Portfolio - Jesus Arredondo


Jesus Arredondo

Email:
Cell Phone:
Location:
LinkedIn:

Senior Cybersecurity Specialist

I am passionate about technology with more than 10 years of experience in IT and Information Security. I have worked in different areas of IT and information cybersecurity, support, development, and testing. I love technology because it is always evolving and therefore it has given me the opportunity to find new challenges and opportunities to learn new things and grow in my professional career and as a person. My communication skills, my technical background, and experience working with teams from different parts of the world have enabled me to ensure the success in the implementation of security best practices in different projects with clients and business partners. I firmly believe that hard work and integrity are what lead people and integrity is what leads people and organizations to success

Professional Experience

Application Security Analyst / Developer

Allucent (Remote) Monterrey Mexico

July 2020 - December 2020
  • Performed vulnerability scans on the application.
  • Developed and coded the fix for the different vulnerabilities found.
  • Performed reviews to ensure the rules applied to the firebase database are secure
  • Performed research on how to integrate application security into the CI/CD process
  • Participated in the integration of the vulnerability scanning process to integrated into the CI/CD for ucent’s application
  • Fix application issues
Tools & Languages: Google Firebase, Vue js, Node js, HTML 5, CSS3, Java, Selenium, OWASP Zap, Git, GitLab, VS Code, Docker.

Sr Cybersecurity Specialist

GM Financial Monterrey Mexico

April 2018 - Present
  • Performed third-party vendor risk assessment for Latin America division (Mexico, Colombia, Chile, Brazil) following a methodology supported on Information Security Standards and Frameworks such as NIST, ISO 27000, and PCI-DSS.
  • Performed on-site assessments in Mexico and Chile.
  • Provided Risk Management guidance to vendors to reduce the impact and likelihood of discovered findings.
  • Negotiate and ensure action plans from the vendors to attend discovered issues according to company’s risk appetite.
  • Track and follow up on agreed timelines for remediation with vendors.
  • Provide guidance to business partners to ensure decisions made followed our information security program requirements and guidelines

SDET Software Developer Engineer in Testing

Accenture Monterrey Mexico

July 2017 – April 2018
  • Wrote automated tests using java and selenium for the web application IHG website.
  • Participated in testing during deployments.
  • PPerformed functional testing.
  • Followed Agile Methodologies (SCRUM).
Tools & Languages: Angular, Java, Selenium, Maven, Git, Bitbucket, Eclipse.

Software Engineer

Accenture Monterrey Mexico

July 2015 – July 2017
  • Provided support and issue remediation for Microsoft Office 365 customers in all Office 365 cloud products.
  • Helped clients resolved security issues related to Office 365 cloud products.
Tools & Languages: PowerShell, Exchange Server, OneDrive, SharePooint, Office 365 Cloud, etc.

Security Coordinator

Accenture Monterrey Mexico

July 2014 – July 2015
  • Coordinated all activities regarding security for the Bank of America project.
  • Reviewed security logs and reported any suspicious event.
  • Performed vulnerability scans.
  • Faced internal and external audits.
  • Worked with different areas to ensure the remediation of vulnerabilities found in during the vulnerability scans and of any audit finding to ensure compliance with the client's security requirements.
Tools & Languages: Teneable Nessus scan

DLP Team Lead

Softtek Aguascalientes Mexico

August 2011 – July 2014
  • Contributed to the growth of such team by ensuring the quality of the process and suggesting new areas where the team could help the customer with.
  • Lead process improvement projects to cut down processing times (reduced lead times 80%) which allowed the customer to increase the project’s scope.
  • Adhering to requirements, creation, and analysis for IPP (Intellectual Property Protection) metrics.
  • Creation of documentation such as Standard Operational Procedures which were used as the Knowledge Base for new members joining the team.
  • Part of the Project Leadership teams to provide guidance and share lessons learned with peers and Management members.
Tools & Languages: Digital Guardian (DGMC), Excel Macros.

Application Security Auditor

Softtek Aguascalientes Mexico

May 2009 – August 2011
  • Performed black box and white box penetration testing on web and client-server applications for the different business units of GE.
  • Advised developers on the remediation of items found and ensured the remediation of vulnerabilities.
  • Ensured vulnerability testing procedures were updated in the standard procedures.
  • Generated metrics related to the vulnerability assessments performed.
Tools & Languages: Fiddler, Paros, Nmap, eclipse, My SQL, Java, PHP, .NET, Javascript

Education

Brigham Young University Idaho
Web Design and Development
July 2021
Universidad Autonoma de Aguascalientes
Computer Information Technologies
July 2010

Certificates

Azure Security
Microsoft
2020
Azure DevOps
Microsoft
2020
Brigham Youn University Idaho
Programing CIS
2018
Brigham Young University Idaho
Web Front-End Development
2017
Brigham Young University Idaho
Web Back-End Development
2017

Languages

Spanish C2 - Native, English C1 - Advanced, French B2 - Intermediate High, Portuguese A1 - Basic