I am a career-transition professional moving from 20 years of legal practice — specializing in Public Law — into cybersecurity. What I bring to the field is a foundation that most junior candidates simply cannot replicate: structured legal reasoning, deep knowledge of regulatory and compliance frameworks, evidence-handling discipline forged in practice, and two decades of managing sensitive data under strict legal obligations.
Public law practice demands rigorous documentation standards, a thorough understanding of institutional risk, and the ability to navigate complex regulatory environments — competencies that map directly onto Governance, Risk & Compliance (GRC), Digital Forensics & Incident Response (DFIR), and Security Operations. Whether interpreting LGPD/GDPR compliance requirements, applying chain-of-custody procedures, or identifying systemic risk across a portfolio of 20,000+ clients, the analytical discipline was always the same.
To formalize this transition, I earned a Postgraduate degree in Digital Security (10.0/10.0 — PUCRS), hold CompTIA Security+, CompTIA Network+ and CompTIA Cybersecurity Analyst+ certifications. I am also enrolled in a Cybersecurity Risk Management diploma with Co-op at CCTB (Vancouver), which bridges my legal and analytical background with hands-on technical training.
Hands-on Lab & Training Focus
Through structured lab environments and self-directed practice, I am actively building technical depth in:
What I Bring to a Security Team
I am targeting roles where professional maturity, regulatory literacy, and analytical rigor are valued alongside technical skills — including SOC Analyst, GRC Analyst, and Digital Forensics Analyst positions. My public law background provides a natural bridge to roles involving compliance audits, incident documentation, legal hold procedures, and evidence chain-of-custody — areas where legal and technical expertise intersect directly.
The technical depth is being built deliberately and will continue growing on the job. I am based in Vancouver, BC, and available to relocate to any city in Canada immediately if the opportunity requires it. Reach out via Email or connect on LinkedIn.
Feb 2014 — Present (12 years)
Engineered proprietary VBA-based legal-tech solutions, including a complex judicial calculation engine, automating financial data processing while ensuring strict mathematical accuracy and data integrity for court submissions.
Architected and developed custom full-stack web applications and automation tools (Python, Django) to optimize business operations and manage personal financial data.
Engineered a Judicial Debt Management System using Django and PostgreSQL, processing large-scale client portfolios and automating document workflows.
Developed a legally valid digital petition platform ("Petição Brasil") integrated with the Brazilian Government PKI (ICP-Brasil) to ensure secure authentication and chain-of-custody validation.
Mar 2012 — Mar 2026 (14 years)
Led a legal and administrative team of 30+ professionals across four locations, standardizing investigative, analytical, and operational workflows to support a portfolio of 20,000+ clients.
Conducted rigorous analysis of complex documents, contracts, and case evidence, leveraging critical thinking to identify risks, build strategies, and ensure regulatory compliance.
Standardized procedures and documentation during organizational changes to improve consistency and quality control.
Authored a long-running legal blog at thiagohenrique.adv.br covering Public Law and digital-rights topics.
Sep 2010 — Feb 2012 (1 year)
Provided comprehensive legal counsel and representation for public educators across the State of Maranhão, managing a high volume of specialized public sector litigation.
Dec 2004 — Aug 2010 (5 years)
Developed a comprehensive understanding of firm operations, progressing through multiple support roles to ensure efficient daily administrative and legal workflows.
2025 — Present
Furthering technical specialization in Cybersecurity Risk Management. Program covers network security, systems hardening, risk assessment, and co-operative work placement in the Canadian tech sector.
2024 — 2026 · 10.0 / 10.0
Focused on the intersection of legal frameworks and technical security. Covered Digital Security strategies, Data Governance, and the management of complex data ecosystems to ensure organizational compliance and resilience. Competencies: Compliance, Cybersecurity Governance, Data Protection, Risk Management.
2022 — 2024 · 9.7 / 10.0
Advanced specialization focused on Public and Constitutional Law, covering administrative law, constitutional principles, and public sector governance. Competencies: Constitutional Law, Administrative Law, Public Governance.
2005 — 2010
Final Paper — PUC-RS (Score: 10/10)
Published a final paper with a perfect score of 10/10, exploring the intersection of Direct Democracy and Information Assurance. Developed a technical framework applying the CIANA Pentagon (Confidentiality, Integrity, Availability, Non-repudiation, Authentication) to validate digital petitions using ICP-Brasil PKI infrastructure and SHA-256 cryptographic signatures.
The research evolved into Petição Brasil — a live civic-tech platform described as the only Brazilian platform that unites participatory democracy and legal security. Citizens create public petitions, sign them with any ICP-Brasil certificate (Gov.br, e-CPF, A1/A3), and receive an automatically generated chain-of-custody PDF with cryptographic evidence and QR code — giving petitions the same legal standing as physical documents before public bodies, legislative chambers, and courts. The platform also enables Popular Legislative Initiative (Brazilian Constitutional Art. 61, §2º), making it the first fully digital, zero-cost path for any citizen to propose laws to Congress. LGPD-compliant, free forever, and privacy by design.
Full-Stack Django Application | Brazilian Legal Tech
Full-stack Django application to centralize the management of judicial precatórios (court-ordered government debt instruments) issued against Brazilian public entities, built for a law firm with thousands of clients.
Tracks each precatório (government debt writ) by CNJ (Conselho Nacional de Justiça — National Council of Justice) number with independent payment statuses for three financial components: crédito principal (principal debt), honorários contratuais (contractual attorney fees), and honorários sucumbenciais (loser-pays attorney fees). Includes client/CPF (Cadastro de Pessoas Físicas — Brazilian taxpayer ID) management, alvará (court payment order) and requerimento (formal petition) workflows with configurable phase pipelines, a diligências (legal task) tracker with urgency and deadline controls, secure 50 MB PDF uploads to AWS S3, financial dashboard aggregates, and a bulk Excel import pipeline. Deployed on Heroku with PostgreSQL and gunicorn.
May 07, 2026
Django Security Series — Post 2 | Series I: Injection Attacks OWASP A03:2021 — Injection | Reading time: ~15…
May 04, 2026
Django Security Series — Post 1 | Series I: Injection Attacks OWASP A03:2021 — Injection | Reading time: ~12 min The…
March 10, 2026
Most online petition platforms collect emails. Our project collects legally-valid cryptographic proof. I'm sharing the…
February 09, 2026
I am proud to announce the completion of my Post-Graduate Capstone Project, titled "Digital Petitions and the Legal…
Available for SOC, GRC or Digital Forensics Analyst roles in Canada — based in Vancouver and available to relocate to any city in Canada immediately.
Get in Touch
