Avatar

Miguel Díaz - @MDiazCL

Miguel Díaz Lira - @mdiazcl

Cybersecurity Manager at Cybertrust.cl

Santiago, CL

miguel.diaz@mdiazlira.com


My name is Miguel Antonio Díaz Lira, my passion is digital security and gaming. I have dedicated my whole life to computers and technology, and I plan to keep it that way!

I'm proactive and dedicated to what I do. I'm honest and with high social abilities. I like being part of teams, and I'm good working with people.

My best technical skill is to understand how systems work very quickly, and create new things all the time.


Social

Github: github.com/mdiazcl

Twitter: @mdiazcl

Telegram: @mdiazcl


Education

Degree: Bch. Computer Science (UTFSM )

Certifications:

  • Certified Ethical Hacker (EC-Council CEH|v8)
  • ISO 9001 - Internal Auditor
  • Qualys Certifications
  • Tenable Certifications

Workshops


Skills

Security, Ethical Hacking, Incident Response, Project Management, Engineering, Python


Languages

Spanish

English



Security Talks

Ask here for slides and references or check my github repo!.

  • Oct 19, 2019 - UniversiHack (Chile) - Trabajando en Ciberseguridad
  • Oct 17, 2019 - Infoeduca (UTFSM) - Entendiendo un Ciberataque
  • Oct 10, 2019 - ENAP - Thinking as a Cybercriminal (Prepare yourself)
  • Aug 28, 2019 - DUOC Maipu (Chile) - Trabajando en Ciberseguridad (Charla para Alumnos)
  • Aug 14, 2019 - ISC2 (Chile) - Una visión proactiva de ciberdefensa
  • Jul 18, 2019 - SummIT DUOC (Chile) - Threat Hunting, un enfoque proactivo de ciberdefensa, Reloaded!
  • Jul 05, 2019 - CISOSummit (Perú) - Threat Hunting, un enfoque proactivo de ciberdefensa
  • May 09, 2019 - 8vo Congreso de CyberSecurity Bank & Government (Perú) - Emotet, la amenaza despues del phishing
  • Apr 02, 2019 - Entel Talks - Emotet, la amenaza despues del phishing
  • Dec 14, 2018 - Incofin.cl - Live Social Enginnering Attacks
  • Nov 29, 2018 - ENAP - Live Social Enginnering Attacks
  • Nov 15, 2018 - BSides Chile - PowerLess; analysis of a fileless malware with powershell
  • Oct 31, 2018 - Banco BCI - Threat Hunting - there's more than meets the eye
  • Oct 20, 2018 - Partyhack.cl #Fraternity - Log analysis workshop
  • Jul 24, 2018 - Cybersecurityday.cl - Threat Hunting a la cacería de amenazas (YouTube Link)
  • Mar 26, 2018 - Webinar - Análisis de hacking a sistemas ICS Scada en EE.UU (YouTube Link)
  • Mar 14, 2018 - ISC2 - Ciberinteligencia
  • Nov 16, 2017 - BSides Chile - Threat Hunting
  • Nov 11, 2017 - DUOC - Threat Hunting Workshop
  • Jun 10, 2017 - Segin Chile - Desmitificando la caja negra
  • May 15, 2017 - Webinar - El día en que se apagaron los computadores (YouTube Link)

Work Experience

Cybersecurity Manager - Cybertrust.cl
Mar 2020 - Present

During this position I returned to one of my beloved passion, Pure-Cybersecurity Consulting. I spent the last 4 years working in cyberoperations, and now, as manager I'm in charge of a fully qualified group of Consultants and professionals with the aim to provide strategic advisory to enhance their cybersecurity capabilities in order to protect their business.

This is a grand new challenge for me! Also i'm working with old Deloitte colleagues that were my mentors. As manager I'm in charge of the following areas:

  • Strategic Cybersercurity Advisory
  • Secure Operation Centers (Cybertrust Center)
  • Data-Forensics and Threat Hunting
  • Incident Response Strategy


Cybersecurity Regional Architect - LATAM / SONDA
Aug 2019 - Feb 2020

I worked as Cybersecurity Regional Architect for LATAM (Argentina, Brasil, Chile, Colombia, Costa Rica, Ecuador, Mexico, Panamá, Perú and Uruguay). My main role in this position was to design all Cybersecurity, Cyberdefense and Incident Response operations across the whole continent.

