Carlos A. Lozano

OBJECTIVE | EXPERIENCELeading and performing security controls evaluation through penetration testing, vulnerability assessments, application security assessments, risk analysis, audits and specialized advisory.SKILLS, STRENGTHS AND ABILITIES• Experience performing penetration testing projects for medium and large companies.• Experience performing application security assessments for web applications, standalone, client-server and SCADA systems. • Experience performing risk analysis for medium and large companies. • Experience performing audits for PCI, LFPDPPP and ISO27000 series.• Experience on proposals and RFP creation for security services.• Experience on presales engenieering for security solutions and security services.• Experience leading interdisciplinary teams distributed at different countries and cities.• Good interpersonal/customer-relations skills and the ability to guide manage large projects.• Frequent conference, congress and security events speaker.• Ability to teach technology to other engineers and partners.• Ability to transmit hardcore technical reports to a C-level vision.• Communication and presentation skills, with strong written and verbal skills.• Knowledge of network and system exploits, vulnerabilities, hacking techniques and security countermeasures.• Knowledge of application security, source code static analysis, dynamic analysis and manual testing.• Knowledge of reversing techniques and basics on low-level exploitation.EXTRAS• Founder and technical reviewer of BugCON Security Conference: Safety is just a myth...! the biggest technical security conference at Mexico since 2008, based on G-CON Security Conference. More than 2800 attendees per edition, 40 talks and trainings and speakers from more than 15 countries.