Gilberto Najera-Gutierrez, M. S.

Viaducto Miguel Alemán No 9 Int 14, Col. Escandón, Del. Miguel Hidalgo, Mexico City 11800, Mexico

act9dz@r.postjobfree.com (+52 1-55-137*-**** (Skype) gilnajera

https://mx.linkedin.com/in/gilberto-nájera-5991ba36

Headline Summary

Offensive Security Certified Professional (OSCP), EC-Council Certified Security Analyst (ECSA), with Master's degree in Computer Science. Experienced in information security analysis: penetration testing, application security assessment, static source code analysis and programming, with a multidisciplinary profile.

Experienced interacting with clients: Fortune’s Global 500, Mexico’s and Central America's Top 100 companies and Federal Government agencies.

Multidisciplinary profile with knowledge in cloud computing, programming, video games development, scientific research, among others.

Experienced training people and leading teams.

Author of: Kali Linux Web Penetration Testing Cookbook, Packt Publishing, February 2016.

Self motivated, hard worker, team player, quick learner, problem solver, versatile.

Career History

Sm4rt Security Services, Jan 2013 – Present

Security Testing Team Manager

Planned and created a department specialized in Information Security Testing projects.

Recruited, trained and led a team of 10 consultants on performing penetration tests, web application security assessments, vulnerability assessments, source code security analysis and security consulting.

Designed and presented executive and technical reports and results presentations to clients.

Collaborated with sales and service delivery teams on interacting with clients and service offering, sizing and quoting.

Sr. Information Security Analyst

Successfully conducted Penetration Tests, Application Vulnerability Assessments and Static Source Code Security Analysis for Fortune’s Global 500, Mexico’s Top 100 companies and Federal Government agencies.

Also elaborated reports, performed results presentations and provided recommendations for security improvement on client’s assets.

Cloud Computing Consultant

Analyzed current on premise applications from customers, proposed strategies for cloud implementation, designed and executed test laboratories for such implementations.

Used Rightscale tools to manage Windows Azure and Amazon Web Services cloud servers.

Sm4rt Game Studios, Feb 2010 – Jan 2013

Project Leader / AI-Game-play programmer

Led a team of designers, artists and programmers

Designed, scheduled and added features, events, quests, buildings and characters

Cloud servers and database management

Designed AI algorithms, gameplay and features, programmed most of them

Designed and implemented a network communication system for multiplayer interaction

Used Unity 3D, Visual C++, Gamebryo LIghtspeed, Scaleform Gfx, Adobe Flash

Education History

Master degree on Computer Science, good mathematical skills, knowledge on artificial intelligence.

Centro de Investigación en Computación, IPN, Jan 2007 – Jul 2009

Master Degree on Computer Science, specialized on Artificial Intelligence.

Degree obtained with thesis “Augmented Reality on Man-Machine Interfaces”.

Instituto Tecnológico de Ciudad Cuauhtémoc, Aug 1999 – Apr 2004

Computing Systems Engineer, specialized on Databases

Degree obtained with research project "Developing Applications for Mobile Devices".

Professional Qualifications and Training

Penetration testing / Information Security Analysis certifications, intermediate knowledge on cloud computing.

ECSA, certificate obtained

EC-Council, December 2015

OSCP, certificate obtained

Offensive Security, May 2014

Rightscale Jumpstart Training

Rightscale, Santa Clara, California, December 2012

Key Skills

Leadership, Information Security, working well independently, team player, creativity, communication skills, understanding complex issues, problem solving, research skills.

Technical Skills

Penetration Testing, Information Security Analysis, Application Security Assessment, OWASP, Offensive Security, Cloud Computing, Game Programming, Linux, Microsoft Windows server Family, C/C++, Java, Python, HTML, PHP, MySQL

Pentesting and Security Analysis related:

Techniques: port scanning, sniffing, vulnerability scanning, fuzzing, user enumeration, vulnerability exploitation, SQL Injection, Cross Site Scripting, command injection, ARP spoofing, password cracking, pivoting, ssh tunneling, phishing.

Tools: Metasploit, Nessus, OpenVAS, Acunetix, Burp Suite, OWASP zap, OWASP Mantra, HP Fortify, Checkmarx CxSAST, Nmap, Nikto, Ettercap, W3af, Cain & Abel, john the Ripper, THC Hydra, exploit-db, Sapyto, SQLmap, among others.

Publications

Kali Linux Web Penetration Testing Cookbook

Packt Publishing, February 2016

https://www.packtpub.com/networking-and-servers/kali-linux-web-penetration-testing-cookbook

Languages

Spanish (native), English(fluent), French(learning)

Migration status

Will need TN Visa status to work in the U.S.

Contact this candidate