Main areas:

  • NOC/SOC Operations
  • Cyber Defense Operations
  • Cyber Intelligence Operations
  • Incident Response Teams


Team Leader of CyberIntelligence Operations / ENTEL
Jan 2018 - Aug 2019

I worked the leader of cyber intelligence operations at Entel Cybersecure. Our main role as a team was to provide top-notch strategies and up-to-date information to our Cyber-Secure Operation center (CSOC) about all current security threats around the world that may affect our clients.

We also provide support to all Ethical hacking engagements, Threat hunting, research, data-forensics and Incident response to our customers. Our current responsibilities are:

  • Threat Hunting
  • Threat Intelligence
  • Data-Forensics
  • Ethical Hacking (pentesting and vulnerability assessment)
  • Incident Response (IR)


CyberSecurity Senior Specialist - CSIRT / ENTEL
Nov 2016 - Dec 2017

I'm one of the senior security specialist of ENTEL's CSIRT (CyberSecurity Incident Response Team). My main role is to be prepared to respond to any cybersecurity incident. In the meantime, I do research, audits, consulting and security talks.


Lead Consultant, Ethical Hacker and Security Auditor / E-Sign LATAM
Apr 2016 - Oct 2016

I was in charge of leading all Ethical Hacking and Security Audits engagements at E-Sign Latam. Aside from that I also do security talks, and security research.

Extra jobs:

  • ISO9001 - Internal Auditor


Consultant, Ethical Hacker and Security Auditor / Deloitte Chile
Jan 2014 - Mar 2016

I worked as an Ethical Hacker and a Security Auditor in multiple projects. I worked in the development of technologies and infrastructure for the Secure Operation Center (SOC).

Projects:

  • Banco Central de Chile – Firewall Analisis.
  • eClass S.A – Online eLearning web application pentest.
  • Universidad Adolfo Ibáñez – University academic system pentest and vulnerability assessments.
  • SERVEL – Web application pentest
  • Digital Bond – Web application pentest
  • AACH – Server Vulnerability Assessment
  • La Araucana – Webapps, servers and WiFi pentest, along with an internal vulnerability assessment.
  • Colegio Alemán de Santiago – Web application pentest.
  • COMBANC – VPN and Networking pentesting along with an internal vulnerability assessment.
  • METRO – WIFI penetration testing along with an internal vulnerability assessment.
  • Plataforma GRC Deloitte – Web application pentest.
  • DAIMLER - Rich Client App pentest
  • IIROC (Cánada) - Web application pentest
  • TELBO (Communications) - Web pentesting and external vulnerability assessment


Project Manager / Mattoli Ingeniería
Jan 2011 - Feb 2014

Project manager of CPDAI (Centro de Patología Digital Asistida por Internet). CPDAI is a software that helps the communication between hospitals and specialized telepathology centres.

Referer: Maurizio Mattoli <maurizio@ingmattoli.com> - CEO Mattoli Ingenieria


Project Manager / Ministerio de Salud
Aug 2013 - Dec 2013

I was hired to ensure the right development of the last stage of FARMANET. FARMANET, is a software that manages all the drug stores in Chile. The software also defines shifts and keeps track of controlled medicaments.

Main activites:

  • Quality Assurance
  • National deployment of the software
  • Coordination between the software development team and MINSAL.

Referer: Roxana Peña <roxana.pena@minsal.cl> - CTO MINSAL


Software Developer / CREEAR LTDA.
Jan 2008 - Jan 2010

Main projects:

  • ENAP - Microsoft, Sharepoint Server Infopath
  • Proyecto Hormiga
  • e-Learning Colbún
  • CCU Document parser

Referer: Denis Echegaray H. <denis.echegaray@creear.cl> - CEO Creear