Daniel Carlier

Offensive Security Engineer at Casco (YC X25)

Rio de Janeiro, Brazil
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Daniel Carlier is an Offensive Security Engineer with 8 years of experience building developer-centric application security at scale, from Globo.com to QuintoAndar and now at Casco (YC X25). He designs and implements secure systems—authoring Security CI/CD pipelines, leading OIDC migrations, and building a distributed vulnerability management platform that cut vulnerability stale time by 51%. Technically fluent in Go and AWS, he contributed backend work to globocom/huskyCI (security tests in CI) and hardened OWASP-top10 demo apps, demonstrating practical, tool-focused expertise. Comfortable embedding security into product teams, he blends penetration testing and automation to shift left security practices while mentoring peers. Based in Rio de Janeiro, he pairs operational reliability experience from early network and server roles with a knack for turning security insights into usable developer workflows.
code7 years of coding experience
job5 years of employment as a software developer
bookBacharelado em Engenharia, Computer Engineering, Bacharelado em Engenharia, Computer Engineering at Ibmec
languagesPortuguese, English, French
github-logo-circle

Github Skills (22)

docker10
back-end-development10
api-design10
vulnerability10
web-application-security10
security-automation10
integrations10
dockers10
security10
go10
api10
security-txt9
javascript9
continuous-integration9
python9

Programming languages (7)

ShellTeXJavaScriptGoPHPHTMLPython

Github contributions (5)

github-logo-circle
globocom/secDevLabs

Dec 2018 - Oct 2020

A laboratory for learning secure web and mobile development in a practical manner.
Role in this project:
userBack-end Developer
Contributions:24 reviews, 263 commits, 164 PRs in 1 year 10 months
Contributions summary:Daniel implemented several changes in the `owasp-top10-2017-apps` repository, specifically focusing on vulnerabilities in different applications. The commits show the user working on the OWASP Top 10, addressing security flaws in the applications by adding new folders, adding HTML files and fixing website problems. These changes include modifications to database connection files, suggesting a focus on back-end security and application functionality.
securelaboratorysecuritymobile-developmentvulnerabilities
globocom/huskyCI

Nov 2018 - Nov 2020

Performing security tests inside your CI
Role in this project:
userBackend Developer
Contributions:5 releases, 5 reviews, 157 commits in 2 years
Contributions summary:Daniel primarily focused on backend development tasks, contributing to the core functionalities of the HuskyCI platform. The commits demonstrate work on the server-side logic, including implementing security test integrations (RetireJS, Bandit, Brakeman, Gosec, and Safety) and adjusting configurations for these tests. They also made changes to the API and the processing of security test outputs, reflecting a focus on the core functionality and integration aspects of the project.
pythonsastcontinuous-integrationsafetygitlab-ci
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Daniel Carlier - Offensive Security Engineer at Casco (YC X25)