Summary
Overview
Work History
Education
Skills
Interests
Certification
Timeline
Generic
Carlos Rafael Ramirez Rosales

Carlos Rafael Ramirez Rosales

Senior Security Analyst & Automation Specialist
El Marques

Summary

Experienced Security Analyst with over 10 years in IT Security Operations and a strong track record in enhancing SOC investigations through a deep understanding of diverse infrastructure environments. Certified in SANS 508 Digital Forensics and Falcon Incident Response, with 3 years of hands-on experience in the CrowdStrike Falcon console. Skilled in SIEM operations and automation, including use case and workflow integration via BMC platforms. Brings over 15 years of experience in programming and API integration across multiple systems.

Overview

13
13
years of professional experience
4
4
years of post-secondary education
4
4
Certifications
2
2
Languages

Work History

Senior Security Analyst

Continental Automotive
Querétaro
06.2023 - Current
  • Led investigations into suspected breaches to determine scope, impact, and appropriate remediation steps.
  • Conducted various deep knowledge investigations together with Infrastructure teams to provide countermeasures and build up playbooks and runbooks.
  • Authored and implemented new Confluence knowledge base articles to support team knowledge-sharing sessions and promote consistent expertise across all team members.
  • Trained 2 new analysts on company methods and infrastructure, fostering a strong team dynamic that resulted in increased efficiency.
  • Developed various use case implementations based on EDR telemetry to address security gaps, and successfully deployed them within Crowdstrike’s Next-Gen SIEM platform.
  • Served as the architect for the BMC Security Incident Handling Module during its initial, enterprise-wide implementation.
  • Developed integration scripts within BMC Helix iPaaS using Jitterbit to automate processes across BMC Business Workflows.
  • Developed PowerShell scripts leveraging the Falcon API module to automate and manage tasks within the CrowdStrike Falcon console.

IT Infrastructure Engineer Sr Staff

Continental AG
Cuautla
01.2016 - 06.2023
  • Strong critical thinking and problem-solving skills, with a proven ability to learn and adapt quickly.
  • Effective communicator with experience in cross-functional, global teams.
  • Developed and automated solutions using PowerShell, Python, JSON, SQL, and Visual Basic.
  • Built APIs and automation tools for Ivanti/LANDesk, McAfee, and CrowdStrike platforms.
  • Created GUI tools integrating McAfee ePO API and Active Directory for automated user provisioning.
  • Managed Active Directory and HPSM integrations via API for automated ticket generation.
  • Provided third-level expert support for system and security management, including McAfee ENS, Integrity Control, VSE, and storage-based antivirus solutions.
  • Acted as an Automation Specialist for system and security management, driving workflow efficiency.
  • Coordinated global rollouts of McAfee security products, and supported PoC initiatives for ATP, encryption, and reporting tools.
  • Served as CrowdStrike global admin and Falcon console expert, aligned with MITRE ATT&CK, CVEs, and threat actor TTPs.
  • Assisted in incident response efforts during global malware events, including WannaCry and the August 2022 Ambercorner incident.
  • VMware administrator – handled the provisioning and cloning of virtual machines for testing.
  • ITIL v3 certified, with a strong background in structured service delivery.
  • Completed McAfee Forensics and Incident Response advanced training.

IT Infrastructure Engineer Junior

CPIM working for Continental AG
Cuautla
10.2013 - 01.2016
  • Demonstrated initiative and creativity in solving complex technical challenges during remote support sessions to worldwide locations.
  • Applied strong time management skills to consistently meet tight deadlines.
  • Quickly learned and adapted to new tools, technologies, and environments.
  • Supported global teams in system and security administration, including remote and onsite training in Mexico and the United States locations.
  • Developed over 10 custom scripting tools across multiple platforms to streamline operations.

Continental Trainee Program

Continental AG
Cuautla
08.2012 - 09.2013
  • Efficiently managed time to meet all production deadlines at the Cuautla facility.
  • Developed component binding solutions for MES integration and vision-based traceability on the ER100 ABS systems production line.
  • Gained broad exposure to multiple departments through a comprehensive trainee program.
  • Led projects across supply chain management, quality assurance, industrial engineering, and chassis & safety departments.
  • Presented project outcomes regularly in management team meetings.

Education

Bachelor of Science - Mechatronics Programming Specialization

ITESM Campus Cuernavaca
Cuernavaca Morelos
08.2008 - 12.2012

Skills

Scripting & Automation

undefined

Interests

Motorcycles, Travel, Basketball, Die-Cast Models,

Certification

SANS 508 Digital Forensics and Incident Response

Timeline

SANS 508 Digital Forensics and Incident Response

12-2025

Falcon Incident Responder

07-2025

Senior Security Analyst

Continental Automotive
06.2023 - Current

McAfee FIRE Incident Response

05-2021

ITIL V3

04-2016

IT Infrastructure Engineer Sr Staff

Continental AG
01.2016 - 06.2023

IT Infrastructure Engineer Junior

CPIM working for Continental AG
10.2013 - 01.2016

Continental Trainee Program

Continental AG
08.2012 - 09.2013

Bachelor of Science - Mechatronics Programming Specialization

ITESM Campus Cuernavaca
08.2008 - 12.2012

Similar Profiles

CREATE PROFILE
Carlos Rafael Ramirez RosalesSenior Security Analyst & Automation Specialist