You're seeing this page as if you were . The main menu is still yours, though. Exit from immersion
Malt Strategy
New report
Malt Tech Trends 2026
Gerard C.GC

Gerard C.

Pentester, Cybersecurity | OSWE, OSCP, CRTO, OSWP

€495/day
1 project
Barcelone, ES
3-7 years
Pentesting
Cybersecurity
Phishing
Ethical Hacking

Average response time: 1 hour

Freelancer profile translated to English.
Back to original language

About Gerard

Hello! I'm Gerard Capdevila, a cybersecurity specialist with over6 years of experience in advanced pentesting and offensive security**, currently working in **SecOps and Cloud Securityfrom within companies.

For over six years, I've practiced pentesting "the old way," conducting in-depth technical audits, manual exploitation, and realistic vulnerability chaining in web, cloud, internal, and Active Directory environments. I hold expert-level certifications likeOSCP, OSWE, CRTO,among others, which support a solid technical foundation and an offensive mindset focused on real impact.

Today, I complement that offensive vision with a strategic and operational perspective: I work ensuring security controls are correctly implemented under frameworks like **NIST, ISO 27001, and SOC 2**, collaborating closely with technical and business teams to ensure security is not just compliance, but an effective and measurable practice.

Furthermore, I help companies integrate artificial intelligence into their security processes, optimizing tasks such as:

  • Vulnerability analysis and prioritization
  • Control automation
  • Detection and response improvement
  • Cloud configuration review (CSPM)
  • Generation of compliance documentation and evidence
My profile combines:
  • Offensive mindset (Red Team / advanced exploitation)
  • Defensive and operational vision (SecOps / Cloud Security / CSPM / SIEM / Incident Response)
  • Experience in regulatory compliance
  • Ability to translate technical risk into strategic decisions
I work with demanding technical teams, CTOs, CEOs, and security leaders who seek someone capable of understanding deep technical details without losing sight of the global impact on the organization.

If you need a hybrid profile—capable of thinking like an attacker, operating as a defender, and structuring security as a scalable system—I'd be delighted to collaborate with you.

  • Spanish

    Native or bilingual

  • Catalan

    Native or bilingual

  • English

    Fluent

  • French

    Native or bilingual

Can work on-site
Barcelone (up to 50km), Madrid (up to 50km)

Experience

  • Magellan Sécurité
    Cyber Security Engineer - Senior Pentester
    CONSULTING AND AUDITS
    October 2023 - October 2025 (2 years)
    Paris, France
    As a Senior Penetration Tester at Magellan, I conducted penetration testing across Europe for various clients. My responsibilities included external penetration testing, internal web application testing, and cloud security assessments on Azure and AWS platforms. Additionally, I performed phishing simulations, provided training to security teams, conducted compliance tests against standards like CIS and DORA2, audited workstations, reviewed configurations, and handled other related tasks.
    Pentesting Cybersecurity Microsoft Azure Python Training
  • Ericsson
    Cyber Security engineer - Pentester
    TELECOMMUNICATIONS
    April 2022 - October 2023 (1 year and 6 months)
    Massy, France
    As a Penetration Tester at Ericsson, I performed security assessments on internal products. This included internal red team exercises for 5G products, cloud environments, and hardware. All work was conducted entirely in English. Additionally, I was responsible for knowledge dissemination activities, such as simplifying complex security concepts (vulgarisation) and delivering internal presentations to Ericsson employees.
    English red team Kubernetes PenTest Networks and Telecoms
  • SSL247 (A Sectigo Company)
    Cyber Security Engineer - Pentester
    March 2020 - April 2022 (2 years and 1 month)
    Lille, France
    As a Red Team Operator at Sectigo, I conducted operations across the French, Spanish, and English markets. My responsibilities included external penetration testing, phishing campaigns, internal penetration testing, code reviews, and other security assessments. Additionally, I served as a technical seller for the Spanish market, providing expert guidance on cybersecurity solutions.
    PenTest Phishing Commercial Active Directory Cybersecurity
Check out Gerard's experience

Reviews

5.0

Out of 1 rating

A

Aleix

Totalmente Recomendable - Beenario GmbH

Reviewed on 1/13/2026

It has been a real pleasure working with Gerard. Communication has been perfect, he has met the agreed deadlines, and the work done has been of very high quality. His report contained points that many security auditors had not found before. He will undoubtedly be our first choice for future similar projects.

Recommendations

Be the first to recommend Gerard

Help this freelancer shine by sharing your experience working together.

These freelancer profiles also match your criteria

AgathaA

Agatha Frydrych

Backend Java Software Engineer

4.7

(3)

2

BaptisteB

Baptiste Duhen

Fullstack developer

4.6

(4)

5

AmedA

Amed Hamou

Senior Lead Developer

4

(2)

7

AudreyA

Audrey Champion

Web developer

4.3

(3)

4

Signup to reveal

Education

  • Master's degree, Ciberseguridad y Privacidad
    Universitat Oberta de Catalunya
    2022
    Master's degree, Ciberseguridad y Privacidad
  • Ingeniería, Ingeniería de telecomunicaciones
    UPC - ETSETB Telecos BCN
    2019
    Ingeniería, Ingeniería de telecomunicaciones
Check out Gerard's education

Certifications

Gerard's certifications are only visible to Malt Community members

Skill set

PenTest
Linux
Systems Administration
Active Directory
hacking
Information Security
Microsoft Azure
Network Administration
Python
Training
red team
Cybersecurity Incident Management
GRC (Governance, Risk and Compliance)
Risk and Vulnerability Assessment
Security Awareness Training
Threat Intelligence
French
English

Categories