JC de Arriba's Linkedin Analytics

• SME Application Security and Network Penetration testing: following OWASP Guide testing methodology and focusing on the OWASP Top 10 Project security risks. High Experience with tools like IBM AppScan, HP WebInspect, Acunetix, Netsparker, Nessus, Nmap, Paros proxy, Nexpose, Metasploit, NTOspider, Burp Suite Pro, etc. • Security testing of REST and SOAP APIs • SME Security Code Review: C/C++, Java, ABAP, PHP, .NET, Objective-C (Checkmarx, HP Fortify). • SAP/ERP Penetration testing and security testing. • Mobile Application Security Testing: client side (network interfaces, user data, communications with other resources, session management, insecure data storage, etc) and server side (application server, web services, databases, etc) on iOS platform.High experience with mobile testing frameworks and tools like MobSF, iNalyzer, Snoop-It, Introspy, idb, iRET, otool, plutil, etc. • Reverse engineering, vulnerability research and exploitation. • Wireless Security Testing • Physical Security and Social Engineering. 7 years of experience working providing Cyber Security consulting services and as penetration tester, both as full-time employee and as remote independent contractor (/ staff augmentation gigs) Ethical Hacking, Penetration Testing, Web Application Security Assessment, Mobile Application Security (iOS, Android), Wireless Security Assessment, Vulnerability Assessment, Reverse Engineering, Binary Exploitation, OWASP Methodology and OWASP Top 10. High Experience with tools like IBM AppScan, HP WebInspect, Acunetix, Netsparker, Nessus, Nmap, Paros proxy, Nexpose, Metasploit, NTOspider, Burp Suite Pro, Checkmarx, Fortify, Veracode etc.