The VTS team consists of folks with a diverse set of personalities, talents, and perspectives, and we want you to meet them! That’s why we’ve created this #WeAreVTS blog series to highlight some of the many outstanding people we have at VTS, get a closer look at the dynamic lives they have, and continue to create an environment where each VTSer can be their authentic self.
Without further ado, here's our interview with Renan Dias - Engineering Manager for Security Engineering!
In a sentence or two, can you explain what you do here at VTS?
Hi Louisa! I’m the Engineering Manager of the Security Engineering team. My team is responsible for managing and working with other Engineering teams to reduce Application, Cloud Infrastructure, and Data security risks. On any given day, we could be working to roll out a new Security tool and improve our DevSecOps processes, triaging or working with Engineering teams to remediate vulnerabilities, or responding to alerts generated by our monitoring tools.
As a Manager, my role involves setting a vision for the team; planning technical projects every quarter based on business requirements and goals; engaging with different Security vendors whenever new tooling is needed; and implementing Cloud and Application security programs, among other things.
Where are you based right now?
I’m based in Toronto, Canada.
Can you describe your professional journey and how it led you to VTS?
I started as a software developer, and in my first year of University I read a book called Digital Fortress by Dan Brown. The book was about cryptography, and it was the first time I learned about different security concepts. I was instantly fascinated by it. As I progressed in my career as a software developer, I always took the approach of learning the security aspects that went along with software development - such as secure coding techniques and the top web vulnerabilities.
Later on in my career, I began to focus more on the infrastructure side of things, where I was then introduced to a whole new world in security. I had to learn the security aspects of building networks, managing operating systems, and running applications. This was also when I came across compliance and the different compliance standards. My first experience with compliance was when I led a startup to become a PCI DSS Level 1 Service Provider. That involved going over the PCI controls, gathering evidence, partnering with Engineering teams to implement processes to harden the company’s infrastructure, systems and network, and leading communications with auditors.
The main thing that brought me to where I am today is that I have always had a passion for security. Every time I would focus on a new area or specialty in my career, I would always think about the security aspect involved in my work.
What excites you about what you do at VTS? Is there a moment in your time here that made you especially proud to work at VTS?
I have been passionate about Cybersecurity since the early days of my career. In my previous roles, I’d usually focus on one aspect of security at a time - application, infrastructure, or data. However, at VTS, I have the opportunity to solve challenging problems in all these different areas at once and with a major impact for the company, which has been an incredible experience.
Another thing that really excites me is the opportunity to build things from scratch. For example, when I joined the company and we formed the team, we set up an application security program from the ground up to reduce risk for our products and processes to allow us to ship secure products to our customers. So, ultimately, what makes me proud to work at VTS is the trust that leadership has in their Engineering teams to lead the charge.
On to more personal topics - what was your dream job growing up?
I had the dream of (almost) every Brazilian kid: to be a world famous football player. I grew up during a time where the National Football team reached 3 World Cup finals in a row (1994, 1998, 2002) and won two of them (1994 and 2002). For years, I played on my school's football team and competed in various championships. However, the dream of being a professional footballer never panned out. I still love Football so nowadays I just play for fun with friends whenever I get a chance!
What do you like to do in your free time? Any hobbies?
I play 4 different musical instruments - I guess I could essentially make my own rock band! As a kid I started with learning classical guitar, and from there I transitioned to electric guitar. I then became involved in a couple of bands as a teenager and cultivated an interest in drums. I also picked up some bass too. I have my own little music studio at home, with some guitars and a drum set. I always try to find some time to play music, it's something I really enjoy.
In terms of hobbies, I like to get out and exercise, go for a cycle and play basketball and football (soccer) with my friends. Another big passion of mine is Kung Fu, in which I hold a black belt and have been practicing for over 14 years now.
My family and I also enjoy traveling - we always try to explore different parts of Canada and the world together. We have a few continents still on the list to visit which we’re really looking forward to!
If you could wave a magic wand to solve any problem in the world, what would it be?
If I could solve any problem in the world, it would be to eradicate world hunger. I believe food should be a basic human right and everyone should have equal and easy access to it, which doesn’t happen in many countries, including where I come from. Lately, I feel like the situation has only worsened and it doesn’t seem we’re close to solving it.
What’s your advice for someone who wants to be in a role similar to yours?
I would suggest that as you're learning something new in your career, always think about the security aspect of it. For example - if you’re a developer, focus on learning different secure coding techniques. If you’re on the operations side of the house, think about how to secure networks, systems, access (IAM), and so on.This has really helped me with career growth in security.
I would also suggest not restricting yourself to working on one specialty, since there is a lot of value in exploring different areas. I applied that in my career by starting in iOS development; going from front-end to backend development; and then moving to working in infrastructure, setting up networks, hardening Linux servers, and managing databases. Being exposed to different domains can give you a strong foundation, which makes it easier to master the security aspect of what you’re doing.
Finally, Security Engineering requires passion and a lot of dedication. Information you learn can be outdated in a week or two, so there's always a need to pick up new information and learn new things.
A great way to start and continue to learn about different security topics is through courses on platforms like Udemy and Udacity, as well as podcasts and conferences. I often share about my learning journey on LinkedIn - so feel free to connect with me or send me a message!
