Juan Pablo Perata
Cyber Security Professional - Penetration Tester at Guayoyo- Claim this Profile
Click to upgrade to our gold package
for the full feature experience.
-
English Professional working proficiency
-
Spanish Native or bilingual proficiency
-
Portuguese Elementary proficiency
Topline Score
Bio
Credentials
-
Offensive Security Certified Professional (OSCP)
Offensive SecurityDec, 2021- Oct, 2024 -
Introduction to Reversing
Core SecurityAug, 2020- Oct, 2024 -
Cyber Physical Systems Workshop - "From Robots and Drones to Smart Cities and Industry 4.0, a connected world"
Universidad de la RepúblicaNov, 2019- Oct, 2024 -
Training in exploitation techniques in Android
ekoparty security conferenceSep, 2019- Oct, 2024 -
Training in exploitation techniques and auditing in Java
ekoparty security conferenceNov, 2018- Oct, 2024 -
Secure coding practices and automated assessment tools
Universidad de la RepúblicaJan, 2017- Oct, 2024 -
Introduction and training in SCRUM methodology
aquait uyNov, 2011- Oct, 2024 -
Introduction to .NET and C# programming
MicrosoftJan, 2010- Oct, 2024 -
First Certificate in English (F.C.E.)
University of CambridgeJan, 2005- Oct, 2024 -
Portuguese Basic Certificate
Centro de Lenguas Extranjeras (CLE)Jan, 2002- Oct, 2024
Experience
-
-
Cyber Security Professional - Penetration Tester
-
Nov 2018 - Present
Working as a cyber security professional in many projects including: - penetration tests on web, mobile (Android & iOS), APIs applications - network and infrastructure penetration tests - vulnerability assessments and vulnerability analysis - attack surface evaluation - security design and architecture definitions as well as secure software development - devsecops: integration of security tools in a security pipeline, analysis and evaluation of results and communication link between developers and devops teams. - data loss prevention - monitoring and administration of security alerts - administration of security products like firewall, IDS, IPS among others Show less
-
-
-
Pyxis
-
Uruguay
-
IT Services and IT Consulting
-
100 - 200 Employee
-
Cyber Security Professional
-
Nov 2018 - Present
Actively working on many projects in information security field, mainly working with clients helping them to achieve its specific goals. Actively working on many projects in information security field, mainly working with clients helping them to achieve its specific goals.
-
-
-
Verifone
-
United States
-
Financial Services
-
700 & Above Employee
-
Application Security Engineer - Software Development Engineer
-
Sep 2015 - Oct 2018
Full stack developer and application security professional on the Card Management System (CMS). Worked on many projects including: - develop of new functionalities following a full-stack approach - develop of internal tools and libraries to solve specific needs - bug fixes and enhancements - analysis of performance based on clients specific needs - migration of application server as well as the update of the CMS system components - provide single sign on and modularization capabilities to the CMS system - ensure best security practices in software development lifecycle (SDLC) - installation and configuration of a review code application (Phabricator) - include many security artifacts into the software development lifecycle pipeline - periodic execution and evaluation of static application security testing (sast) on the CMS code. - correction of security issues based on sast reports - review of code for every commit, giving advice on best development practices and security recommendations - participate in several PCI compliance assessments. - trainings on OWASP Top 10 risks on web applications Specific technologies and tools involved: Java EE 6 and 7, JSF 2.x, Oracle, Maven, Jenkins, Nexus, SonarQube, Phabricator, Veracode, Trello, Slack. Show less
-
-
-
Switch Software Solutions
-
Uruguay
-
IT Services and IT Consulting
-
100 - 200 Employee
-
Software Development Engineer
-
Sep 2015 - May 2018
Working as a professional specialized in software security, full stack development and performance. Working as a professional specialized in software security, full stack development and performance.
-
-
-
nublit
-
Uruguay
-
IT Services and IT Consulting
-
1 - 100 Employee
-
Security Consultant - DevOps Engineer
-
2016 - 2016
I had the pleasure to work with colleagues with vast knowledge in Computer Engineering field. Participated in the elaboration of documents to be presented in a public procurement process related to Information Security Services. I also worked in an automation project making use of Ansible and giving security advices and recommendation. I had the pleasure to work with colleagues with vast knowledge in Computer Engineering field. Participated in the elaboration of documents to be presented in a public procurement process related to Information Security Services. I also worked in an automation project making use of Ansible and giving security advices and recommendation.
-
-
-
Deloitte
-
Business Consulting and Services
-
700 & Above Employee
-
Senior Information Security Consultant
-
Jun 2014 - Aug 2015
Working as a professional in Strategy and Operations team in several projects related to Information Security area. It is worth to mention main topics: - Risk Analysis - Ethical Hacking - Analysis and review of software architectures - Secure software development - Technical evaluations on software development - PCI Compliance - PKI Infrastructure - Knowledge of regulations, policies, guidelines in terms of security and its applicability Working as a professional in Strategy and Operations team in several projects related to Information Security area. It is worth to mention main topics: - Risk Analysis - Ethical Hacking - Analysis and review of software architectures - Secure software development - Technical evaluations on software development - PCI Compliance - PKI Infrastructure - Knowledge of regulations, policies, guidelines in terms of security and its applicability
-
-
-
PayTrue Solutions
-
Uruguay
-
Software Development
-
1 - 100 Employee
-
Software Engineer
-
Apr 2013 - Jun 2014
Analysis, design, develop and re-engineering of functionalities related to payment systems. Full stack developer. Also, being part of a brief performance project where the main topic was analyze and optimize specific module of payment system workflow which had a lot of challenges and which ended up with rich results in terms of less time consuming tasks and future work to be done. Main technologies: .NET, C#, ASP.NET, HTML, jQuery, Javascript, Oracle, etc. Analysis, design, develop and re-engineering of functionalities related to payment systems. Full stack developer. Also, being part of a brief performance project where the main topic was analyze and optimize specific module of payment system workflow which had a lot of challenges and which ended up with rich results in terms of less time consuming tasks and future work to be done. Main technologies: .NET, C#, ASP.NET, HTML, jQuery, Javascript, Oracle, etc.
-
-
-
Banco de Previsión Social
-
Uruguay
-
Government Administration
-
1 - 100 Employee
-
.NET Developer
-
May 2011 - Apr 2013
Computer internship under B.P.S and Facultad de Ingeniería Design, develop and testing of internal information software, focusing on web user interface development. Platform: .NET Computer internship under B.P.S and Facultad de Ingeniería Design, develop and testing of internal information software, focusing on web user interface development. Platform: .NET
-
-
Education
-
Centro de Posgrados y Actualización Profesional en Informática
Master in Information Security, Master's degree, Computer and Information Systems Security/Cyber Security -
Centro de Posgrados y Actualización Profesional en Informática
Information Security Specialist, Specialization's degree in Information Security, Computer and Information Systems Security -
Universidad de la República
Computer Engineer, Bachelor of Engineering, Computer Engineering