Image of Fermín Serna

Fermín Serna

Senior Information Security Lead

Chief Information Security Officer at Citrix

Issaquah, Washington

Section title

Fermín Serna's Email Addresses & Phone Numbers

Fermín Serna's Work Experience

Google

Senior Information Security Lead

November 2011 to Present

Greater Seattle Area

Microsoft

Senior Security Software Engineer (MSRC)

August 2007 to November 2011

Greater Seattle Area

Next Generation Security S.L.

Co-founder and CTO

January 2002 to July 2007

Madrid Area, Spain

Fermín Serna's Education

Universidad Complutense de Madrid

Computer Science Engineer Computer Science

1999 to 2007

Fermín Serna's Professional Skills Radar Chart

Based on our findings, Fermín Serna is ...

Troubleshooter
Tough
Private

What's on Fermín Serna's mind?

Based on our findings, Fermín Serna is ...

52% Left Brained
48% Right Brained

Fermín Serna's Estimated Salary Range

About Fermín Serna's Current Company

Google

Relevant activities: - Lead of ISE-TPS (third party security) focus area responsible for finding thousands of security vulnerabilities (http://www.google.com/about/appsecurity/research/), sandboxing and security third party software/libraries used at Google. - Security audits of Google’s web and native client/server properties. - Member of the Vulnerability Response team helping identifying and fixing externally reported vulnerabilities.

Frequently Asked Questions about Fermín Serna

What company does Fermín Serna work for?

Fermín Serna works for Google


What is Fermín Serna's role at Google?

Fermín Serna is Senior Information Security Lead


What is Fermín Serna's personal email address?

Fermín Serna's personal email address is f****[email protected]


What is Fermín Serna's business email address?

Fermín Serna's business email addresses are not available


What is Fermín Serna's Phone Number?

Fermín Serna's phone (206) ***-*180


What industry does Fermín Serna work in?

Fermín Serna works in the Internet industry.


Who are Fermín Serna's colleagues?

Fermín Serna's colleagues are Stuart Parkington, Kelly Parks, Manasi Sachdeva, Sunish Mannuel, Sofiane Maiou, Joe Wahrhaftig, Jigar Mehta, Tom Barcia, Bill Lange, and Darren Leditschke


