May 2022 – Mar 2023 · 10 mos · Guatemala

Sep 2021 – May 2022 · 8 mos · Guatemala

• Guided hacking sessions for students and professionals. Community effort to bring more skilled professionals/hackers to the security industry

Oct 2021 – Present · 4 yrs 7 mos · Seattle, Washington, United States

• Current: Product security engineer for devices & Hardware.
• Firmware, hardware, kernel, cloud security.
• Jan-Jun 2025: Product security engineer for Compute, Hardware and virtualization of the EC2 platform.
• EC2 is amazon’s cutting edge compute platform, ie’s the foundational stone of every other AWS service. Working in the EC2 platform has allowed me to dive into low level virtualization, kernel, CPU and custom hardware domains.
• 2022 - 2025: serverless compute services:
• Lambda, Serverless analytics, Firecracker.
• I work on regular basis with kernel level changes to host and guests in virtualization environments, language runtimes security, custom containerization technology, virtualization, hardware qualification for compute capacity added to serverless fleets. I’ve had the opportunity to conduct low level product security reviews involving the Linux kernel, KVM, Graviton (amazons own ARM chips), Intel, AMD and amazons own lightweight hypervisor Firecracker.
• 2021-2022: Previously I worked with S3 and S3 on the edge as product security engineer. s3 is a distributed object storage service offering high durability and availability.

Jun 2021 – Aug 2021 · 2 mos · Greater London, England, United Kingdom

• Google Summer of Code is a global program focused on bringing more student developers into open source software development. Students work with an open-source organization on a 10-week programming project during their break from school.

Dec 2020 – Oct 2021 · 10 mos · Guatemala, Guatemala

• Community Builder for the Containers branch.
• The AWS Community Builders program offers technical resources, mentorship, and networking opportunities to AWS enthusiasts and emerging thought leaders who are passionate about sharing knowledge and connecting with the technical community.

Apr 2020 – Oct 2021 · 1 yr 6 mos

• Act as SME regarding security throughout the whole application lifecycle. Conduct arquitecture review, manual and dynamic code analysis, and application assessments to guarantee the internal and external products fullfil the best security practices. I also create documentation, security requirements, secure coding guidelines and training materials for engineering teams.
• I assist teams as a security generalist specialized in code, automation and offensive security in order to harden and improve the organization security posture.

Sep 2019 – Apr 2020 · 7 mos · Guatemala, Guatemala

• I provided consultancy for different clients. Main duties included:
• Perform black-box testing on mobile & web applications
• Perform code reviews and SAST analysis
• Conduct secure coding and OWASP proactive controls training for engineering teams
• Conduct internal training on different security technical subjects for Jr Staff
• Automate reporting and tooling using python

Jun 2018 – Feb 2019 · 8 mos

• Validate Tier 1 observations to determine if incident has occured.
• Follow up for detected incidents.
• Proactively chase for indicators of compromise in customer network.
• Execute incident response plan in case of data breach or security incident
• Generate new IOCs based on findings
• Skills applied in a common basis: Powershell/BASH, Python scripting,tcpdump analysis, log monitoring, SIEM, reverse engineering (PE, x86,x86_64), memory and disk forensics, web and infrastructure pentesting.

Jun 2017 – Jun 2018 · 1 yr

• Security analist. - Blue Team member.
• Key responsabilities:
• Analysis of attack trends, indicators of compromise and management of security incidents for clients.
• Management of managed security solutions: Data loss prevention, antivirus, IDS, Firewalls, SIEM, network monitoring.
• Tier 1 support for security solutions offered by the company.

May 2015 – May 2017 · 2 yrs

• Objectives: Guarantee the stability of billing and content transfer systems for mobile platforms (SVA).
• Automate daily operations using scripting languages (Python, bash) and compiled languages (java)
• Features:
• Monitoring, preventive diagnosis and troubleshooting of platforms for mass exchange of SMS.
• Monitoring and troubleshooting of linux servers and internal application containers.
• Generation of reports from SQL structured data and raw logs from different applications.
• Generation of tickets and monitoring of system failures.

Oct 2014 – Apr 2015 · 6 mos

• Objectives: Follow up on internal support requests.
• Features:
• Review and diagnosis of failure scenarios in applications, processes and servers.
• Generation of structured data reports (SQL) as raw logs of the systems.
• Installation and configuration of agents for infrastructure monitoring.