Sobre Sergi Ortega:
Good experience with everything related to malware:
Threat Hunter
Malware Analyst
Incident Response
Threat Intelligence
CTF/challenges RE player
Experiencia
CyberSecurity Incident Response Team (CIRT) - Valeo
Threat Hunter
-Create and perform hunting investigations in order to detect unknown threats.
-Develop rules to uncover new malware/APT's behavior based on their TTP's.
-Collect enriched data from Threat Intelligence to develop new hypothesis of threat hunting investigations.
Incident Response
-Incident Handler of L3 incidents.
-Forensics/Memory/Malware investigations.
-Reverse Engineering skills to disseminate malware behavior, extract IOC'S and create rule detections.
Threat Detection
-Develop/create/fine-tunning behavioral rules.
-Gattering data from multiple sources/tools and improve malware detections.
-Identify gaps detections of security tools.
-Creation/Automation of Playbooks to speed up analysis and reduce analysis time.
Threat Intelligence
-Disseminate/analyze reports and make data actionable.
-Stay up to date about malware/APTs/Vulnerabilities trends/reports from multiple sources.
-Share/advice with contextual information/reports to different IT departments to improve security of the company.
Cyber Threat Hunter - SEAT, S.A
-Threat Hunting activities to discover / uncover possible unknown threats in the company.
-L3 in the Security Operation Center, analyzing and managing security incidents, in addition to advising the L1/L2 members.
-Analysis of current Threat Intelligence Trends / Reports and update of TI platforms.
-Incident Response, Memory Forensic and Malware analysis of security incidents to extract IOC's and create rules to improve detection (Yara, SIGMA, SIEM rules).
-Blue Team exercises to improve response capacity and create new detection methods.
-Automation/Integration of security tools with the SOAR platform and generate Playbooks.
-ML tasks to increase the detection and mitigation of false positives based on behavior.
Malware Analyst - Panda Security
Reversing Malware and x86/64 software.
-Static/Dynamic Analysis tools: IDA Pro, x32bdg, R2, Ollydbg...
-Forensic tools and Analysis knowledge.
-Threat hunting knowledge.
-Windows, APIs, Windows User&Kernel-space mode.
-Anti/Virtualization, Anti/Emulation and Anti/Debuging techniques .
-Deofuscation and unpacking software/malware.
-C/Python programing lenguages.
-Scripting languages: .NET, Java, Javascript, VBscript, PS.
Educación
Universitat Politècnica de Catalunya (UPC)
Ingeniería de telecomunicaciones 2015
IES Esteve Terradas i Illa
Administración de sistemas informáticos y redes 2013 - 2015
IES El Calamot
Administración de sistemas informáticos en red 2010 - 2012