About Fermín Serna

📖 Summary

Profile: A 14 years of experience natural technical leader with deep knowledge in the security/vulnerability assessment and exploit development fields. Proven expertise in problem abstraction, identifying gaps in the big picture, implementing strategies and delivering results. Team player providing continuous collaboration, support, feedback and direction to other team members. Areas of expertise: - Advanced security research as can be seen on: http://zhodiac.hispahack.com - High experience in the development of exploits (and penetration utilities) for different platforms (IA32, SPARC, PARISC, ARM iphone/android/ipad...). + Lsof exploit (IA32) + Tcpdump exploit (IA32) + SnmpXdmid exploit (SPARC) + Netscape Enterprise exploits (SPARC, IA32, PARISC) + Internet Explorer + Adobe Flash + IOS - Advanced knowledge on OS and compiler mitigations: ASLR, DEP/NX/W^X, GS, SEHOP, SAFESEH. __vtguard, ... - Advanced knowledge of Operating Systems and its development: Win32 and the different flavors of Unix, specialized in Linux, OpenBSD, NetBSD, FreeBSD SunOS, HP-UX and AIX. - Advanced knowledge of TCP/IP protocols and networks and the development of applications using them. - Expert developer on Unix and WIN32 environments. (Loadable Kernel Modules (Linux, Solaris, *BSD) , kernel hacking, system programming) and debugging. - Expert user of X.25 networks such as Ibertex. - Expert developer in the following languages: C, C++, C#, JAVA, PASCAL, DELPHI, PHP, ASM (IA32, SPARC, PARISC, ARM), etc. - Expert knowledge in management of firewalls and IDS: Netfilter (Iptables), IPChains, IPFilter, CheckPoint FW-1, StoneGate, Microsoft ISA Server, SNORT, RealSecure, etc. - Ethical hacking and penetration tester expert knowledge: SQL injection, Blind SQL injection, Cross Site Scripting (XSS), CMD injection, etc.Senior Information Security Lead @ Relevant activities: - Lead of ISE-TPS (third party security) focus area responsible for finding thousands of security vulnerabilities (http://www.google.com/about/appsecurity/research/), sandboxing and security third party software/libraries used at Google. - Security audits of Google’s web and native client/server properties. - Member of the Vulnerability Response team helping identifying and fixing externally reported vulnerabilities. From November 2011 to Present (4 years) Greater Seattle AreaSenior Security Software Engineer (MSRC) @ Relevant activities: - Technical background for MSRC dealing with new reported vulnerabilities, hacking for variations, source code review, fix validation, mitigations, technical review of bulletins, etc… - Primary owner and developer of EMET (Enhanced Mitigation Experience Toolkit): http://support.microsoft.com/kb/2458544. Designer and developer of EAF (Export Address Table Filtering) and Mandatory-ASLR. - Found more than 80 new vulnerabilities and variations of MSRC cases. - Development of fuzzers, code coverage tools, etc… - Part of the SSIRP response team. React case owner of MS08-067, (netapi32 rpc case, conficker). - Regular blogger at Microsoft SRD’s blog. From August 2007 to November 2011 (4 years 4 months) Greater Seattle AreaCo-founder and CTO @ Relevant activities: - Design and development of an Application IDS for web servers: NGSecureWeb, a Host IPS StackDefender, a Home User IDS LogIt and an Embedded Firewall ForceFilter. - Development of AntiPharming in collaboration with the Spanish Police (GuardiaCivil) and government. - Development an AntiPedophilia crawler on P2P networks for the spanish police (GuardiaCivil) as a contractor for a third party company. - Ethical Hacking, security consultant and auditor for the major spanish Telecoms and Banks. o Development for a third party company of an embedded device using ARMcores, RFID devices, etc… - Collaboration with US-CERT in the disclosure of the ISC DHCP vulnerability (http://www.cert.org/advisories/CA-2002-12.html). From January 2002 to July 2007 (5 years 7 months) Madrid Area, SpainSecurity Engineer @ From 2000 to 2002 (2 years) Computer Science Engineer, Computer Science @ Universidad Complutense de Madrid From 1999 to 2007 Fermín Serna is skilled in: Security Research, Linux, Solaris, Web Application Security, Reverse Engineering, Vulnerability Assessment, Unix, C++, Penetration Testing, Security, Malware Analysis, Application Security, Java, CEH, Operating Systems, Computer Security, Intrusion Detection, Security Audits, Network Security, ISO 27001, Information Security..., IPS, Information Security, Vulnerability Management, Distributed Systems, Firewalls, TCP/IP, Cryptography, Perl, PHP, Debugging, PKI, Win32 API, PCI DSS, Computer Forensics, FreeBSD, Bash, CISSP, Security Architecture..., Apache, High Availability, HP-UX, Internet Security, Kernel, Code Review, Software Engineering, Networking, Scripting


Fermín Serna’s Personal Email Address, Business Email, and Phone Number

are curated by ContactOut on this page.

10x your recruitment & sales conversations

Contact over 200M professionals
instantly by email or phone. Reveal
personal & work email addresses, as
well as phone numbers accurately with
our ContactOut Chrome extension.

In a nutshell

Fermín Serna's Personality Type

Introversion (I), Sensing (S), Thinking (T), Perceiving (P)

Average Tenure

3 year(s), 11 month(s)

Fermín Serna's Willingness to Change Jobs

Unlikely

Likely

Open to opportunity?

There's 88% chance that Fermín Serna is seeking for new opportunities

Fermín Serna's Social Media Links

zhodiac.hi...

Fermín Serna's Achievements

Additional Honors & Awards

Issued by - · -

Engage candidates 10x faster

Enjoy unlimited access and discover candidates outside of LinkedIn

Trusted by 400K users from

76% of Fortune 500 companies

Microsoft Nestle PWC JP Morgan Merck Rackspace WarnerMedia Randstad Yelp Google

The most accurate data ever

CCPA Compliant
GDPA Aligned
150M Personal Emails
300M Work Emails
50M Direct Dials
200M Professional Profiles
30M Company Profiles

Hire Anyone, Anywhere
with ContactOut today

Making remote or global hires? We can help.

  • 50 contacts/month
  • Works on standard LinkedIn only
  • Work emails, personal emails, mobile numbers
* 1 user per company limit

No credit card required

Try ContactOut for Free