Can you start by introducing yourself?
My name is João Oliveira and I’m from Leiria. I’m at La Redoute since October 2019. I’ve started as a System Operator and in February 2020 I joined the Security team as a Security Engineer, and this is my first job.
I love video games and travel. Cybersecurity has always been a passion of mine and when I can I play around with some CTF challenges or some hackthebox labs. I also love coding, and with my Raspberry Pi and Arduino, there are some cool IoT projects I’ve worked on.
I have a degree in Computer Science and I’m currently doing a master’s degree in Cybersecurity and Forensics at the Polytechnic Institute of Leiria. I recently participated in the OSDFCon 2021 Autopsy Module Development Contest with a module I developed as part of my thesis for the master’s degree.
What do you do as a Cybersecurity? What do you enjoy most (here at La Redoute)?
As a Cybersecurity Engineer here in La Redoute I mainly work on identifying, planning, and executing measures that reduce, mitigate, or avoid any security flaws on several platforms and systems. In the cybersecurity scope is very important to take immediate action upon any known issue and for that to happen it is very important to have a way to monitor or alert us on the security flaws (vulnerability scanning tools, IAM monitoring, SIEM alerting, etc.) and upon detection of the issue, an action plan must be determined and executed. When possible, the action plan should be already documented for the execution to be faster.
We normally apply this workflow to scenarios that involve threats (malware, ransomware, phishing, etc.), vulnerabilities, compliance, and other security concepts like the principle of least privilege.
With which La Redoute values do you feel most in line? Why? Can you give examples?
I believe that as part of my role and team it is very important to be responsible for the actions we take and how we treat the several security issues that we face. We deal with matters that if untreated or badly handled can expose or compromise our infrastructure. To mitigate these issues in the most proficient way we must be responsible and handle them carefully otherwise the business and users’ data can be impacted.
Can you describe your team in 3 words?
Dynamic, Cautious, Innovative
Which achievements are you prouder of (here at La Redoute)?
In the cybersecurity field we deal with issues that require immediate action and for that we require real-time alerting upon the several issues that might come our way. One of my main goals was to ensure that we would prioritize a security alerting system for the several platforms we handle to be notified of any issue as quickly as possible. I’m proud that we now have several alerts for several platforms notifying us immediately of security issues.
I’m also proud of the work I did on GitLab regarding users and permissions management. I alongside Juan Vico reviewed all GitLab users and their permissions to understand the best role for each type of user, following the least privilege principle. In the process, we created the RBAC groups which centralize the user and permissions management in GitLab. We presented our work in an OpenTalk back in February.
Any personal advice for someone who would like your job position?
Be attentive and take special caution in prioritizing your work. There are always security concerns in every corner, people will always come to you with situations they believe are security issues. We need to be able to filter these issues and try to understand what our priority is, we can’t be everywhere at once. We need to be especially attentive because the most concerning security issues might not be so obvious and missing those can be very prejudicial to business.
How can you describe your transition from System Operator to Cybersecurity Engineer?
I believe that the fact that I was a System Operator before I became a Cybersecurity Engineer here at La Redoute helped me a lot to better understand the overall infrastructure of La Redoute IT and to identify the most critical security flaws that I should focus on as a Cybersecurity Engineer. System Operators are on the frontline of all IT issues, they must be able to quickly identify the criticality of an alert and assign it to the correct people. This gives them enormous insight into what’s going on in the infrastructure and consequently, they quickly become aware of the security flaws associated with each component of the infrastructure.
Any book or podcast you recommend?
I’m currently listening to the “Darknet Diaries” podcast. This podcast describes in detail some hacking-related true stories told by the actual responsible hacker. Sometimes they reveal some untold stories and explain how things were done and how could they be avoided. For any cybersecurity enthusiast, this podcast is a gold mine for hacking-related stories.