$ whoami

Hello, stranger!

My name is Ángel, and I'm a penetration tester currently based in Spain. Born in Málaga and raised in Madrid, I've always been fascinated by technology and how things work.

As a teenager, I spent countless hours tinkering with computers and electronics, learning programming languages, and exploring the vast world of computer security.

Over the past 10 years, I've dedicated my professional life to becoming an expert in application security and penetration testing. This field requires me to use my skills and knowledge to identify vulnerabilities in computer systems and networks, helping organizations strengthen their security measures. It's a challenging yet fulfilling role that keeps me on my toes and constantly learning.

Outside of work, I'm a dad, an avid sci-fi reader (nerd alert!) and a hobbyist.

Work Experience

Senior Security Consultant ~ Carve Systems (Golden, CO, USA) ~ 04/2017 - Present

  • Performed red team exercises emphasizing stealth, AV evasion, and realistic attacker tactics.
  • Conducted external and internal network assessments as an attacker with zero knowledge, focusing on AD security in corporate environments.
  • Performed physical pentests on secure customer buildings.
  • Performed in-depth pentests on web applications and APIs.
  • Assessed Android devices and applications, focusing on system services.
  • Developed in-depth threat models addressing complex scenarios.

Security Engineer ~ Logicalis (Madrid, Spain) ~ 07/2015 - 12/2016

  • Designed secure networks, provided Level 3 support, and led presales proof-of-concept scenarios.
  • Deployed and audited solutions in perimeter security, SIEM, load balancing, DNS, and antispam platforms.

Security Engineer ~ Blueliv (Madrid, Spain) ~ 09/2014 - 06/2015

  • Provided security engineering support, including network design, implementation, and incident response.

Junior security engineer ~ Ecix (Madrid, Spain) ~ 07/2014 - 09/2014

  • Assisted in security assessments and solution deployment; supported senior engineers in various projects.

Education

MSc in Communications and Information Security

European University of Madrid ~ 04/2014 - 04/2015

Computer Science Degree

Universidad Pontifica de Salamanca ~ 09/2006 - 07/2012

Conference talks

(in)secure booting Linux

Delivered a technical talk on exploiting partially encrypted Linux systems through physical access (evil maid attacks), demonstrating real-world attack techniques and mitigation strategies.

Navaja Negra Security Conference, Albacete, Spain, 2015

Skills

Programming Languages: Python, Rust (currently learning), C/C++, x86_x64 ASM

Languages: Spanish (native), English (bilingual)

Certifications / Training: OffSec Certified Professional (OSCP), Sektor7 RED TEAM Operator: Malware Development Intermediate Course, Amazon Web Services Security Specialty