Hi, my name is

Gonçalo Magalhães

Head of Security at Immunefi

Head of Security at Immunefi. Aerospace engineer turned cybersecurity leader, specializing in Web3 security, AI, and smart contract auditing.

View My WorkGet in Touch

01.About Me

Head of Security at Immunefi, protecting billions in crypto assets across the Web3 ecosystem.

I'm an aerospace engineer turned cybersecurity leader with 5+ years of experience shipping clean, testable code. At Immunefi, the world's largest Web3 bug bounty platform, I lead company-wide security management and manage the R&D/ML team building AI security agents. I'm deeply involved in the Web3 security community—lecturing at bootcamps, building CTFs, speaking at industry events, and teaching the Advanced Solidity Bootcamp at RareSkills. Previously served on the Arbitrum Security Council, helping secure the #1 Layer 2 blockchain with $12B+ TVL.

Portugal

Focus Areas

Security Leadership & SOC 2 Compliance
AI/ML Security Agents
Smart Contract Auditing
Zero-Knowledge Cryptography

02.Experience

Immunefi logo
ImmunefiCurrent

July 2022 - Present

Head of Security

Mar 2024 - Present

Leading company-wide security management, R&D/ML team building AI security agents, incident response, and SOC 2 Type 2 compliance. Shaping security products for the on-chain economy.

Smart Contract Lead Engineer

Apr 2023 - Apr 2024

Led Web3 and Smart Contract technical team. Product architecture, security best practices, hosted Hacker Hangouts, and represented Immunefi at industry events.

Smart Contract Triager

Nov 2022 - May 2023

Reviewed and triaged smart contract vulnerability reports, assessed severity and impact, provided mediation between protocols and hackers.

Whitehat Hacker Scholar

July 2022 - Nov 2022

3-month scholarship to hunt for bugs full-time. Code reviewing, smart contract auditing and security researching.

Arbitrum DAO logo
Arbitrum DAO

Sept 2024 - Nov 2025

Security Council Member

Sept 2024 - Nov 2025

Served on the 9/12 multisig securing Arbitrum, the #1 L2 blockchain with $12B+ TVL. Emergency response, security consultation, and incident response.

RareSkills logo
RareSkills

Dec 2023 - Mar 2025

Advanced Solidity Instructor

Dec 2023 - Mar 2025

Teaching the 22-week Advanced Solidity Bootcamp covering AMMs, fuzzing, security, EVM assembly, proxies, elliptic curve cryptography, and DeFi lending.

Instituto Superior Técnico logo
Instituto Superior Técnico

2014 - 2019

Master of Science, Aerospace Engineering

2014 - 2019

Aeronautics and Astronautics. Portugal's top engineering school.

View Full Experience (14 companies)

03.Skills

🛡️Security

Smart Contract Auditing
Incident Response
Vulnerability Research
SOC 2 Compliance

⛓️Blockchain

Solidity / EVM
DeFi Protocols
L2 / Rollups
Huff / Move / Noir

🔐Cryptography

Zero-Knowledge Proofs
Elliptic Curves
Groth16 / PLONK
Circom

💻Languages

TypeScript / Node.js
Python
Rust
C++ / Go

04.Projects

AI Security Agents

Building ML-powered security agents at Immunefi, shaping the future of security products for the on-chain economy.

AI/MLSecurityR&D

RareSkills Solidity Bootcamp

Instructor for the Advanced Solidity Bootcamp—a comprehensive 22-week curriculum for professional smart contract developers.

EducationSolidityDeFi

Node Guardians CTFs

Built security-focused CTF quests including Beanstalk exploit recreation, Huff campaigns, and fraud proofs challenges.

CTFSecurityEducation

More projects coming soon

05.Speaking & Media

Speaking Engagements

SpeakingMonth Year

Talk or Event Title

Conference Name

Brief description of the talk or panel.

Media & Press

Publication Name·Month Year

Article Title

"Your quote from the article..."

06. What's Next?

Get In Touch

I'm always interested in discussing Web3 security, zero-knowledge proofs, or potential collaboration opportunities. Feel free to reach out!

Say Hello