the University of Massachusetts Dartmouth for one year from 2014 to 2015. In 2015, he attended the Massachusetts Institute of Technology, focusing on Applied Cyber Security. His educational background supports his expertise in security engineering and vulnerability management.
Achievements and Contributions
During his tenure at Sourcegraph, André Eleuterio achieved two promotions, reaching IC level 4 in the engineering career ladder. He has implemented critical security measures, such as rate limiting and WAF functionality for Sourcegraph's SaaS product. Additionally, he removed hardcoded secrets from the codebase, transitioning them to a secure vault. André has also written several information security policies to support the business operations of Sourcegraph, demonstrating his commitment to enhancing the organization's security framework.