26 years. 8 countries. Both sides of the water.

I started in cybersecurity when most Latin American boardrooms didn't know what a firewall was. Server rooms in São Paulo, Buenos Aires, Mexico City — in an era when security was the first budget line cut.

I learned early: you don't sell technology in this region. You sell trust. And trust takes years to build and seconds to lose.

I've worked as both attacker and defender. As consultant and as client. As the person presenting risk to the board and as the person who had to explain a breach. That dual position is what KRKN is built on.

The Kraken

The Kraken is not a monster. It's a model.

To protect ships, you must think like what sinks them. To protect organizations, you must understand exactly how they fail — not in theory, but in practice, in the field, under pressure, in the languages where the decisions are actually made.

I've worked across eight countries in Portuguese, English, and Spanish. The only language that works in every boardroom, in every culture, is the same: money, continuity, consequence.

The Pen Nib

The ✒️ is literal. I have a pen nib tattooed on my arm. It's a reminder that everything — every risk, every strategy, every contract — begins with someone writing it down. With intention. With precision. With accountability.

The ♟️ is the long game. Cybersecurity is not a sprint. It's positional. Every move you make now shapes what's available to you in the future.

The Work

I specialize in cyber risk quantification using the FAIR framework — translating technical exposure into the financial language that boards actually act on. I work with CISOs and executives across Latin America, helping organizations move from tool-buying to risk-thinking.

I also work with SAFE Security on CTEM, TPRM, and CRQ — continuous threat exposure management, third-party risk, and cyber risk quantification. The goal is always the same: help organizations understand not just whether they're at risk, but exactly how much.