← Back to CV optionsDownload PDF

Miguel Garcia

Security Engineer

Email: miguel.garcia@migarci2.dev
GitHub: github.com/migarci2
Location: Remote

Summary

Security engineer specializing in application security, vulnerability research, and Linux kernel security. Experienced in secure code review, threat modeling, and building security into the development lifecycle. Passionate about finding and remediating vulnerabilities before they can be exploited.

Technical Skills

Security

  • Application Security (SAST/DAST)
  • Vulnerability Research
  • Secure Code Review
  • Threat Modeling
  • Penetration Testing
  • Linux Kernel Security
  • Fuzzing (AFL, LibFuzzer, Syzkaller)
  • KASAN/ASAN

Programming

  • C (Kernel Development)
  • Python (Security Tools)
  • Go (Infrastructure)
  • JavaScript/TypeScript
  • Solidity (Smart Contracts)

Tools & Frameworks

  • Semgrep, CodeQL
  • Burp Suite, OWASP ZAP
  • GDB, LLDB
  • Docker, Kubernetes
  • Git, CI/CD

Professional Experience

Security Engineer (Independent)

2023 - Present

  • Conducted vulnerability research in Linux kernel subsystems
  • Identified and reported multiple security issues through responsible disclosure
  • Developed security tooling for automated code analysis
  • Performed secure code reviews for Web3 projects
  • Contributed to open-source security tools

Key Achievements:

  • Discovered and reported kernel vulnerabilities
  • Improved security posture of multiple blockchain projects
  • Built automated security scanning pipeline
  • Published security research and best practices

Application Security Consultant

2022 - 2023

  • Performed security assessments for SaaS applications
  • Conducted threat modeling workshops with development teams
  • Integrated security testing into CI/CD pipelines
  • Developed secure coding guidelines and training materials
  • Reviewed architecture designs for security implications

Key Achievements:

  • Identified critical vulnerabilities before production deployment
  • Reduced average time to remediate security issues by 60%
  • Established DevSecOps practices
  • Trained 50+ developers on secure coding

Security Research

Linux Kernel Security

  • Focus areas: memory safety, privilege escalation, race conditions
  • Tools: Syzkaller, KASAN, static analysis
  • Methodology: fuzzing + manual code audit
  • Contributions to kernel hardening initiatives

Application Security

  • OWASP Top 10 mitigation strategies
  • Secure SDLC implementation
  • Security architecture review
  • Threat modeling frameworks (STRIDE, PASTA)

Smart Contract Security

  • Common vulnerability patterns (reentrancy, access control, etc.)
  • Audit methodology for Solidity contracts
  • Formal verification approaches
  • MEV and front-running analysis

Education

Bachelor of Science in Computer Science
University Name, 2018-2022

Certifications

  • Offensive Security Certified Professional (OSCP)
  • Certified Ethical Hacker (CEH)
  • AWS Certified Security - Specialty

Publications & Speaking

  • "The Security Mindset" - Personal Blog
  • "Finding Vulnerabilities in the Linux Kernel" - Technical Article
  • "Security in Decentralized Systems" - Research Paper
  • Speaker at various security conferences and meetups

Open Source Contributions

  • Linux Kernel: Security patches and improvements
  • OWASP Projects: Documentation and tooling
  • Security Tools: Bug fixes and feature additions
  • Educational Resources: Security guides and tutorials

Languages

  • English (Fluent)
  • Spanish (Native)

Interests

  • Vulnerability Research
  • Kernel Development
  • Cryptography
  • Distributed Systems
  • Open Source Security