Hi. I'm Carlos Gonzales. Information Security, Cybersecurity and Ethical Hacking Consultant. Security researcher. Bug Hunter.
12+ years experience.
I led and performed a lot of security projects:
* Ethical Hacking and Penetration Testing (web application, network, mobile, IVR). 70+ projects done (infrastructure, web application, mobile, cloud and networks). OWASP Testing Guide, OWASP Top Ten, PTES Methodology.
* Securing Software Development Life Cycle (OWASP SAMM, BSIMM, Secure Scrum). SAST and DAST experience.
* Security Auditing and hardening infrastructure technology (on-premise, cloud - AWS & Azure).
* ISO 27001 implementation and auditing. PCI-DSS experience. (10 years)
* Writing some blogs (OWASP + Zero Trust)
My Certifications: CEH Practical (Certified Ethical Hacker), CEH, CSWAE (Certified Secure Web Application Engineer ), CPTE (Certified Penetration Testing Engineer), CISSP (Certified Security Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), PMP, ISO 27001 Lead Auditor, ISO 22301 Lead Implementer, COBIT 5 Foundation, ITIL v3 Foundation, TOGAF 9 Foundation