Description

Soy Analista Senior en Threat Intelligence y Threat Hunting, especializado en la detección temprana, análisis y mitigación de amenazas avanzadas (APT, ransomware, data leaks y ataques dirigidos). Con más de 8 años de experiencia en el sector de la ciberseguridad, he trabajado con empresas líderes desarrollando soluciones innovadoras que combinan inteligencia de amenazas, automatización y análisis de comportamiento.

Mi experiencia abarca desde la investigación de grupos criminales y sus TTPs hasta la implementación de ecosistemas completos de Threat Hunting y análisis de malware mediante técnicas de machine learning y deep learning. He diseñado infraestructuras basadas en MISP, OpenTaxii, SIEM y XDR, y he liderado proyectos de Red Nacional de SOC (RNS), mejorando la capacidad de detección y respuesta ante incidentes a nivel nacional.

Ofrezco servicios personalizados de:

Threat Intelligence as a Service: vigilancia de la dark web, foros y fuentes abiertas para detectar filtraciones, amenazas reputacionales y exposición de activos.
Threat Hunting y análisis de incidentes: identificación de comportamientos anómalos, correlación de IOCs y respuesta técnica.
Análisis de malware (estático y dinámico): identificación de familias, IOC/TTPs y creación de reglas para EDR/SIEM.
Desarrollo de herramientas y automatización basadas en IA para detección temprana de amenazas.
Formación y asesoría técnica para equipos SOC, Blue Team o analistas junior.

Además, soy instructor de malware en Keepcoding y autor en la revista internacional Hakin9, con publicaciones sobre malware, phishing, OSINT y detección inteligente de amenazas.

Mi objetivo es ayudar a empresas y equipos a mejorar su postura de ciberseguridad, anticiparse a los atacantes y transformar los datos de amenazas en conocimiento accionable.

Languages

Spanish
Native or bilingual
English
Fluent

Workplace preferences

Remote only

Primarily works remotely

Wise Security Global
Senior Threat Intelligence & Hunting Analyst/Consultant
September 2023 - Today (2 years and 9 months)
Seville, Spain
On-demand Threat Hunting service for clients:
• Creation of detection rules for Sentinel and Windows Defender.
• Data analysis.
• Investigation of indicators.
• On-demand OneShoot service.
• Search for data leaks.
• Search for mentions in forums and the dark web.
• Investigation of potential brand reputation impacts. Digital Surveillance service:
• Monitoring of forums, websites, and the dark web to detect data leaks.
• On-demand monitoring of the attack surface.
• Digital protection of brand and corporate reputation. Threat Modeling:
• Study of criminal groups to create an attack map based on MITRE ATT&CK, tailored to clients, to implement defensive improvements.
• Responsible for managing, automating, and maintaining the National SOC Network (RNS) project based on MISP.
• Monitoring and analysis of criminal groups and their tools for incident response.
Threat Hunting Threat Analysis Ciberseguridad Incident Response Cyber Threat Intelligence
Babel
Threat Intelligence & Hunting Analyst
January 2022 - Today (4 years and 5 months)
Seville, Spain
The main responsibilities within the Cybersecurity Innovation Department are:
• Research and development of an automatic malware analysis ecosystem for the SOC (both static and
dynamic), enabling the automated extraction of IOCs, TTPs, and threat behavior.
• Investigation and response to security incidents related to criminal groups and APTs, analyzing their patterns and TTPs, and extracting IOAs and IOCs to respond to threats quickly and effectively.
• Study and tracking of criminal groups and malware used in cyber incidents.
• Project leader for the National SOC Network (RNS) at Babel. Using knowledge generated and shared across
departments, events are sent to and received from CCN-CERT via MISP.
• Design and management of a Threat Hunting (threat detection) ecosystem to collect IOCs from various online
platforms and MISP, convert them into STIX format, and upload them to an OpenTaxii server for use by SIEMs, XDRs, firewalls, and other network elements for early threat detection.
• Study and implementation of Threat Hunting methodologies to detect threats within organizations.
• Analyze and investigate security incidents affecting clients in order to respond to or mitigate them.
• Management of the entire Malware and Innovation server ecosystem using VMware vSphere.
• Research and development of machine learning and deep learning tools to detect malware and malicious emails in early stages.
• Analysis of third-party security products for potential integration into Ingenia's client portfolio (XDR/EDR, commercial sandboxes, CTI platforms).
Threat Hunting Ciberseguridad Threat Intelligence Threat Analysis Incident Response
Ingenia S.A
Threat Intelligence & Hunting Analyst
February 2019 - December 2021 (2 years and 10 months)
Seville, Spain
The main responsibilities within the Cybersecurity Innovation Department are:
• Research and development of an automatic malware analysis ecosystem for the SOC (both static and
dynamic), enabling the automated extraction of IOCs, TTPs, and threat behavior.
• Investigation and response to security incidents related to criminal groups and APTs, analyzing their patterns and TTPs, and extracting IOAs and IOCs to respond to threats quickly and effectively.
• Study and tracking of criminal groups and malware used in cyber incidents.
• Automation of Ingenia's SOC processes and protocols to improve efficiency, scalability, and performance.
• Analysis and investigation of client security incidents to provide response or mitigation.
• Management of the entire Malware and Innovation server ecosystem using VMware vSphere.
• Research and development of machine learning and deep learning tools to detect malware and phishing emails in early stages.
• Evaluation and analysis of vendor products for integration into Ingenia's client portfolio (XDR/EDR solutions, commercial sandboxes, threat intelligence platforms).
Threat Analysis Incident Response Ciberseguridad Threat Hunting Cyber Threat Intelligence