Home Acknowledgements Hacking Events Public Profiles Background education Projects Publications Resources Work Experience Volunteer

Miguel Santareno

Work Experience:

Jolera - Lead Penetration Tester

  • Internal Penetration Tests;
  • External Penetration Tests;
  • Web Application Penetration Tests;
  • Managing penetration testing team;
  • Create Report and documents for clients.

Hardsecure, Segurança em Sistemas de Informação - Head of intelligence and CSIRT

  • Internal Penetration Tests;
  • External Penetration Tests;
  • Web Application Penetration Tests;
  • Analysis of Phishing Campaigns;
  • Malware Research;
  • Vulnerability Research and bug bounty;
  • Exploit Development;
  • Incident Reponse and Analysis;
  • Honeypots;
  • Threat Intelligence;
  • Open-Source intelligence (OSINT).

Hardsecure, Segurança em Sistemas de Informação - Lead Penetration Tester

  • Internal penetration tests;
  • External penetration tests;
  • web application penetration test;
  • phishing campaigns.

Hardsecure, Segurança em Sistemas de Informação - Penetration Tester

  • Internal penetration tests;
  • External penetration tests;
  • web application penetration test;
  • phishing campaigns.

Ministry of Internal Administration (Portugal) - Lead Penetration Tester and Cyber Security Analyst

  • Incident response;
  • Malware Analysis;
  • Analysis of Web attacks;
  • SIEM platform management;
  • Behavioral Analysis of Traffic;
  • Analysis of Phishing Campaigns;
  • Vulnerability Research and Response;
  • Open-Source intelligence (OSINT);
  • Auditing and Penetration Testing.

Ministry of Internal Administration (Portugal) - Penetration Tester and Cyber Security Analyst

  • Incident response;
  • Malware Analysis;
  • Analysis of Web attacks;
  • SIEM platform management;
  • Behavioral Analysis of Traffic;
  • Analysis of Phishing Campaigns;
  • Vulnerability Research and Response;
  • Open-Source intelligence (OSINT);
  • Auditing and Penetration Testing.

Ministry of Internal Administration (Portugal) - Cyber Security Analyst

  • Incident response;
  • Malware Analysis;
  • Analysis of Web attacks;
  • SIEM platform management;
  • Behavioral Analysis of Traffic;
  • Analysis of Phishing Campaigns;
  • Vulnerability Research and Response;
  • Open-Source intelligence (OSINT);

E-goi - Quality Assurance(QA) and Bug Bounty Program Manager

  • Management of the bug bounty program of the company where I was responsible for the contact
  • Testing before and after corrections of vulnerabilities found by the researchers;
  • Patch and help developing patches for vulnerabilities;
  • Monetary contribution to the respective security researchers;
  • Internal audits of the company's applications, integrations and plugins;
  • Guarantee the product quality of the company, since a monthly new version of the application is released and it is under constant changes.

PAMAFE IT - Web / Mobile Developer and Penetration Tester

  • Study and developing of the frameworks Nodejs, AngularJS, express support framework for the development of web applications for Nodejs, and the ionic and Apache Cordova frameworks for mobile development;
  • Study and developing in firebase for sending messages to mobile devices as well as oauth for authentication with facebook both for mobile applications;
  • Study and developing of javaScript libraries like jQuery, css style language, Bootstrap framework, HTML markup language and JSON data structure;
  • It was also studied and developing in some programming languages like SQL, JavaScript and SQL;
  • Penetration tests in web applications and networks off our clients.

E-goi- Penetration Tester and Quality Assurance (QA)

  • Realization of a glossary of terms linked to marketing;
  • Conducting a briefing on marketing methodologies such as Scrum and Agile;
  • Creation of a database of synonyms of words in three languages: Portuguese, English and Spanish;
  • Conduct a security audit and penetration testing of company softwares, infrastructure and plugins
  • Graphic User Interface (GUI) and UI (User Interface) to perform automatic tests with Selenium IDE on all software;
  • Automatic test tool study: Selenium IDE where you can perform non-human tests on all software in order to detect bugs and problems;
  • QA (quality assurance);
  • Creating a Mindmap for all company software.

Quote of the day: Try Harder!