About me

/cv.jpeg
Just another ego pic

Intro

Whats’up stranger!

I’m Pablo Ruiz, Software Engineer by U-TAD and Master in Cybersecurity Research by Universidad de León. Currently, I work as Managing Security Consultant at EY.

I’m known on the internet under the AKA Pitenager and you can find me on the Hack the Box platform through this link.

I’m currently OSCP, OSWP, OSEP, CRTP, CRTO, GPEN, GCIH, AWS Solutions Architect Associate, DSOC, CCSK, ISO 27001 Lead Implementer and I’m finalizing OSWE and AWS Security Specialty.

Career

  • [Abril 2023 - Now] - Managing Security Consultant at EY: Performance of advanced penetration tests against solutions deployed in the cloud, infrastructure for multiple clients in different fields (banking, retail, transport…), execution of Red Team exercises following the TIBER framework.

  • [Marzo 2022 - Abril 2023] - Consultor de Cibserseguridad at mnemonic AS: Helping customers from all sectors identifying their security gaps and needs in order to provide them the best recommendations. This is achieved by being involved from the early stages of the consulting process to the final delivery. Assignments that were carried out include:

    • Penetration test of both: internal and external networks
    • Web application security
    • Red and Purple teaming
    • Cloud configuration review
    • iOS and Android application security
    • Endpoint security

    Other activities in which Pablo has been involved are:

    • Development of internal Threat Emulation Framework
    • Evaluation of security products/tools for the department
    • Workshops and talks for other departments
    • Research and negotiate with different providers in order to implement internal training and learning paths
  • [Octubre 2019 - Actualidad] - Ingeniero de Cibserseguridad at Stratio Big Data: Conducted penetration tests against the different modules that make up the “Stratio Data Centric” product. Including:

    • Code review in C/C++, Java, Scala and Python
    • Infrastructure based in containers (Docker, Mesosphere DC/OS, Kubernetes)
    • Web and APIs
    • Development of automation tools
    • Secure architecture design.

    Head of internal security, in charge of:

    • Continuous internal penetration testing
    • ESET antivirus maintenance and deployment
    • Development of internal tools for tasks automation in Python and Golang
    • Security awareness exercises such as phishing, lectures and tutorials
    • Development of policies and methodology to comply with ISO 27001 standard
    • Development and deployment of log monitoring system using Grafana and ELK
    • Ensure VPN is up and running 99% of the time (Fortinet)
    • Maintain clusters of virtual machines (VMWare ESXi) and containers (Kubernetes)
  • [Junio 2018 - Octubre 2019] - Security Consultant at Entelgy Innotec Security: Worked on different kind of projects such as:

    • Penetration tests (web, Android, Wi-Fi and infrastructure)
    • Reporting for the corresponding clients
    • Develop internal tools in Python
    • Assist the Red Team during initial phases of engagements

Awards & Achievements

  • 8 Honor records during the Software Engineering Degree, specifically in: Digital Production, Introduction to Computer Networks, Network and Operating Systems Administration, Artificial Intelligence, Low Level Programming, Web Programming, Network and Computer Systems Security and Distributed Systems
  • 8 Honor records during the Master’s Degree in Cybersecurity Research, specifically in: Security in Cyber-Physical Systems I, Mathematics for Cybersecurity I - Cryptography, Trusted Systems I, Mobile and Distributed Ecosystems, Software Analysis II, Scientific Research, Systems Auditing and Forensic Analysis I, Intrusion, Detection, Management and Prevention of Cyberattacks
  • Best academic record during the Degree in Software Engineering
  • Extraordinary end-of-Master’s degree award at the end of the University Master’s Degree in Cybersecurity Research
  • Member of the Spanish Society of Academic Excellence (SEDEA) - attached title
  • Honorable Mention in Compulsory Secondary Education (ESO)
  • Classified to the national final of the cybersecurity competition Cybercamp in the 2018 and 2019 editions.
  • Chosen as pre-member of the Spanish Cybersecurity National Team to represent the national team at the European CyberSecurity Challenge in Switzerland ECSC
  • Diploma of Implementer of the standard ISO27001
  • Diploma of completion of the course API Security
  • Diploma of completion of the course Ultimate AWS Certified Solutions Architect Associate SAA-C03
  • Diploma of completion of the course Dante - Penetration Tester Level I from Hack the Box

Interests

I’m a pretty active person, I like to be always tinkering with different things, but if I had to choose something, I would definitely choose everything that has to do with Red Team. I’m also very interested in everything that has to do with malware and exploiting, although I’m still getting started. Likewise, I really enjoy participating in CTF, mainly in teams, but also individually.

Finally, I always sign up to attend cybersecurity conferences such as Navaja Negra, H-C0N, Enise, Cybercamp, DefCon (online)…

Outro

If you are interested, you can download my complete CV in this link

Thanks for coming this far and… *Happy Hacking!

Pablo Ruiz - Pitenager