Pablo CosteInformation Security Consultant
Pablo Coste has over 15 years’ experience in technology and security life cycle, compliance, consulting, training, building and leading technical teams. He has provided customized security services include Penetration testing, vulnerability and risk assessments and Forensic Analysis. Pablo also has experience conducting client-facing (onsite) Red and Blue Team engagements. As an information security consultant, Pablo is available for domestic and international travel and bilingual in English and Spanish.
- Security services for publicly-traded insurance company (mixed of onsite and remote work. Two years+)
- Integrated with security team to respond to OCR sanctions.
- Created roadmap to patch over 1000 legacy Windows servers.
- Social Engineering exercise. Successfully gained access to seven locations in five days to test the effectiveness of physical security and personnel.
- Conducted Enterprise wide OWASP scan to find and document vulnerabilities in external portals. Created roadmap to remediate and validate results with vendors.
- Daily activities included: Treat Hunting inside and outside their network. Monitoring QRadar and other security tools and mentoring members of the security team.
- Post Ransomware recovery work. Recovered and hardened all Microsoft Servers to re-open hospital in a major urban population.
- Assumed administration of servers, patching, monitoring and hardening and managed daily scrum meetings (six months on-site).
- Remediation project. Major health care network in Southern California, focused on reducing vulnerabilities and risk.
- Designed vulnerability management program for servers and workstations. Created roadmap for network segmentation. (6 months. Mixed of onsite and remote work).
- State University with big medical school. Integrated with security team responding to multiple OCR reported breaches.
- Created electronic training roadmap to respond to Phishing Attacks.
- Conducted multiple Phishing Attacks with over 90% success.
- Assisted local team with daily activities: investigations, daily monitoring of security tools, hardening Office 365, deployment of dual-factor authentication. (seven months onsite)
- OSCP and CEH Certifications in progress
- MITX - Cybersecurity: Technology, Application, and Policy (Feb. 2016)