Avatar

Miguel Díaz - @MDiazCL

Miguel Díaz Lira - @mdiazcl

Cyber Security Engineer at Cornershop LLC

Santiago, CL

miguel.diaz@mdiazlira.com


My name is Miguel Antonio Díaz Lira, my passion is digital security and gaming. I have dedicated my whole life to computers and technology, and I plan to keep it that way!

I'm proactive and dedicated to what I do. I'm honest and with high social abilities. I like being part of teams, and I'm good working with people.

My best technical skill is to understand how systems work very quickly, and create new things all the time.


Social

Github: github.com/mdiazcl

Twitter: @mdiazcl

Telegram: <Send me and email>

: LinkedIn


Education

Degree: Bch. Computer Science (UTFSM )

Certifications:

  • Certified Ethical Hacker (EC-Council CEH|v8)
  • Certified Incident Handler (EC-Council CIH|v2)
  • ISO 9001 - Internal Auditor
  • Qualys Certifications
  • Tenable Certifications

Workshops


Skills

Security, Ethical Hacking, Incident Response, Project Management, Engineering, Python, DataScience


Languages

Spanish

English



Security Talks

Ask here for slides and references or check my github repo!.

  • Oct 19, 2019 - UniversiHack (Chile) - Trabajando en Ciberseguridad
  • Oct 17, 2019 - Infoeduca (UTFSM) - Entendiendo un Ciberataque
  • Oct 10, 2019 - ENAP - Thinking as a Cybercriminal (Prepare yourself)
  • Aug 28, 2019 - DUOC Maipu (Chile) - Trabajando en Ciberseguridad (Charla para Alumnos)
  • Aug 14, 2019 - ISC2 (Chile) - Una visión proactiva de ciberdefensa
  • Jul 18, 2019 - SummIT DUOC (Chile) - Threat Hunting, un enfoque proactivo de ciberdefensa, Reloaded!
  • Jul 05, 2019 - CISOSummit (Perú) - Threat Hunting, un enfoque proactivo de ciberdefensa
  • May 09, 2019 - 8vo Congreso de CyberSecurity Bank & Government (Perú) - Emotet, la amenaza despues del phishing
  • Apr 02, 2019 - Entel Talks - Emotet, la amenaza despues del phishing
  • Dec 14, 2018 - Incofin.cl - Live Social Enginnering Attacks
  • Nov 29, 2018 - ENAP - Live Social Enginnering Attacks
  • Nov 15, 2018 - BSides Chile - PowerLess; analysis of a fileless malware with powershell
  • Oct 31, 2018 - Banco BCI - Threat Hunting - there's more than meets the eye
  • Oct 20, 2018 - Partyhack.cl #Fraternity - Log analysis workshop
  • Jul 24, 2018 - Cybersecurityday.cl - Threat Hunting a la cacería de amenazas (YouTube Link)
  • Mar 26, 2018 - Webinar - Análisis de hacking a sistemas ICS Scada en EE.UU (YouTube Link)
  • Mar 14, 2018 - ISC2 - Ciberinteligencia
  • Nov 16, 2017 - BSides Chile - Threat Hunting
  • Nov 11, 2017 - DUOC - Threat Hunting Workshop
  • Jun 10, 2017 - Segin Chile - Desmitificando la caja negra
  • May 15, 2017 - Webinar - El día en que se apagaron los computadores (YouTube Link)

Work Experience

Cyber Security Engineer - Cornershop LLC.
May 2021 - Present

I'm working as Cyber security engineer at Cornershop by Uber. I'm part of a big team of cybersecurity professionals, with tons of capabilities! I was invited to this position to help to enhance our current cyberdefense operations, with focus in Incident Response and Threat Intelligence.


Senior Manager - Cybersecurity Services - Cybertrust.cl
Mar 2020 - Apr 2021

I was charge of all Cybersercurity services at Cybertrust: Defensive, Offensive, Intelligence and Respond. Leading a team of 25 professionals across the country. This position consisted mainly in managing comercial relationships with customers.

Even thought I learn quite a lot and acomplished big things in really short time, I learned as well that commercial and client management was just not my cup of tea. I prefer to do engineering.

