Paulo Martins is a Staff Infrastructure Security Engineer with 11 years of experience building and securing cloud-native platforms, currently leading infrastructure security for GitLab's SaaS operations from Zug, Switzerland. He created GitLab’s Infrastructure Security team and focuses on agentic/LLM security, automated enforcement of infrastructure standards, vulnerability scanning, EDR, and SIEM integration across AWS, GCP, Kubernetes, and Terraform ecosystems. Previously he led SRE and DevOps efforts at Codacy—migrating to Kubernetes, designing observability and CI/CD pipelines, and owning security processes including a HackerOne program—and earlier built PaaS automation at OutSystems. Paulo combines hands-on coding (Python, Go) with architecture and people leadership, consistently turning audit requirements into automated, scalable controls. Colleagues rely on him for pragmatic security design that integrates into developer workflows rather than slowing them down.
10 years of coding experience
13 years of employment as a software developer
Licentiate degree, Communication Networks Engineering, Licentiate degree, Communication Networks Engineering at Instituto Superior Técnico
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST), Dynamic (DAST), and Runtime (IAST) tools that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
Contributions:2 PRs, 25 comments in 11 months
runtimebenchmarksastsecurity-toolsvulnerabilities
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Paulo Martins - Staff Infrastructure Security Engineer at GitLab