Welcome to DinoSpaceDive!

It's great to meet you! My name is Alejandro and I am the owner and host of this amazing space-bar, a bar for Space-Dinos! You're invited to come along and relax, enjoy our amazing extinction juice and have a great time getting to know me better.

About me: I'm a Cyber Security Analyst, Ethical Hacker and I'm currently training to be an Appsec Engineer! This is my personal website where you'll find all the latest posts from my blog, projects and contact information.

I hope you enjoy your stay here!

About my career

• 2021 - Present (4+ years)

  Salesforce Security Vulnerability Analyst (via Hexod)

  Cybersecurity Analyst focusing on vulnerability triage, impact analysis, and remediation coordination within Salesforce, Mulesoft, Slack, Heroku and Tableau enterprise environments.

  Responsibilities

  • Validate and reproduce incoming bug bounty reports across the entire Salesforce ecosystem (including: MuleSoft, Slack, Heroku, Tableau), classify risk (CVSS and Salesforce standards) and assess business impact before escalating.
  • Prioritize and route verified issues to the right teams, track remediation status and confirm fixes have been applied.
  • Maintain good relationships with researchers: ask for clarifications, guide reproductions and make sure the feedback loop is closed.
  • Communicate technical issues clearly to engineers to ensure accurate understanding and prompt remediation.
  • Built Python and Bash scripts to automate the intake of bugs, the reproduction of reports, and the integration with our triage platform.
  • Developed Chrome and Burp Suite extensions to automate and accelerate the team's ability to triage and verify vulnerabilities.
  • Implemented tooling that integrate with Salesforce vulnerability tracking system to automatically log vulnerability data and trigger alerts for overdue remediations.

  Show more

  bug-bounty owasp-top10 vulnerability-management triage automation python3 bash

  ---

• ---

  2019–2021

  Cybersecurity Training & OSCP Certification

  During this period, I dedicated two years to learning about ethical hacking, web application security and penetration testing through hands-on labs and multiple online courses.

  Description

  • Self-paced security training: web app hacking, network exploitation, reverse engineering and social-engineering basics.
  • Completed the OSCP certification, demonstrating hands-on skills in penetration testing.
  • Practiced real-world exploitation using labs like Hack The Box, TryHackMe, and custom CTF environments.
  • Gained familiarity with tools such as Burp Suite, ffuf/gobuster, advanced Nmap, Metasploit and Wireshark.
  • Developed custom scripts for vulnerability scanning and exploitation proof-of-concepts (Python, Bash).

  Show more

  OSCP bash-scripting python3 penetration-testing privilege-escalation active-directory metasploit burp-suite nmap ffuf gobuster

  ---

• ---

  2018 (4 months)

  Full Stack Developer – Itop Consulting

  Worked on short-term client projects to deliver secure, scalable web and mobile applications using modern frameworks.

  Responsibilities

  • Developed full-stack applications with the MEAN stack, focusing on code quality and security.
  • Built RESTful APIs and implemented robust authentication with JWT.
  • Created mobile apps using Xamarin.Forms and .NET.

  Show more

  MEAN stack agile-development xamarin mobile-app-development

  ---

• ---

  2014–2019

  Bachelor's Degree in Computer Engineering

  Comprehensive education in software development, systems engineering, and algorithms fundamentals. Here is a despcription of the most important things I learned during my studies.

  Description

  • Thesis Project: The development of an Android application incorporating augmented reality (AR) and geolocation functionality has been conducted for the purpose of assisting users in navigating the campus.
  • Advanced Algorithms & Data Structures: Solved complex problems using graph theory and dynamic programming
  • Developed Java applications using OOP principles and design patterns (MVC/MVVM) in Software Engineering courses
  • Implemented network protocols and analyzed packet traffic in Computer Networks courses
  • Configured secure Linux environments in Operating Systems labs
  • Mastered C/C++ through low-level programming and memory management projects in Advanced Algorithms & Data Structures courses
  • Studied encryption algorithms, PKI infrastructure, and security protocols in Computer System Security
  • Formal Languages & Compilers: Built lexical analyzers and parsers
  • SQL: Designed and implemented advanced database schemas, queries, and transactions in Orable Databases in Database course

  Show more

  C/C++ Java Python Linux OOP MVC Algorithms Networking SQL BSc