Mariano Julian.
Analytical, detail-oriented, critical thinker.
Passionate about history, economics, hiking, dogs, cars, travel, and electronic music. Always curious, open-minded, and ready for the next challenge.
👋 Hey there! my name is
About Me 📝
Tech & Cybersecurity 👾
For me, trust is fundamental in personal relationships, but in cybersecurity, the zero-trust model is essential for ensuring security, resilience, and control. My approach centers around optimizing overall security, ranging from detection rules to refining threat models and automating pipelines. I have experience across legacy data centers, cloud environments, and web applications, enabling a strategic perspective on security, networking, compliance.
Over the past years, I have been specializing in infrastructure and operations. My work focuses on cloud, digital forensics, threat modeling and traffic analysis, helping to manage incident response, risk assessments, and security architecture challenges. My goal is always to help design and develop resilient defenses against evolving cyber threats, which are difficult to keep up with, but that’s the challenge that makes this field so engaging.
I believe that effectiveness in high-stakes environments stems from a combination of technical expirience and collaboration, whether it’s hardening systems, automating workflows, or conducting in-depth investigations. I enjoy working independently or as part of a team, while also delegating responsibilities and driving initiatives, key pillars in achieving cybersecurity objectives.
The Life 🌍
Born in Argentina to an Italian-Spanish family, I grew up surrounded by warmth, laughter, and my grandmother’s unforgettable cooking. A short trip to Europe became nearly a decade of living, working, and exploring cultures across Ireland, Croatia, Germany, Italy, Spain, and beyond.
Traveling by car is my favorite way to connect with places—it gives me a sense of freedom and discovery. Yet, no matter where I go, Argentina always calls me back with its nature, passion, and the timeless bond of old friends.
In summary, I’m strongly committed to problem-solving and continuous improvement, aiming to ensure that security postures remain robust, adaptive, and resilient.
I've been working with:
- ☁️ AWS, GCP
- 📦 K8s, Podman
- 🤖 GitHub Actions, Terraform, Ansible
- 🔍 Google SecOps, ELK Stack, Vector, Grafana, Loki, Promtail
- 🦈 WireShark, Suricata
- 🕸️ Cisco, Juniper
- 🧠 AWS Bedrock, TensorFlow
- ⚒️ Python, Go, Bash, YARA-L
- 📊 Big Data Analysis
- 🔒 DevSecOps
- 🛡️ OWASP & KSPM
- 🌐 OSINT
- 👽 AlienVault OTX
- 🔑 PKI, SSL/TLS
- 🗂️ Digital Forensics
- 📋 Audit & Compliance
Professional Experience 💻
I contribute to safeguarding the security operations of our cloud and online services by applying a Zero Trust approach and adhering to high security and compliance standards. My work integrates, SOC infrastructure, threat intelligence, risk assessment, and working on AI-driven automation to proactively detect, report, prevent, and respond to threats across the organization’s environment.
Some of my responsibilities:
- Leading Threat Modeling Sessions to identify risks, assess adversary tactics and techniques, and design effective detection and alerting strategies.
- Developing and maintaining SOC playbooks, triage procedures, and incident response workflows to streamline and standardize operations.
- Investigating security incidents and potential data leaks, performing root cause analysis and implementing long-term remediation measures.
- Enhancing the accuracy of SecOps rules and detection logic to minimize false positives and improve signal-to-noise ratio.
- Designing and deploying real-time monitoring, alerting, and SOAR solutions to automate detection and response.
- Maintaining and managing the SOC’s GitHub repositories, including Infrastructure as Code (IaC), detection rules, and automation scripts.
- Implementing and reviewing Terraform configurations as part of the infrastructure CI/CD pipeline, following the four-eyes principle for change control.
- Building and optimizing advanced SIEM dashboards and visualizations for threat detection, correlation, and situational awareness.
- Identifying and remediating security misconfigurations, data exfiltration attempts, and anomalous activity across cloud and network assets.
- Conducting risk assessments, documenting findings and mitigation measures, and following up on vulnerability patching and remediation progress.
- Managing incident response lifecycles, from detection to closure, ensuring lessons learned feed back into preventive controls.
- Driving AI and workflow automation initiatives to improve operational efficiency and response time within the SOC.
