I am a professional transitioning into Cloud Security Architecture with a strong foundation in linguistics, critical thinking and security engineering.
Currently I am pursuing Cybersecurity at Masterschool in Berlin, focusing on the Google Cloud Platform with a multicloud view (AWS + Kubernetes). My mission is to design secure architectures, govern identities and integrate AI practices ethically and responsibly.
- Target role: Cloud Security Architect (GCP-first, multicloud-aware)
- Focus: IAM, Zero Trust, governance, RAG (Retrieval-Augmented Generation) and security applied to GenAI
- Copilot tools: I leverage LLMs for IAM analysis, threat modeling, cloud network design and ADR documentation — always with critical human validation.
| Domain | Technologies & tools |
|---|---|
| Google Cloud | VPC, subnets, Cloud VPN, Cloud Armor, Cloud Load Balancing, Cloud NGFW, Cloud Run |
| Identity & Access Management | IAM, BeyondCorp, Zero Trust, RBAC/ABAC, Cloud Identity |
| Infrastructure as Code | Terraform, gcloud CLI |
| Containers & Orchestration | Kubernetes (EKS/GKE), Docker, Cloud Run |
| Security Operations | Logging/Monitoring (Stackdriver), Incident response, Wireshark, Kali Linux, TryHackMe |
| AI Governance | Responsible AI, policies and compliance for GenAI, RAG |
These certifications consolidate my ongoing training in cloud security, DevSecOps and AI governance.
Each entry is backed by auditable evidence (PDF, SHA256, metadata, CI validation) in this repository.
| Title | Institution / Date | Verification |
|---|---|---|
| Google Cybersecurity (Professional Certificate) | Google & Coursera, 2026 | Repository evidence |
| Assets, Threats, and Vulnerabilities | Google & Coursera, 2026 | Repository evidence |
| Automate Cybersecurity Tasks with Python | Google & Coursera, 2026 | Repository evidence |
| Tools of the Trade: Linux and SQL | Google & Coursera, 2026 | Repository evidence |
| Sound the Alarm: Detection and Response | Google & Coursera, 2026 | Repository evidence |
| Put It to Work: Prepare for Cybersecurity Jobs | Google & Coursera, 2026 | Repository evidence |
| Trust and Security with Google Cloud | Google Cloud, 2026 | Repository evidence |
| Scaling with Google Cloud Operations | Google Cloud, 2026 | Repository evidence |
| Google Cloud Platform (GCP) Operations for SaaS | Google Cloud, 2026 | Repository evidence |
| Segurança de redes VPC com Cloud Next Generation Firewall | Google Cloud & Coursera, 12 Dec 2025 | UGKLS3H9DK46 |
| Evaluate Your Cloud NGFW Needs | Google Cloud & Coursera, 11 Dec 2025 | 8GMV467HD7LB |
| Introduction to Cloud NGFW | Google Cloud & Coursera, 11 Dec 2025 | TOG0TR47KXO4 |
| Cloud Architecture Design Patterns | Coursera/Starweaver, 13 Dec 2025 | MCMC50B4ROHQ |
| Generative AI: Fundamentals, Applications and Challenges | University of Michigan, 17 Dec 2025 | N5Q4I4PJAAPC |
| Generative AI: Governance, Policy and Emerging Regulation | University of Michigan, 11 Dec 2025 | VIINXO50FH4T |
| Play It Safe: Manage Security Risks | Google & Coursera, 13 Oct 2025 | P4D56PWZPOY4 |
| Security in Google Cloud (Specialization – 4 courses) | Google Cloud, 27 Aug 2025 | 05EFDDMIY2GG |
| Networking in Google Cloud: Hybrid and Multicloud | Google Cloud, 14 Jul 2025 | 7MU9KC5ELUNM |
| Managing Security in Google Cloud | Google Cloud, 18 Aug 2025 | 09LO5H5FIA3Q |
| Networking in Google Cloud: Load Balancing | Google Cloud, 17 Jun 2025 | 9QW5NE2RT3GV |
| Foundations of Cybersecurity | Google, 28 Jul 2025 | AQMGQA2744Y2 |
| Wireshark for Beginners: Capture Packets | Coursera Project, 06 Aug 2025 | NXBAZNX7RF9H |
| Networking in Google Cloud: Network Security | Google Cloud, 10 Jun 2025 | OF0I0IHYT2HQ |
| Kubernetes in AWS: Create Cluster in EKS in your own VPC | Coursera Project, 15 Aug 2025 | RWQ3PTYIV99Y |
| Mitigating Security Vulnerabilities on Google Cloud | Google Cloud, 27 Aug 2025 | U811FEOPENC8 |
| Google Cloud Fundamentals: Core Infrastructure | Google Cloud, 22 Jun 2025 | VWX50B489U5D |
Practical, scenario-based certifications focused on offensive and defensive security, validated through hands-on labs and real-world simulations.
| Title | Platform | Verification |
|---|---|---|
| TryHackMe — Jr Penetration Tester Path | TryHackMe | |
| TryHackMe — Cyber Defense / Blue Team Labs | TryHackMe |
These certificates complement my cloud-security path with hands-on attack & defense practice, including enumeration, privilege escalation, log analysis and incident response workflows.
- Continuing education in IT (Cybersecurity specialization): Masterschool Institute of Technology, Berlin.
- Bachelor’s degree in Portuguese Language & Literature: Universidade Tiradentes, Brazil.
- Languages: Portuguese (native), German (intermediate) and English (improving).
- Learning methodology: systematic study with Anki flashcards, practical labs and documentation in the form of study cases.
- GCP security labs: repositories containing VPC configurations, NGFW, load balancers and mitigation mechanisms.
- IAM & Zero Trust studies: identity audit scripts and examples of least-privilege policies.
- GenAI governance: RAG study focusing on compliance and ethical risk mitigation.
In progress… new projects will be added as studies advance. Each lab includes diagrams, ADRs and reflections on trade-offs.
- Web3 Wallet & Identity — Threat Model (Operator Perspective)
/docs/wallet-identity-threat-model.md
| Platform | Profile |
|---|---|
| André Bonfim | |
| Coursera | Coursera Profile |
| TryHackMe | a.bonfim.tech |
| Google Skills Boost | Google Skills Activity |
| GitHub | a-bonfim-tech |
- Zero Trust architectures
- Multicloud resilience
- Automation & IaC
- Safe GenAI research
Feel free to contact me for collaboration, mentoring or opportunities.