Paulo Martins

Staff Infrastructure Security Engineer at GitLab

Zug, Zug, Switzerland
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

👤
Senior
🎓
Top School
Paulo Martins is a Staff Infrastructure Security Engineer with 11 years of experience building and securing cloud-native platforms, currently leading infrastructure security for GitLab's SaaS operations from Zug, Switzerland. He created GitLab’s Infrastructure Security team and focuses on agentic/LLM security, automated enforcement of infrastructure standards, vulnerability scanning, EDR, and SIEM integration across AWS, GCP, Kubernetes, and Terraform ecosystems. Previously he led SRE and DevOps efforts at Codacy—migrating to Kubernetes, designing observability and CI/CD pipelines, and owning security processes including a HackerOne program—and earlier built PaaS automation at OutSystems. Paulo combines hands-on coding (Python, Go) with architecture and people leadership, consistently turning audit requirements into automated, scalable controls. Colleagues rely on him for pragmatic security design that integrates into developer workflows rather than slowing them down.
code10 years of coding experience
job13 years of employment as a software developer
bookLicentiate degree, Communication Networks Engineering, Licentiate degree, Communication Networks Engineering at Instituto Superior Técnico
languagesEnglish
stackoverflow-logo

Stackoverflow

Stats
258reputation
15kreached
8answers
0questions
github-logo-circle

Github Skills (200)

codacy10
circleci10
attestation10
k8s10
encryption10
charts10
github-api10
helm10
kubernetes10
cloudtrail10
ssm10
google10
aws-glue10
docker10
amazon-web-services10

Programming languages (18)

SmartyJavaCSSScalaMakefilePLpgSQLGoMustache

Github contributions (5)

github-logo-circle
codacy/helm-ssm

Apr 2019 - Oct 2021

Injects values from AWS SSM parameters on the values.yaml file
Contributions:5 releases, 2 reviews, 43 commits in 2 years 6 months
parametershelm-pluginhelmssmhelm3
paulopontesm/Benchmark

Dec 2019 - Nov 2020

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
Contributions:2 PRs, 25 comments in 11 months
runtimebenchmarksastsecurity-toolsvulnerabilities
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Paulo Martins - Staff Infrastructure Security Engineer at GitLab