Thiago Teixeira

Thiago Teixeira

Postgrad in Digital Security | CompTIA Network+, Security+ & Cybersecurity Analyst+ | Python & Django

Vancouver, BC, Canada On-site, Remote or Hybrid | Open to relocate across Canada on short notice

About Me

Bridging Law & Cybersecurity — I Build Secure Systems

I'm a career-transition professional pairing 20 years of Public Law practice with hands-on security engineering. Rather than just describe the journey, I'd rather show what I've built and the credentials that back it.

What I've shipped

  • Petição Brasil — a live civic-tech platform I designed and built that gives digital petitions the same legal standing as physical documents. It signs each petition with ICP-Brasil PKI certificates (Gov.br, e-CPF, A1/A3) and SHA-256 cryptographic signatures, generating an automatic chain-of-custody PDF with cryptographic evidence — applying the CIANA model (Confidentiality, Integrity, Availability, Non-repudiation, Authentication) end to end. The underlying research earned a perfect 10/10 final paper at PUC-RS.
  • Secure by Design — an ongoing bilingual (EN/PT) Django security series that maps real web attacks (SQL Injection, XSS, SSTI, Command Injection, and more) to the CompTIA CySA+ CS0-003 syllabus and the OWASP Top 10, with exploit anatomy and the exact Django defence for each.
  • Production Django systems — judicial debt (precatórios) management and public-sector payroll platforms serving real government workflows.

Verified credentials

Postgraduate degree in Digital Security (10.0/10.0 — PUCRS); CompTIA Security+, Network+, and Cybersecurity Analyst+ (CySA+); and the Security Analytics Professional (CSAP) stackable certification. Currently completing a Cybersecurity Risk Management diploma with Co-op at CCTB (Vancouver). Every badge is third-party verifiable on Credly — see the Certifications section below.

What I bring

The same discipline that governs legal evidence — documentation rigor, chain-of-custody, regulatory literacy (LGPD/GDPR) — applied to GRC, DFIR, and Security Operations, backed by the proven ability to build and ship secure software. I'm targeting SOC Analyst, GRC Analyst, and AppSec / Security Engineer roles.

Based in Vancouver, BC, and available to relocate anywhere in Canada immediately. Reach out via Email or connect on LinkedIn.

Featured Projects

Secure by Design — Web Application Security with Python & Django

Bilingual (EN/PT) Django security series mapped to CySA+ CS0-003 & OWASP Top 10

An ongoing weekly learning journal — published every Thursday in English and Portuguese simultaneously — documenting my transition from law into application security. Each post dissects a real web attack, then I open the Petição Brasil codebase and audit it for that exact vulnerability: running Bandit, Semgrep, or manual code review against my own production code, and publishing the results — clean scans, real findings, or design decisions — directly in the post. Every attack is cross-referenced to the CompTIA CySA+ CS0-003 exam objectives, the OWASP Top 10 (2021 & 2025), MITRE ATT&CK techniques, and the NIST Cybersecurity Framework.

What makes this series different: every post includes real scan results run against my own production codebase (13,700+ lines), real design decisions I made and why, and LGPD/regulatory analysis from my legal background. The roadmap spans the full OWASP Top 10 across ten chapters — from Injection and Broken Access Control to Authentication, Cryptographic Failures, Security Misconfiguration, Insecure Deserialization, Logging & Monitoring, and SSRF. It fills a confirmed market gap: no other EN/PT-BR resource maps Django security practices directly to the CySA+ exam syllabus with real project evidence.

DjangoPythonCySA+OWASP Top 10SQLiXSSSSTICommand Injection

Digital Petitions & the Legal Validity of Popular Will: An ICP-Brasil Authentication Proposal

Final Paper — PUC-RS (Score: 10/10)

Published a final paper with a perfect score of 10/10, exploring the intersection of Direct Democracy and Information Assurance. Developed a technical framework applying the CIANA Pentagon (Confidentiality, Integrity, Availability, Non-repudiation, Authentication) to validate digital petitions using ICP-Brasil PKI infrastructure and SHA-256 cryptographic signatures.

The research evolved into Petição Brasil — a live civic-tech platform described as the only Brazilian platform that unites participatory democracy and legal security. Citizens create public petitions, sign them with any ICP-Brasil certificate (Gov.br, e-CPF, A1/A3), and receive an automatically generated chain-of-custody PDF with cryptographic evidence and QR code — giving petitions the same legal standing as physical documents before public bodies, legislative chambers, and courts. The platform also enables Popular Legislative Initiative (Brazilian Constitutional Art. 61, §2º), making it the first fully digital, zero-cost path for any citizen to propose laws to Congress. LGPD-compliant, free forever, and privacy by design.

ICP-BrasilPKISHA-256PKCS#7Digital SignaturesCIANADjangoPython

Controle de Precatórios — Judicial Debt Management System

Full-Stack Django Application | Brazilian Legal Tech

Full-stack Django application to centralize the management of judicial precatórios (court-ordered government debt instruments) issued against Brazilian public entities, built for a law firm with thousands of clients.

