Defined by his peers as a “passionate, experienced and visionary individual who is always striving to improve himself,” https://www.linkedin.com/in/ivalenzuela (Ismael Valenzuela) is one of the few individuals that has done almost all in the InfoSec arena, from founding one of the first IT Security companies in Spain to managing a distributed CERT across the world as well as teaching for highly reputed institutions such as https://www.sans.org/ (SANS), BSi or the Spanish National Center of Intelligence.
His command of both the business and technical aspects of information security has allowed him to specialize in building and boosting highly technical security teams and successful security businesses across North America, EMEA, India and Australia in the last 15 years.
As a top cybersecurity expert with strong technical background and deep knowledge of penetration testing, security architectures, intrusion detection and computer forensics, Ismael has provided security consultancy, advice and guidance to large government and private organisations, including major EU Institutions and US Government Agencies.
Prior to joining http://www.mcafee.com/us/services/foundstone-services/index.aspx (Foundstone Services) at http://www.intelsecurity.com/ (Intel Security), Ismael worked as Global IT Security Manager for http://www.isofthealth.com/ (iSOFT Group Ltd), one of the world’s largest providers of healthcare IT solutions, focusing on establishing and managing the IT Security program in more than 40 countries while providing risk-driven strategic planning, defining an ISO 27001 compliant policy framework and working with the applications team to ensure that security was embedded into their SDLC.
Author of security articles for Hakin9, INSECURE Magazine and the https://digital-forensics.sans.org/blog (SANS Forensics Blog), Ismael also serves on the GIAC Advisory Board and is a Community SANS Instructor.
He holds a Bachelor's degree in Computer Science from the University of Malaga, is certified in Business Administration, and holds numerous professional certifications including the highly regarded http://www.giac.org/certification/security-expert-gse (GIAC Security Expert) (GSE #132) any many others from http://www.giac.org/ (GIAC), https://www.isc2.org/ (ISC2 )and https://www.isaca.org/pages/default.aspx (ISACA).
In this interview we will discuss learning security on his own, scoping penetration testing projects, security in the healthcare industry, running international teams, how to drive an internal security culture, developing internal training programs, threat hunting and his https://github.com/aboutsecurity/rastrea2r (rastrea2r) threat hunting tool, lessons learned from his IR work, and much more.
I hope you enjoy this discussion. Please leave your comments below!
Where you can find Ismael:
https://www.linkedin.com/in/ivalenzuela (LinkedIn)
https://twitter.com/aboutsecurity (Twitter)
https://digital-forensics.sans.org/blog/author/ismaelvalenzuela (SANS Blog)
http://blog.ismaelvalenzuela.com/ (Blog)
https://github.com/aboutsecurity (GitHub)