Technical Consultant: Penetration Testing
CurrentI perform several penetration tests to servers, webs and APIs using the OWASP methodology.I have performed internal, cloud and active directory pentesting.As part of the pentest team, I make technical and executive reports of vulnerabilities with theirrespective recommendations, in English and Spanish.I have been reporting new CVEs to developers within projects that could affect other customers.Not only that, but I have been exposing new vulnerabilities and new creative exploit methods to thepentest team, to add those tests to all future pentests.I also actively participate in the review and quality control of pentesting reports, making suggestions fortesting, presentation and supplementing the information in the reports to ensure that the client has themaximum understanding of the report.Furthermore, I have changed my working hours to nights so that the pentesting can be performedaccording to the client's needs.In emergency projects such as the data breach, we have met the client's expectations, providingvulnerability, explanation and a recommendation, working even on non-working days.We have been supporting the customer and the A2 safety offices in retesting and making newalternative recommendations to those that were initially made. This is so that the customer can closethe vulnerabilities using another route, which is often easier for the customer.