Services were:

  • Ethical Hacking Operations
  • Cyberdefense and Intelligence Operations
  • Incident Respond Operations and Threat Hunting
  • Awareness Programs


Cybersecurity Regional Architect - LATAM / SONDA
Aug 2019 - Feb 2020

I worked as Cybersecurity Regional Architect for LATAM (Argentina, Brasil, Chile, Colombia, Costa Rica, Ecuador, Mexico, Panamá, Perú and Uruguay). My main role in this position was to design all Cybersecurity, Cyberdefense and Incident Response operations across the whole continent.

Main areas:

  • NOC/SOC Operations
  • Cyber Defense Operations
  • Cyber Intelligence Operations
  • Incident Response Teams


Team Leader of CyberIntelligence Operations / ENTEL
Jan 2018 - Aug 2019

I worked the leader of cyber intelligence operations at Entel Cybersecure. Our main role as a team was to provide top-notch strategies and up-to-date information to our Cyber-Secure Operation center (CSOC) about all current security threats around the world that may affect our clients.

We also provide support to all Ethical hacking engagements, Threat hunting, research, data-forensics and Incident response to our customers. Our current responsibilities are:

  • Threat Hunting
  • Threat Intelligence
  • Data-Forensics
  • Ethical Hacking (pentesting and vulnerability assessment)
  • Incident Response (IR)


CyberSecurity Senior Specialist - CSIRT / ENTEL
Nov 2016 - Dec 2017

I'm one of the senior security specialist of ENTEL's CSIRT (CyberSecurity Incident Response Team). My main role is to be prepared to respond to any cybersecurity incident. In the meantime, I do research, audits, consulting and security talks.


Lead Consultant, Ethical Hacker and Security Auditor / E-Sign LATAM
Apr 2016 - Oct 2016

I was in charge of leading all Ethical Hacking and Security Audits engagements at E-Sign Latam. Aside from that I also do security talks, and security research.

Extra jobs:

  • ISO9001 - Internal Auditor


Consultant, Ethical Hacker and Security Auditor / Deloitte Chile
Jan 2014 - Mar 2016

I worked as an Ethical Hacker and a Security Auditor in multiple projects. I worked in the development of technologies and infrastructure for the Secure Operation Center (SOC).

Projects:

  • Banco Central de Chile – Firewall Analisis.
  • eClass S.A – Online eLearning web application pentest.
  • Universidad Adolfo Ibáñez – University academic system pentest and vulnerability assessments.
  • SERVEL – Web application pentest
  • Digital Bond – Web application pentest
  • AACH – Server Vulnerability Assessment
  • La Araucana – Webapps, servers and WiFi pentest, along with an internal vulnerability assessment.
  • Colegio Alemán de Santiago – Web application pentest.
  • COMBANC – VPN and Networking pentesting along with an internal vulnerability assessment.
  • METRO – WIFI penetration testing along with an internal vulnerability assessment.
  • Plataforma GRC Deloitte – Web application pentest.
  • DAIMLER - Rich Client App pentest
  • IIROC (Cánada) - Web application pentest
  • TELBO (Communications) - Web pentesting and external vulnerability assessment


Project Manager / Mattoli Ingeniería
Jan 2011 - Feb 2014

Project manager of CPDAI (Centro de Patología Digital Asistida por Internet). CPDAI is a software that helps the communication between hospitals and specialized telepathology centres.

Referer: Maurizio Mattoli <maurizio@ingmattoli.com> - CEO Mattoli Ingenieria


Project Manager / Ministerio de Salud
Aug 2013 - Dec 2013

I was hired to ensure the right development of the last stage of FARMANET. FARMANET, is a software that manages all the drug stores in Chile. The software also defines shifts and keeps track of controlled medicaments.

Main activites:

  • Quality Assurance
  • National deployment of the software
  • Coordination between the software development team and MINSAL.

Referer: Roxana Peña <roxana.pena@minsal.cl> - CTO MINSAL


Software Developer / CREEAR LTDA.
Jan 2008 - Jan 2010

Main projects:

  • ENAP - Microsoft, Sharepoint Server Infopath
  • Proyecto Hormiga
  • e-Learning Colbún
  • CCU Document parser

Referer: Denis Echegaray H. <denis.echegaray@creear.cl> - CEO Creear