Deiker Lozano Figueira
WAKE FOREST,NC
Summary
As a bilingual Cybersecurity Consultant, I specialize in Penetration Testing and Cyber Threat Intelligence. I have a strong track record in identifying vulnerabilities and implementing security measures. My analytical skills enable me to interpret complex security data and provide actionable insights. I'm eager to return to a hands-on penetration testing role and further develop my expertise in cybersecurity intelligence. My ultimate goal is to progress into senior roles, continually advancing my skills and knowledge in the cybersecurity field.
Overview
5
5
years of professional experience
1
1
Certification
Work History
DevOps Engineer
Metlife
cary, NC
04.2024 - Current
- Configured Kubernetes clusters for deploying containerized applications across multiple nodes
- Developed scripts in Bash and Python for automating deployment of applications on various cloud platforms
- Implemented monitoring tools such as Prometheus, Grafana, and ELK stack to monitor the health of systems
- Wrote well-designed, testable code
- Maintained version control systems such as Subversion and Git to keep track of changes made to codebase
OS Security- Cybersecurity & ITRS Risk Consultant
Metlife
cary, NC
08.2022 - 04.2024
- Global Hosting & Networking Technologies | Hosting Security & Resiliency | OS Security Team
- Identification of vulnerabilities, manually and with automated tools within the RISC and SISC data centers, focusing on OS Level and Infrastructure servers.
- Proactive driven remediation on open vulnerabilities and findings
- Approach teams in agile manner for Security Improvement and consultations
- Threat Identification - Remediation for Servers based on CVSS and CTI
- Addressing and leading findings and implement best practices for OS Security (OS: Solaris, HP-UX, AIX, IBMi, RHEL, Windows)
- Lead security initiatives: Monthly OS Security overview with Platform teams (Windows, Midrange, Linux)
- Improved vulnerability visibility
- Identify High risk vulnerabilities being identify as Mid/Low but has a larger number of assets impacted.
PenTester / Bug Hunter (Companies in program)
HackerOne
cary, NC
01.2019 - Current
- Leading and performing proactive Vulnerability assessment on network, websites and applications, from companies enrolled on the programs
- Scope: Public / Private Sector
- On hands: Pen-Testing - Allowed by the entities in the program
- Vulnerability Assessments
- Tipper
- TTP, SAR and Network security protocols.
- Focused on OSWAP Top 10 Vulnerabilities: Preferred methods Injections, RCE, OS Level Vulnerabilities, Infrastructure vulnerabilities
Education
Certification - Networking and Systems Administration
Wake Technical Community College
07.2020
Certification - Cybersecurity Ops Bootcamp
University of North Carolina at Chapel Hill
07.2019
Certification - CADS | Applied Data Science
University of North Carolina at Chapel Hill
01.2018
High School Diploma -
Cary High School
Skills
- Cyber Threat Intelligence
- Threat Research
- Penetration Testing
- Bilingual - Fluent Spanish and English
- Threat Detection
- Risk Mitigation Strategies
- Computer Forensics
- Intelligence Gathering
- Open Source Intelligence
- API Security Testing
- Scripting Languages
- Technical Writing
- DevOps
- TTPs
Technical Skills
- Scripting Languages: Python, Bash, C, Go
- Adversary Simulation & Red Teaming Tools: Caldera, Mordor, and DumpsterFire
- Cybersecurity Hardware for OffSec: Hak5 Packet Squirrel, FlipperZero Dev, WIFI Pineapple
- Scanners: Nessus, Wireshark, Burp Suite, SQLmap, Nmap, etc.
- OSINT: Censys Search, Shodan, Maltego, Etc. - Exploitation Framework: Metasploit, BeEF, SET (Social Engineering Tool).
- Vulnerability Assessment Tools: Kenna, Tanium,
- Cyber Threat Intel Tools: Recorded Future, Talos intel, Flashpoint, X, DeepWeb research.
- DevOps Engineering: Kubernetes, AKS, Azure Pipeline, Docker, Elasticsearch, Kibana, AI &ML Implementations, Algorithm Implementation, B-Tree implementation, 2-3 Tree implementation, etc
Certification
- (ISC)2 Certified In Cybersecurity
- Derivative Classification & Counterintelligence - Defense Counterintelligence and Security Agency (DCSA)
- Cybersecurity Capstone: Breach Response Case Studies - IBM
- Penetration Testing, Incident Response and Forensics - IBM
- Penetration Testing and Scripting for Red Team - IBM
- Ethical Hacking Essentials - ECouncil
- Foundation of MITRE-ATTCK
- CompTIA - Security+
- SEC504 (GCIH) - Hacker Tools, Techniques, and Incident Handling
- (ISC)2 Certified Cybersecurity
- Certified IBM Cybersecurity Analyst Specialization
- Certified Ethical Hacker (CEH)
- Certified Google IT Security
- Certified Tanium Foundations
- Certified Fundamentals Cyber Intel - Recorded Future
- CISSP (ISC2-CISSP)
Volunteer Experience
- Member, 04/2020, Present, National Cybersecurity Alliance
- Member, 11/2023, Present, Raices Cyber Org
- Member, 08/2022, Present, ISSA Raleigh Chapter (CyberSec)
- Honorary member, 01/2022, Present, Wake County Sheriff's Office - NC
- Cybersecurity Consultant, 01/2024, Present, RCCC - Local Churches - WAKE FOREST, NC
- Member - Waitlist, 01/2023, Present, InfraGard
References
- Lee Edwards, Audit Manager - Colleague We Work In The Same Team, (919) 480-3338, lee.edwards@metlife.com
- Vincent Wagner, Director Of Operations - Boss / Director Of Team OS Security, (919) 888-0819, vincent.wagner@metlife.com
- Mark Haney, Senior Application Solution - Work As A Teammate, mark.haney@metlife.com
Timeline
DevOps Engineer
Metlife
04.2024 - Current
OS Security- Cybersecurity & ITRS Risk Consultant
Metlife
08.2022 - 04.2024
PenTester / Bug Hunter (Companies in program)
HackerOne
01.2019 - Current
Certification - Networking and Systems Administration
Wake Technical Community College
Certification - Cybersecurity Ops Bootcamp
University of North Carolina at Chapel Hill
Certification - CADS | Applied Data Science
University of North Carolina at Chapel Hill
High School Diploma -
Cary High School