Ariel Maiorano
Verified Expert in Engineering
Software Developer
Ariel has more than 20 years of experience in professional information security and software development, including working on projects ranging from small applications to complex enterprise solutions. He focuses mainly on back-end security and development in C, C++, Java, .NET platform, Python, PHP, Perl, and shell scripting, with databases like MySQL, PostgreSQL, MS-SQL, Oracle, MongoDB, and SQLite. Ariel has a great hands-on background in commercial and open-source frameworks and environments.
Portfolio
Experience
Availability
Preferred Environment
Application Security, Source Code Review, Red Teaming, Cryptography, Applied Cryptography, Development, Risk Management, Compliance, Integration, Automation
The most amazing...
...projects I've developed were tailor-made systems for local and foreign customers that improved their security posture.
Work Experience
Teacher | Researcher
GICSI - Faculty of Engineering of the Army, National Defense University
- Collaborated with the research group in Cryptology and Computer Security (GICSI) that carries out its activities in a laboratory belonging to the Faculty of Engineering of the Army, National Defense University, Argentina.
- Carried out teaching tasks in the Cryptography and Discrete Mathematics departments at three local universities.
- Published several papers, available at Scholar.google.com.ar/citations?user=7_prQU8AAAAJ&hl=es&oi=ao.
Consultant
m-sistemas
- Provided IT consulting services and supported our customers in all software solution development stages.
- Developed services, back ends, applications, and web-based solutions for the Internet, intranet, and mobile devices. Managed project analysis, development, implementation, security, and maintenance.
- Developed tailor-made systems for local and foreign customers using the latest technologies, including open-source platforms, frameworks, and development environments.
Security Architect
BBVA Argentina
- Created security architecture, specifically general and multiple applications and systems security.
- Performed source code auditing, including vulnerability assessment and penetration testing.
- Implemented security solutions and tailor-made development.
Consultant
Airport Security Police (Argentina)
- Provided consulting on Information Security. Managed the compliance with the Information Security Policy of the PSA, based on the ONTI model.
- Coordinated with the Information Security Committee. Drafted and elevated rules and procedures complementary to the Policy.
- Developed awareness and training programs. Provided risk analysis and management of information assets. Led Computer Security Incident Response Team.
Experience
Example of Application Security Audit/Source Code Review
https://github.com/arielmaiorano/analisis-qlink/blob/master/2-android/qlink_cacic2018.pdfIn this article, we described the results of the source code review of the Qlink. Its Android application after summarizing previous findings. This analysis focused on the implementation of cryptographic functionalities. This publication aims to invite other researchers to analyze the application to determine if Qlink. It could be considered secure.
Automatic Analysis of Patches
https://github.com/arielmaiorano/aap/blob/master/README.en.mdAuto-Feed-DefectDojo
https://github.com/arielmaiorano/auto-feed-defectdojoEducation
Progress Toward a PhD in Cryptography
La Plata National University - La Plata, Buenos Aires, Argentina
Certifications
GIAC Defensible Security Architecture (GDSA)
Global Information Assurance Certification (GIAC)
Skills
Languages
Python, Java, C#, PHP, C, C++, Perl, Bash, Go
Platforms
Linux, Android, Docker
Other
Cryptography, Applied Cryptography, Security Architecture, Web Security, Development, Security Design, Security Audits, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Back-end Development, Web Services, Web App Security, Security, Web Development, Web App Development, Security Policies & Procedures, IT Security, OWASP, Web Standards, ISO Standards, ISO 27001, PCI DSS, Application Security, Source Code Review, Red Teaming, Mobile Security, Cloud Security, Machine Learning, Incident Response, Incident Management, Threat Intelligence, Threat Analytics, Threat Modeling, CSIRT, Security Operations Centers (SOC), Information Security, Information Security Management Systems (ISMS), Compliance, Vulnerability Assessment, Risk Management, Vulnerability Management, NIST, Integration
Libraries/APIs
REST APIs, API Development
Paradigms
Penetration Testing, REST, App Development, Microservices, Automation, DevSecOps
Industry Expertise
Cybersecurity
Frameworks
Django
Storage
MySQL, PostgreSQL, MongoDB, MariaDB, Microsoft SQL Server
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring