Professional Expertise & Experience

As the Chief Technology Officer, Paúl Santapau leads the engineering and technical strategy for IriusRisk. His leadership ensures the platform delivers robust, pragmatic, and scalable solutions that address the critical security challenges faced by developers and architects today.

Paúl is a deeply experienced security veteran, having worked for over 20 years in both the offensive (ethical hacking, security research) and defensive (architecture, solution development) sides of cybersecurity. His career includes:

• Security Architecture Leadership: Roles as a Security Architect in large corporations, designing complex defense strategies.
• Research and Innovation: Experience working in security research, including with the Nisu Security Research Group, and building innovation departments in technology startups.
• Engineering Foundation: He began his career as a developer using languages like C, C++, and Java, providing him with an intrinsic understanding of the technical challenges and pain points faced by development teams.

Key Contributions and Achievements

Paúl’s work focuses on moving organizations toward a proactive, security by design posture:

• Integrated Security: He has a proven track record of helping major organizations, including FTSE 100 companies, integrate robust security design and testing directly into their development processes.
• Threat Modeling Evangelism: He champions the use of automated threat modeling as the most effective mechanism for achieving security in agile, modern environments.
• Community Contribution: Paúl is an active contributor to multiple OWASP projects, demonstrating his commitment to collaborative, open-source security standards and practices.