Iván Sarría Rodríguez

Senior Cybersecurity Engineer

🤠 Professional Summary

Cybersecurity specialist with 7+ years of experience in infrastructure hardening and vulnerability management.


As a passionate technology enthusiast with a strong focus on cybersecurity and ethical hacking, the journey in the tech world has included diverse roles such as Blue Team, DevOps, and SysAdmin. These experiences have contributed to a broad skill set and strong problem-solving abilities in the security domain. Looking forward to leveraging this expertise to tackle new challenges and drive impactful solutions in the field of cybersecurity.

👅 Languages

  • Spanish (Native)
  • English (C1 Level)

🎓 Education

  • Experto en Desarrollo de Aplicaciones Orientadas a Objetos

    26/07/2016 – 26/07/2017 @ Universidad San Jorge

  • eJPTv2 - Junior Penetration Tester

    01/09/2023 – 01/10/2023 @ INE Security

  • Bachelor in Applied Computing

    01/09/2024 – 01/12/2018 @ University of Wales Trinity Saint David

💻 Core Skills

Cybersecurity

  • Threat and Vulnerability Management
  • Qualys Vulnerability Management
  • Vulnerability Explotation
  • Tenable Nessus
  • Metasploit
  • Hardening
  • CIS Benchmark
  • OWASP
  • ISO 27001
  • SELinux
  • SonarQube
  • IBM QRadar

SysAdmin

  • System Configuration Center (SCCM)
  • Amazon (Lightsail, EC2, RDS...)
  • MySQL / PostgreSQL / MSSQL
  • IBM WebSphere
  • Apache & Nginx
  • Windows AD/GPO
  • Linux
  • Nagios
  • Grafana
  • Certificados X509
  • VMware ESXi
  • Docker Engine / compose

Programming

# Scripting
# Web
# Compiled
  • PowerShell
  • Python
  • Bash
  • VB.NET
  • JS / TS
  • PHP
  • Nest
  • Rust
  • C#

🎩 Penetration Tester Skills

I have expertise in penetration testing, specializing in operating system security, network exploitation, and web application vulnerabilities. I have a strong understanding of offensive security techniques and continuously refine my skills to stay ahead in cybersecurity.


Operating Systems

Proficient in Active Directory reconnaissance, lateral movement, and persistence techniques. Skilled in malware analysis, AMSI bypass, and utilizing tools like BloodHound and BloodyAD.


Network Security

Experienced in network reconnaissance using Nmap and pivoting techniques with Chisel, Socat, and Ligolo-ng.


Web Security

Knowledgeable in web application vulnerabilities, including XSS, XXE, SQL injection, LFI, and RCE. Skilled in using BurpSuite for security assessments.