avatar

Fernando Lozano Pajarón

Summary

I am a Software Engineer, who loves solving problems, with a focus on web development and security. Currently, I am working in the Hdiv Security company.

Specialties: J2EE, Web Security, Java, Spring

Experience

March 2016 - Present
Software Engineer
Software Engineer at Hdiv Security.

- Developing a framework for building self-protected web application that prevent OWASP Top 10 risks (SQLInjection, XSS, Insecure Direct Object Reference...), applying security by design techniques over traditional web applications.

- Contributing in an European project, SWEPT (http://www.swept.eu).

Main Technologies:

- Java
- Interactive Application Security Testing (IAST)
- Runtime Application Self Protection (RASP)
- Bytecode manipulation (ASM)

Hdiv is a leading provider of open-source software for real-time, self-protected applications. Hdiv solutions are built into applications during development to deliver the strongest available runtime application self-protection (RASP) against OWASP Top 10 threats. Since 2008, Hdiv has pioneered self-protection cyber security software, and today its solutions are used by leading commercial software providers and global enterprises in banking, government, retail, technology, and aerospace. The company is privately held and headquartered in San Sebastián, Spain.
January 2014 - Present
Software Engineer
Committer on the HDIV team. A free and open-source Web Application Security Framework that eliminates or mitigates web security risks for some of the most used web frameworks, maintaining the API and the framework specification, such as Spring MVC, Grails, JSTL, Struts 1, Struts 2, JavaServer Faces, Symfony.
January 2014 - March 2016
Software Engineer
Arima Software Design is a company based in Donostia / San Sebastián. Arima works within the software design field.

I worked as a Software Engineer, designing and developing J2EE and PHP applications in different environments.

Main technologies:

- J2EE
- Java
- Symfony
- PHP
- Spring Framework
- ASM Bytecode
February 2013 – February 2015
Software Engineer and Partner
I was involved in Magna SIS, a Junior Enterprise located at the Computer Science Faculty in San Sebastian. It offers the opportunity to get real job experience in multiple types of environments, during the studies. It is focused on developing for the Internet, making web applications and social networks.

During this time, we developed many web applications with the following technologies: Play Framework, WordPress, CSS3, HTML5... In addition, I learnt how to manage a real company, taking the role of treasurer and dealing with the finances of the company. This duty gave me valuable accounting skills. We also learnt how to work with real clients and carry projects to a successful conclusion.
December 2009 – June 2014
Photographer
Real Unión Club de Irún, S.A.D. is a Spanish football club based in Irun. I worked as a photographer for the club for almost 5 years.
June 2011 – October 2011
Web Developer (Internship)
During summer 2011, I worked at Eurohelp Consulting as an intern. I was there for 5 months developing web applications with different technologies: J2EE, JPA, Hibernate, Maven, Spring Framework, Struts...

Education

UPV/EHU
2012 – 2014
Computer Science
5-year university degree.
UPV/EHU
2008 – 2011
Bachelor of Computer Science
3-year university degree with a focus on Computer Engineering, Information Technology and Software Engineering.

Certifications

University of Cambridge
September 2015
First Certificate in English
Coursera
April 2015
Web Application Architectures
Offered by University of New Mexico.
Coursera
March 2015
Software Security
Offered by University of Maryland.

Contact

fernandolozanopajaron@gmail.com
Twitter
StackOverflow

Skills

J2EE
Spring Framework
Application Security
IAST
RASP
ASM Bytecode
Jenkins
Amazon AWS
Symfony
Spring Security
Maven
JavaScript
CSS
PHP
Hdiv Framework
jQuery
Wordpress
SQL Injection
XSS

Languages

Spanish (Native or bilingual proficiency)
English (Professional working proficiency - First Certificate in English)
Euskara (Native or bilingual proficiency)

Publications

UPV/EHU
February 12, 2013
J48Consolidated: An implementation of CTC algorithm for WEKA
O. Arbelaitz, I. Gurrutxaga, F. Lozano, J. Muguerza, J.M. Pérez. "J48Consolidated: An implementation of CTC algorithm for WEKA". Technical Report EHU-KAT-IK-05-13, University of the Basque Country (UPV/EHU), 1-34. (2013)

Honors & Awards

Zitek
April 2014
E-mprende 2014 - 1st prize
Winners in a business-simulation contest with over 150 participants.
Zitek
April 2013
E-mprende 2013 - 'Best company'
Special prize for the best team formed by people from the same company.