Marcos Martín Gutiérrez
DevSecOps Automation & Security Engineer
Work Experience
September 2022 - Present
Swisscom | Rotterdam (The Netherlands)
DevSecOps Automation & Security Engineer
Help to find the best solutions as a liaison between the DevOps developers and Security Leadership of Swisscom. Evaluate, test, configure and run innovative security tools/features to be used by more than a thousand developers in a cloud native manner. Support and communicate with development and operations teams about security tooling and automation in diverse projects. Liase on projects covering a wide span of industries and impacting Switzerland as a whole. Enable business managers to know and be able to take on their security responsibilities. Ensure that the business areas know and can fulfill their security responsibilities. Assess the progress of the security work of the business units and ensure that they are constantly improving. Identify and define security measures and ensure their implementation.
July 2021 - September 2022
Aegon | Madrid (Spain)
Application Security Engineer
Help the organization to evolve its application security functions and services. Responsible for upholding code reviews across all code platforms. Take charge of bug intake and remediation process for the organization. Provide leadership for application vulnerability scanning and penetration testing remediation. Manage integration with vulnerability check tools such as SAST and DAST tools. Discover security exposures and develop mitigation plans, and also report and fix the technical debt. Work with Aegon's business areas and with other technology areas to identify security requirements and ensure the resilience of business processes. Collaborate on critical IT projects of Aegon Corporación to ensure the implementation of security standards throughout the project life cycle (SDLC).
January 2021 - July 2021
Between Technology | Barcelona (Spain)
Security Analyst
Implementation of security (ISO 27001, ENS) on projects under development. Secure data, file integrity, application registry encryption, network access control. Detection of vulnerabilities in the source code (C++, .NET). Security architecture design. Test reports documentation, risk and vulnerability analysis
March 2019 - December 2020
Giesecke+Devrient Mobile Security | Barcelona (Spain)
Test Manager
Manage test design, test execution and test analysis. Test cases creation based on technical designs and implementation by using a C++ automation framework. Execution, analysis and bug fixing of test results as well as system behavior reporting.
April 2020 - June 2020
ILUNION Security | Remote (Spain)
Intelligence Service InternShip
Implement a search engine in Java using the Twitter4j API.
November 2018 - January 2019
Junta de Castilla y León | Valladolid (Spain)
Information Management Department Internship
Monitoring and testing a web application.
Education History
November 2019 - December 2021
UNIR | Barcelona (Spain)
Master’s Degree in Cybersecurity
Know the characteristics, functionalities and structure of distributed systems, computer networks and the Internet. Identify the functionalities and structure of the databases. Use the tools necessary for storage, processing and access to information systems. Know the principles, methodologies and life cycles of software engineering. Evaluate person-computer interfaces.Master's thesis “Telefónica Challenge: Study of the characteristics that affect wireless services in routers”, ElevenPaths
November 2013 - May 2019
Universidad de Valladolid | Valladolid (Spain)
Bachelor’s degree in Telecommunications Engineering (Electronic Systems specialization)Final thesis: “Remote monitorization (via smartphone) of the oxygen levels in a wine production factory”: Design and production of the electronic system, firmware programming and smartphone application.
Additional Training & Certificates
-
2021 - Internal Auditor ISO 27001:2013, Information Security Management Systems (UNIR) with TÜV Rheinland Certified Qualification
-
2021 (40h) - Python Programming Course by UNIR
-
2021 (40h) - Lead Cybersecurity Professional Certificate - LCSPC™ by CertiProf.
-
2021 (20h) - Scrum Foundation Professional Certificate by CertiProf.
-
2021 (20h) - Cyber Security Foundation Professional Certificate - CSFPC™ by CertiProf.
-
2021 (10h) - Introduction course about Ethical Hacking imparted by Mastermind.
-
2021 (10h) - Wireless Networks Hacking (WiFi) by Mastermind.
-
2021 (40h) - Python programming by UNIR.
Mentions & Awards
-
Reto Telefónica (ElevenPaths): “Estudio de las características que afectan a los servicios inalámbricos en routers”
An analysis of the characteristics of the router that can affect the quality of the WiFi is carried out, that is, different attacks will be performed on the router, looking for vulnerabilities and the behavior of the router is studied in the face of these different attacks, establishing patterns. -
Patent Request:
Electronic device and sensor data collection system. -
Intellectual Property Application:
Mobile application that analyses and measures in real time the oxygen levels for a wine production factory. -
Explorer Program ‘Jóvenes con Ideas’ 2019 - Entrepreneurs:
“IoT Common Sense” project: Explorer ‘Jóvenes con Ideas’ is Banco Santander’s entrepreneurship program that helps to land projects by promoting their market launch. -
PROMETEO 2019 Award for innovation and development of market-oriented prototypes:
Electronic system that gathers and sends data remotely from an oxygen sensor for a wine production factory. -
PROMETEO 2019 Award for innovation and development of market-oriented prototypes:
Mobile application that analyses and measures in real time the oxygen levels for a wine production factory.
Skills
- Cyber Security
SSDLC, SAST, DAST, OPA, Kiuwan, Snyk, Kali Linux, Metasploit, NMAP, ISO 27001, OWASP, BurpSuite, FFUF, Hydra, SQLMap, HTB
- Coding/Scripting
C, C++, Groovy, Python, Java, Bash, JavaScript, VB.Net, Perl
- DevOps
Jenkins, GIT, Bitbucket, Docker, Kubernetes, Terraform, ELK Stack
- Agile
Jira, Scrum, Confluence
- Other
Word, Excel, PowerPoint, Adobe Illustrator, Adobe Premiere, VS Code, Notepad++
Language
- English
Read | * | * | * | * | - |
Written | * | * | * | * | - |
Spoken | * | * | * | - | - |
- Spanish
Read | * | * | * | * | * |
Written | * | * | * | * | * |
Spoken | * | * | * | * | * |