Tracks each precatório (government debt writ) by CNJ (Conselho Nacional de Justiça — National Council of Justice) number with independent payment statuses for three financial components: crédito principal (principal debt), honorários contratuais (contractual attorney fees), and honorários sucumbenciais (loser-pays attorney fees). Includes client/CPF (Cadastro de Pessoas Físicas — Brazilian taxpayer ID) management, alvará (court payment order) and requerimento (formal petition) workflows with configurable phase pipelines, a diligências (legal task) tracker with urgency and deadline controls, secure 50 MB PDF uploads to AWS S3, financial dashboard aggregates, and a bulk Excel import pipeline. Deployed on Heroku with PostgreSQL and gunicorn.

DjangoPythonPostgreSQLAWS S3django-storagesBootstrap 5pandasopenpyxlgunicornHerokupython-decouple

Public Servants Payroll Calculation System — Maranhão State Government

VBA/Excel Legal-Tech (2014) → Web Application (2020–Present)

Engineered a proprietary payroll calculation engine in VBA and Excel to automate the computation of labor entitlements for approximately 30,000 public servants of the State of Maranhão — replacing entirely manual processes prone to error in high-stakes court submissions.

The system handled complex Brazilian labor legislation rules (cálculos trabalhistas), including overtime, vacation pay, severance, and retroactive adjustments, producing outputs with the mathematical precision required for judicial use. At peak, it processed the financial claims of the entire public education workforce of a Brazilian state.

In 2020, led the migration of the system to a web-based architecture, managing the full development lifecycle: requirements gathering, contractor hiring, and technical supervision of an external development team — delivering a production system currently at v1.4.16.

VBAExcelphpLegal TechPayroll Automation

Certifications

Security Analytics Professional (CSAP) badge

Security Analytics Professional (CSAP)

CompTIA

Issued May 2026 · Exp. May 2029

Verify
Cybersecurity Analyst (CySA+) badge

Cybersecurity Analyst (CySA+)

CompTIA

Issued May 2026 · Exp. May 2029

Verify
Security+ badge

Security+

CompTIA

Issued Apr 2026 · Exp. Apr 2029

Verify
Network+ badge

Network+

CompTIA

Issued Dec 2025 · Exp. Dec 2028

Verify
TOEFL iBT — English Proficiency (110/120, CEFR C1) badge

TOEFL iBT — English Proficiency (110/120, CEFR C1)

ETS (Educational Testing Service)

Issued Jun 2026 · Exp. Jun 2028

Experience

Software Developer

Self-Employed

Feb 2014 — Present (12 years)

Build full-stack web applications and automation tools in Python/Django (and earlier VBA) for the legal sector, with a focus on data integrity and secure authentication. Flagship builds — the Petição Brasil ICP-Brasil digital-signature platform, a Judicial Debt (precatórios) Management System, and a public-payroll calculation engine — are detailed in the Projects section above.

Senior Attorney & Legal Operations Lead

Henrique Teixeira Advogados Associados

Mar 2012 — Mar 2026 (14 years)

Led a legal and operations team of 30+ professionals across four locations, standardizing investigative, analytical, and compliance workflows for a 20,000+ client portfolio. Analyzed complex contracts and case evidence to identify risk, build strategy, and ensure regulatory compliance — the GRC/DFIR-adjacent discipline that underpins my move into security. Also authored a long-running Public Law blog at thiagohenrique.adv.br.

Lawyer

Henrique Teixeira Advogados Associados

Sep 2010 — Feb 2012 (1 year)

Provided comprehensive legal counsel and representation for public educators across the State of Maranhão, managing a high volume of specialized public sector litigation.

Legal Assistant

Henrique Teixeira Advogados Associados

Dec 2004 — Aug 2010 (5 years)

Developed a comprehensive understanding of firm operations, progressing through multiple support roles to ensure efficient daily administrative and legal workflows.

Education

Cybersecurity Risk Management with Co-op

Canadian College of Technology and Business (CCTB)

2025 — Present

Furthering technical specialization in Cybersecurity Risk Management. Program covers network security, systems hardening, risk assessment, and co-operative work placement in the Canadian tech sector. (Academic coursework completed; co-op in progress.)

Postgraduate Lato Sensu — Specialization in Digital Security

PUCRS — Pontifícia Universidade Católica do Rio Grande do Sul

2024 — 2026 · 10.0 / 10.0

Focused on the intersection of legal frameworks and technical security. Covered Digital Security strategies, Data Governance, and the management of complex data ecosystems to ensure organizational compliance and resilience. Competencies: Compliance, Cybersecurity Governance, Data Protection, Risk Management.

Credential evaluated by World Education Services (WES)Verify

2022 — 2024 · 9.7 / 10.0

Advanced specialization in Public and Constitutional Law — administrative law, constitutional principles, and public-sector governance.

Bachelor of Laws (LL.B.) — Law and Legal Studies

UNICEUMA — Universidade CEUMA

2005 — 2010

Credential evaluated by World Education Services (WES)Verify

Recent Posts

Available for SOC, GRC or Digital Forensics Analyst roles in Canada — based in Vancouver and available to relocate to any city in Canada immediately.

Get in Touch