Matías Davyt

Montevideo, Uruguay
[email protected]

I am a Computer Engineer with 9+ years of experience in Information Security, specializing in Security Monitoring, Network Security, System Administration and Incident Response. Currently responsible for Information Security at Skribble.

Working in Information Security since 2014, I have experience in many fields of Information Security, particularly in Threat Detection & Response, Network and Infrastructure Security and Incident Response.

Specialized in networking and infrastructure, having designed and implemented a management and orchestration tool for the Academic Network Laboratory at the Computer Institute of the Faculty of Engineering as a final Engineering Project.

Open Source enthusiast, I like to understand how things work, having the tools for optimizing, automating and troubleshooting. I have developed several internal applications and systems for Deloitte's CSIRT and Laboratory infrastructure, such as an internal Certificate Authority, an Auditing & Compliance web app, a Penetration Testing report generator, a Threat Intelligence IOC concentrator and other small web apps.


Experience

CISO

Skribble
2023 - Present

Security Engineer

Skribble
2021 - 2023

Specialist Senior | Cyber Risk

Deloitte S-LATAM
2020 - 2021

Senior Consultant | Cyber Risk

Deloitte Uruguay
2016 - 2020

Consultant | Cyber Risk

Deloitte Uruguay
2014-2016

Education

Computer Engineer

Universidad de la República
2011 - 2017

Skills

Security Monitoring Network Security Linux Bash Scripting System Hardening Automation Incident Response Cryptography Troubleshooting



Languages

Spanish

Native

English

Full proficiency (C2 level)
Certificate of Proficiency in English
TOEFL ITP - 667 Score

Portuguese

Basic


Certifications

CompTIA Security+

CompTIA

Certified Kubernetes Administrator

The Linux Foundation

Certified Kubernetes Security Specialist

The Linux Foundation

IBM QRadar SIEM Foundation

IBM

AWS Certified Cloud Practitioner

Amazon Web Services

AlienVault Certified Security Engineer

AT&T Cybersecurity


Courses (through Coursera)

Deep Learning Specialization

deeplearning.ai

Machine Learning

Stanford University

Blockchain Specialization

University at Buffalo

Cryptography

University of Maryland

Main projects and Technologies

Security Monitoring

Implementation of a log centralisation and security monitoring solution built on Open Source tools.

Opensearch Logstash Wazuh Elastalert Falco

System administration and security

Installation, configuration, hardening and management of different technologies.

Ansible FreeBSD Linux Kubernetes MongoDB PostgreSQL Hashicorp Vault

ISO27001 certification

Implementation of an Information Security Management System, obtained ISO 27001 certification.

ISO27001

Threat Detection & Response

Collaborated in the development of the TDR service portfolio for Deloitte S-LATAM, in particular leading the technical team for the Basic Cyber Security Monitoring solution, built entirely with Open Source tools.

Elasticsearch Logstash Kibana Docker Wazuh Elastalert Linux Bash

Deloitte CSIRT

Responsible for the design, implementation and system administration of Deloitte Uruguay’s CSIRT.

VMWare Networking Linux Ubuntu Fortinet OpenLDAP Bind9 Gitlab OpenSSL Python Django Bash

National Security Operations Center

Led the specialized consulting project for the National SOC for the Uruguayan Government, collaborating with several ministries and public companies, prioritizing log sources and developing detection use cases to increase the SOC coverage and visibility nationwide.

IBM QRadar Mitre ATT&CK FreeIPA

Bolivia National Certification Authority

Automated the installation and Root Key Signing Ceremony for the Bolivian National Root CA and Subordinate CA, documenting the script both in code and paper to ensure repeatability in the installation.

CentOS EJBCA MySQL Bash

Web Application Firewalls

Installation, configuration and tuning of Web Application Firewalls (using Apache with Modsecurity) for various ministries and public companies, including testing applications and creating rules to protect the different applications without affecting performance and functionality.

CentOS Apache Modsecurity Bash

Academic Network Laboratory Management System

Developed a Management System for the Academic Network Laboratory used by the University’s Computer Institute, as a final project for the Engineering degree.
Link (in Spanish)

Ubuntu LXD OMF Bash Python Ruby

Other projects

Participated in several other projects such as Penetration Testing and Vulnerability Management, Incident Response, Forensics, PCI DSS Consulting, System Hardening and Information Security Consulting in general.