I provided support for Java-based business applications, covering a wide range of tasks including deployments, migrations, component setup, issue resolution, system integration, as well as performance tuning and web service hardening to ensure optimal security and efficiency.
Key areas of expertise include:
- Traffic analysis for troubleshooting and third-party component inspection
- SSL certificate and truststore/keystore management
- Integration with Splunk and other SIEM platforms
- Public Key Infrastructure (PKI): deployment and troubleshooting in Java applications and modules
- TLS/SSL handshake configuration and integration with EPO, USPTO, and CNIPA systems
- Automated threat mitigation for bot traffic and other unwanted connections using Radware
Additionally, I have authored technical documentation, runbooks, procedures, and data flow diagrams to support operations and ensure knowledge transfer.
This was one of my most valuable experiences due to my dynamic, hybrid role within the Planning, Implementation, and Maintenance Team at Cablevisión/Fibertel. I was responsible for maintaining critical data center infrastructure, ensuring reliability, security, and regulatory compliance.
Key responsibilities included:
- Managing sensitive information
- Securing web services
- Backing up routers, switches, and firewalls configs
- Troubleshooting and configuring ACLs and firewall rules
- RBAC with AD for privileged access control
- Server deployment and end-to-end network implementation, including configuration for lawful interception and traffic filtering
- PCAP capture and analysis
I have also had the opportunity to collaborate with the Policía Federal Argentina (PFA) and the Secretariat of Intelligence (SIDE) to fulfill legal requests—ranging from data gathering to traffic intercepts—strictly under court orders and legal review.
Additionally, I implemented backup and disaster recovery policies using Legato and robotic storage libraries, and led preventive efforts to improve system resilience, optimize infrastructure, and reduce vulnerabilities.
This role combined experience, curiosity, legal compliance, and cross-functional teamwork to support and maintain critical IT/telecom infrastructure.
I provided core business application support and administration for major U.S. Central Hub clients, including Sabre Holdings, American Airlines, U.S. Airways, and United Airlines.
I have been managing enterprise systems such as:
- WebSphere
- Tomcat
- JBoss
- Apache / IIS
- BigIP F5
- SSL certificate lifecycle management
This role was conducted entirely in English and involved close collaboration with colleagues and teams based in the United States.
As the on-call escalation point, I handled outages and high-severity incidents, ensuring the stability, performance, and security of critical services.
My journey at IBM was marked by a deep dive into middleware technologies, where I honed my skills in installation, configuration, and troubleshooting of enterprise-grade platforms such as WebLogic, AquaLogic, Integrator, WebSphere, WebSphere ND, JBoss, Tomcat, Apache, and MQ Series. Working across diverse operating systems like Solaris, Microsoft Windows, Linux, and Virtual Machines.
Beyond the technical aspects:
- I took on the role of a Technical Reference, becoming a go-to resource for my peers and teams.
- I was actively involved in mentoring and training new joiners as part of what was known as the Skill Factory of Middleware.
This initiative was designed to onboard and upskill team members, ensuring they were well-equipped to handle the challenges of middleware management. Sharing knowledge, fostering collaboration, and guiding others became a fulfilling part of my responsibilities, leaving a lasting impact on the team and the projects we delivered.
Some of my projects 🕵️
Elasticsearch
Filebeat
Suricata
Kibana
Podman
IDS
IPS
Network-analysis
Alienvault
Open Source 👁 SIEM-IDS Solution
Enables real-time control and monitoring of network traffic and system events. This project is designed for users seeking to monitor and analyze network infrastructure activity, enhance privacy controls, or address complex security challenges. It supports scalable deployment, enabling configurations as an Intrusion Detection System (IDS) or an Intrusion Prevention System (IPS).
Cybersecurity
IDS
IPS
Threat-Hunting
Digital-Forensics
OSINT
Suricata
Zeek
Wazuh
ASTRÆA | Cybersecurity & Defense
A cybersecurity and technology consultancy company focused on threat detection, digital forensics, and open-source intelligence (OSINT). We specialize in security operations, cloud infrastructure hardening, and advanced threat hunting to help organizations protect their assets, reduce attack surfaces, and enhance detection capabilities.
Get in Touch
If you’re into cybersecurity, tech or the perfect road trip, let’s connect! 🚀