Gilberto Najera-Gutierrez, M. S.
Viaducto Miguel Alemán No 9 Int 14, Col. Escandón, Del. Miguel Hidalgo, Mexico City 11800, Mexico
act9dz@r.postjobfree.com (+52 1-55-137*-**** (Skype) gilnajera
https://mx.linkedin.com/in/gilberto-nájera-5991ba36
Headline Summary
Offensive Security Certified Professional (OSCP), EC-Council Certified Security Analyst (ECSA), with Master's degree in Computer Science. Experienced in information security analysis: penetration testing, application security assessment, static source code analysis and programming, with a multidisciplinary profile.
Experienced interacting with clients: Fortune’s Global 500, Mexico’s and Central America's Top 100 companies and Federal Government agencies.
Multidisciplinary profile with knowledge in cloud computing, programming, video games development, scientific research, among others.
Experienced training people and leading teams.
Author of: Kali Linux Web Penetration Testing Cookbook, Packt Publishing, February 2016.
Self motivated, hard worker, team player, quick learner, problem solver, versatile.
Career History
Sm4rt Security Services, Jan 2013 – Present
Security Testing Team Manager
Planned and created a department specialized in Information Security Testing projects.
Recruited, trained and led a team of 10 consultants on performing penetration tests, web application security assessments, vulnerability assessments, source code security analysis and security consulting.
Designed and presented executive and technical reports and results presentations to clients.
Collaborated with sales and service delivery teams on interacting with clients and service offering, sizing and quoting.
Sr. Information Security Analyst
Successfully conducted Penetration Tests, Application Vulnerability Assessments and Static Source Code Security Analysis for Fortune’s Global 500, Mexico’s Top 100 companies and Federal Government agencies.
Also elaborated reports, performed results presentations and provided recommendations for security improvement on client’s assets.
Cloud Computing Consultant
Analyzed current on premise applications from customers, proposed strategies for cloud implementation, designed and executed test laboratories for such implementations.
Used Rightscale tools to manage Windows Azure and Amazon Web Services cloud servers.
Sm4rt Game Studios, Feb 2010 – Jan 2013
Project Leader / AI-Game-play programmer
Led a team of designers, artists and programmers
Designed, scheduled and added features, events, quests, buildings and characters
Cloud servers and database management
Designed AI algorithms, gameplay and features, programmed most of them
Designed and implemented a network communication system for multiplayer interaction
Used Unity 3D, Visual C++, Gamebryo LIghtspeed, Scaleform Gfx, Adobe Flash
Education History
Master degree on Computer Science, good mathematical skills, knowledge on artificial intelligence.
Centro de Investigación en Computación, IPN, Jan 2007 – Jul 2009
Master Degree on Computer Science, specialized on Artificial Intelligence.
Degree obtained with thesis “Augmented Reality on Man-Machine Interfaces”.
Instituto Tecnológico de Ciudad Cuauhtémoc, Aug 1999 – Apr 2004
Computing Systems Engineer, specialized on Databases
Degree obtained with research project "Developing Applications for Mobile Devices".
Professional Qualifications and Training
Penetration testing / Information Security Analysis certifications, intermediate knowledge on cloud computing.
ECSA, certificate obtained
EC-Council, December 2015
OSCP, certificate obtained
Offensive Security, May 2014
Rightscale Jumpstart Training
Rightscale, Santa Clara, California, December 2012
Key Skills
Leadership, Information Security, working well independently, team player, creativity, communication skills, understanding complex issues, problem solving, research skills.
Technical Skills
Penetration Testing, Information Security Analysis, Application Security Assessment, OWASP, Offensive Security, Cloud Computing, Game Programming, Linux, Microsoft Windows server Family, C/C++, Java, Python, HTML, PHP, MySQL
Pentesting and Security Analysis related:
Techniques: port scanning, sniffing, vulnerability scanning, fuzzing, user enumeration, vulnerability exploitation, SQL Injection, Cross Site Scripting, command injection, ARP spoofing, password cracking, pivoting, ssh tunneling, phishing.
Tools: Metasploit, Nessus, OpenVAS, Acunetix, Burp Suite, OWASP zap, OWASP Mantra, HP Fortify, Checkmarx CxSAST, Nmap, Nikto, Ettercap, W3af, Cain & Abel, john the Ripper, THC Hydra, exploit-db, Sapyto, SQLmap, among others.
Publications
Kali Linux Web Penetration Testing Cookbook
Packt Publishing, February 2016
https://www.packtpub.com/networking-and-servers/kali-linux-web-penetration-testing-cookbook
Languages
Spanish (native), English(fluent), French(learning)
Migration status
Will need TN Visa status to work in the U.S.