Carlos A. Lozano

OBJECTIVE | EXPERIENCE

Leading and performing security controls evaluation through penetration testing, vulnerability assessments, application security assessments, risk analysis, audits and specialized advisory.

SKILLS, STRENGTHS AND ABILITIES

• Experience performing penetration testing projects for medium and large companies.

• Experience performing application security assessments for web applications, standalone, client-server and SCADA systems.

• Experience performing risk analysis for medium and large companies.

• Experience performing audits for PCI, LFPDPPP and ISO27000 series.

• Experience on proposals and RFP creation for security services.

• Experience on presales engenieering for security solutions and security services.

• Experience leading interdisciplinary teams distributed at different countries and cities.

• Good interpersonal/customer-relations skills and the ability to guide manage large projects.

• Frequent conference, congress and security events speaker.

• Ability to teach technology to other engineers and partners.

• Ability to transmit hardcore technical reports to a C-level vision.

• Communication and presentation skills, with strong written and verbal skills.

• Knowledge of network and system exploits, vulnerabilities, hacking techniques and security countermeasures.

• Knowledge of application security, source code static analysis, dynamic analysis and manual testing.

• Knowledge of reversing techniques and basics on low-level exploitation.

EXTRAS

• Founder and technical reviewer of BugCON Security Conference: Safety is just a myth...! the biggest technical security conference at Mexico since 2008, based on G-CON Security Conference. More than 2800 attendees per edition, 40 talks and trainings and speakers from more than 15 countries.