Carlos Cabrera — Information Security Specialist

# Professional Summary

Information Security Specialist with deep experience across cybersecurity and information-systems management & administration. I've been trusted to secure clients in the industrial, legal, medical, educational, and banking industries throughout Puerto Rico and the United States — finding, documenting, analyzing, and delivering technical solutions while building secure, trusted business relationships.

I help clients respond to incidents by discovering, reinforcing, and eliminating security risk, and I deliver clear, actionable remediation plans. I'm currently looking for a challenging, hands-on cybersecurity role to complement my career path.

10+Years in security & IT

5Industries secured

7Industry certifications

# Technical Skills

Languages

BashPythonPowerShellPHPHTML

Security & Detection

Incident ResponseThreat HuntingSOC / NOCPenetration TestingVulnerability MgmtMalware SandboxingPhishing Analysis

Frameworks & Standards

MITRE ATT&CKNISTFINRAHIPAASOC 2

Firewalls

Palo AltoFortiGateCisco MerakipfSense

Endpoint / AV

McAfee ePOSophos CentralPalo Alto TRAPSMicrosoft DefenderESET

SIEM & Logging

ElasticGraylogNX-LogTenable.ioSecurity CenterKnowBe4ProofPoint

Platforms

WindowsLinuxUnixFreeBSD

Virtualization & Cloud

VMware ESXiProxmoxHyper-VCitrixXenAzureAWSDigitalOcean

Infrastructure & Data

Active DirectorySystem CenterWSUSTSQLMySQLSQLiteIISApacheNGINX

Backup / DR

VeeamIperiusDruvaEaseUS

# Work Experience

Cyber Incident Response Specialist

Evertec · San Juan, PR · Hybrid

Jun 2024 — Present

Receive and investigate incident reports from internal stakeholders; conduct root-cause analysis.
Develop and execute containment, eradication, and recovery strategies across cross-functional teams.
Threat hunting with threat-intelligence and advanced analytics to proactively surface emerging threats and attack vectors.
Run vulnerability assessments and penetration testing to identify weaknesses.
Ensure adherence to industry standards and regulatory requirements (NIST, FINRA); maintain detailed incident records.

Information Security Specialist

TeleMedik · Guaynabo, PR

Jun 2021 — Jul 2024

Own and maintain the organization's information-security framework — policies, procedures, standards, and guidelines — alongside the IT Director.
Lead the information-security strategy and report security gaps, strategies, and results to the Compliance Committee.
Ensure administrative, physical, and technical safeguards protect security assets from internal and external threats; test them regularly.
Own the security-incident and vulnerability-management processes end to end; run security monitoring and annual audits.
Ensure compliance with state and federal healthcare regulations, including HIPAA.

Information Security Analyst II

Cortelco Systems PR · Caguas, PR

Jul 2018 — Jun 2021

Delivered managed security services (MSP) across industries — SOC/NOC development, provisioning, and log analytics.
Firewall management: rule creation, hardening, reporting, and Python API development for custom reports.
McAfee ePO, EndPoint, and SIEM management; ProofPoint Secure Email Gateway, phishing, and malware analysis.
Built Graylog / NX-Log collectors and regex-driven dashboards to correlate events and identify threats.
Vulnerability scanning via Tenable.io and Security Center; phishing-awareness training with KnowBe4.
Performed scheduled penetration testing and delivered remediation reports on misconfigurations, risk, and data exposure.

Information Security Technician

Computer Pro PR · San Juan, PR

Jun 2017 — Jun 2018

Supported the CISO and security team on access provisioning, log analysis, and network security.
Reviewed IDS logs for intrusions — brute-forcing, email phishing, malware spread, and more.
Provided proactive malware analysis through sandboxing to block and attribute threats.
Managed the MobileIron MDM platform, building secure device profiles to company security metrics.

Director of IT

Umeco Puerto Rico · San Juan, PR

Feb 2014 — Jun 2017

Maintained continuity, confidentiality, integrity, and availability of UMECO's information systems.
Led network-security design, troubleshooting, and incident debugging.
Developed and maintained the ERP system plus the company's web presence and online sales portal.
Configured assistive communicator systems for ALS patients; oversaw backup and recovery strategy.

# Projects & Portfolio

Self-Hosted Security Lab

home lab

A production-style lab I built and run to sharpen blue-team skills: hypervisor virtualization, a segmented firewall with VLANs, a SIEM for log collection and alerting, self-hosted internal services, and an isolated sandbox for safe malware detonation and analysis.

ProxmoxpfSense / OPNsenseWazuh SIEMVLAN segmentationFlareVMDocker

SecurityScripts

open source

A growing collection of security and incident-response scripts and tooling — practical utilities from real analysis and response work.

BashPowerShellWindows IR

View on GitHub ↗

Exam-Prep Study Apps

tooling

Self-built, offline, dependency-free study applications for security certifications (Security+, AI-security) — weighted practice exams, flashcards, and notes. Demonstrates curriculum design and front-end build skills.

JavaScriptHTML / CSSPython