Freelancer profile translated to English.

Description

I am a Senior Analyst in Threat Intelligence and Threat Hunting, specializing in the early detection, analysis, and mitigation of advanced threats (APT, ransomware, data leaks, and targeted attacks). With over 8 years of experience in the cybersecurity sector, I have worked with leading companies developing innovative solutions that combine threat intelligence, automation, and behavioral analysis.

My experience ranges from researching criminal groups and their TTPs to implementing complete Threat Hunting ecosystems and malware analysis using machine learning and deep learning techniques. I have designed infrastructures based on MISP, OpenTaxii, SIEM, and XDR, and have led National SOC Network (RNS) projects, improving national-level incident detection and response capabilities.

I offer personalized services including:

Threat Intelligence as a Service: monitoring the dark web, forums, and open sources to detect leaks, reputational threats, and asset exposure.
Threat Hunting and incident analysis: identifying anomalous behaviors, correlating IOCs, and technical response.
Malware analysis (static and dynamic): identifying families, IOCs/TTPs, and creating rules for EDR/SIEM.
Development of AI-based tools and automation for early threat detection.
Training and technical advisory for SOC teams, Blue Teams, or junior analysts.

Furthermore, I am a malware instructor at Keepcoding and an author for the international magazine Hakin9, with publications on malware, phishing, OSINT, and intelligent threat detection.

My goal is to help companies and teams improve their cybersecurity posture, anticipate attackers, and transform threat data into actionable knowledge.

Languages

Spanish
Native or bilingual
English
Fluent

Workplace preferences

Remote only

Primarily works remotely

Wise Security Global
Senior Threat Intelligence & Hunting Analyst/Consultant
September 2023 - Today (2 years and 9 months)
Seville, Spain
On-demand Threat Hunting service for clients:
• Creation of detection rules for Sentinel and Windows Defender.
• Data analysis.
• Investigation of indicators.
• On-demand OneShoot service.
• Search for data leaks.
• Search for mentions in forums and the dark web.
• Investigation of potential brand reputation impacts. Digital Surveillance service:
• Monitoring of forums, websites, and the dark web to detect data leaks.
• On-demand monitoring of the attack surface.
• Digital protection of brand and corporate reputation. Threat Modeling:
• Study of criminal groups to create an attack map based on MITRE ATT&CK, tailored to clients, to implement defensive improvements.
• Responsible for managing, automating, and maintaining the National SOC Network (RNS) project based on MISP.
• Monitoring and analysis of criminal groups and their tools for incident response.
Threat Hunting Threat Analysis Cybersecurity Incident Response Cyber Threat Intelligence
Babel
Threat Intelligence & Hunting Analyst
January 2022 - Today (4 years and 5 months)
Seville, Spain
The main responsibilities within the Cybersecurity Innovation Department are:
• Research and development of an automatic malware analysis ecosystem for the SOC (both static and
dynamic), enabling the automated extraction of IOCs, TTPs, and threat behavior.
• Investigation and response to security incidents related to criminal groups and APTs, analyzing their patterns and TTPs, and extracting IOAs and IOCs to respond to threats quickly and effectively.
• Study and tracking of criminal groups and malware used in cyber incidents.
• Project leader for the National SOC Network (RNS) at Babel. Using knowledge generated and shared across
departments, events are sent to and received from CCN-CERT via MISP.
• Design and management of a Threat Hunting (threat detection) ecosystem to collect IOCs from various online
platforms and MISP, convert them into STIX format, and upload them to an OpenTaxii server for use by SIEMs, XDRs, firewalls, and other network elements for early threat detection.
• Study and implementation of Threat Hunting methodologies to detect threats within organizations.
• Analyze and investigate security incidents affecting clients in order to respond to or mitigate them.
• Management of the entire Malware and Innovation server ecosystem using VMware vSphere.
• Research and development of machine learning and deep learning tools to detect malware and malicious emails in early stages.
• Analysis of third-party security products for potential integration into Ingenia's client portfolio (XDR/EDR, commercial sandboxes, CTI platforms).
Threat Hunting Cybersecurity Threat Intelligence Threat Analysis Incident Response
Ingenia S.A
Threat Intelligence & Hunting Analyst
February 2019 - December 2021 (2 years and 10 months)
Seville, Spain
The main responsibilities within the Cybersecurity Innovation Department are:
• Research and development of an automatic malware analysis ecosystem for the SOC (both static and
dynamic), enabling the automated extraction of IOCs, TTPs, and threat behavior.
• Investigation and response to security incidents related to criminal groups and APTs, analyzing their patterns and TTPs, and extracting IOAs and IOCs to respond to threats quickly and effectively.
• Study and tracking of criminal groups and malware used in cyber incidents.
• Automation of Ingenia's SOC processes and protocols to improve efficiency, scalability, and performance.
• Analysis and investigation of client security incidents to provide response or mitigation.
• Management of the entire Malware and Innovation server ecosystem using VMware vSphere.
• Research and development of machine learning and deep learning tools to detect malware and phishing emails in early stages.
• Evaluation and analysis of vendor products for integration into Ingenia's client portfolio (XDR/EDR solutions, commercial sandboxes, threat intelligence platforms).
Threat Analysis Incident Response Cybersecurity Threat Hunting Cyber Threat Intelligence