Professional with over 25 years experience in the area of information and communications technology, including 15 years of experience in networks and security infrastructure Analytical skills to solve problems, ability to work with new technologies, adaptable to any situation, proactivity and motivation to individual achievement and team. Self-management capacity of the learning process to successfully assume the continued improvement of my functions Main Skills: Governance: I have a strong experience and knowledge analyzing and writting information security policies , based on ISO 27000 Standards, NIST Standards, PCI-DSS standards and better practices of Information Security: COBIT, ITIL etc CyberSecurity Management .- Perimeter Network: Implement and Manage the perimeter security infrastructure: firewalls, proxy, IDS and IPS. I Have strong experience in analysis and management of external attacks such as: DoS, Hacking, Phishing, Injection of malicious codes, creation of rules of intelligence for the preventive detection of attacks .- Internal Network Security Management: Monitoring and management Malware reduction, Analysis and management of internal attacks. Servers and applications Hardening Strong Experience in Office 365 Security ( Antimalware, AntSpam, DLP, Audit) .- Penetration Testing , Web Application Security. Social Engineering,, Ethical Hacking Vulnerabilities Analysis. Risk analysis As a Pentester, I responsible for assessing the security status of existing and proposed company platforms, systems and processes in order to protect and continually improve the confidentiality, integrity, and availability of information systems. I have strong Professional experience in vulnerability assessment and penetration testing. I´m understanding of the difference between a vulnerability assessment and a penetration test in the context of assessment scope, objectives, and deliverables I have strong experience and knowledge of VAPT concepts and best practices, including the requirements for WhiteHat/ethical hacking. I have strong experience with security testing tools and frameworks such as Nessus, Appscan, Burp Suite, OWASP-ZAP, VEGA, Nipper, and Trustwave. Wireshark, Kali, and Metasploit, etc. I have ability to accurately validate the presence of identified vulnerabilities. I have strong experience and Understanding of OWASP, CVE, general security controls, and other foundational topics such as the latest application and operating system exploits. I have strong experience and Knowledge of common scripting and programming languages like. power shell, ruby phyton I have Ability to communicate complex analyses tailored to a variety of audiences with varying levels of technical understanding
©