Company: CIC Consulting Informáticos
Leading backend development of advanced IT/OT monitoring platform for critical infrastructure protection in collaboration with Spain's National Cybersecurity Institute.
Leading Critical Infrastructure Protection
August 2025 - Present (5 months)
Spearheading the development of Rabel, an enterprise-grade IT/OT asset monitoring platform built in collaboration with INCIBE (National Cybersecurity Institute of Spain) to protect critical infrastructure across Spain.
Strategic partnership
Working directly with INCIBE to ensure Rabel meets the highest cybersecurity standards for protecting critical infrastructure facilities, including manufacturing plants like Bridgestone.
Multi-Language Enterprise Architecture
Leading backend development using a polyglot architecture approach:
- Python for ML integration and data processing pipelines
- Java for enterprise microservices and scalability
- C# for IDboxRT platform integration and industrial protocols
This multi-language strategy enables us to leverage the best tool for each component while maintaining system cohesion.
Architectural decision
The polyglot approach allows us to integrate ML models (Python), enterprise scalability (Java), and industrial compatibility (C#) seamlessly.
Machine Learning Integration for Industrial Security
Built and integrated ML models for proactive threat detection:
Real-time Anomaly Detection
- Behavioral analysis of equipment and network traffic patterns
- Predictive alerting for operational anomalies before they become critical
- Adaptive learning from industrial facility operations
Equipment Fingerprinting
- Automated asset discovery across IT/OT environments
- Device identification and classification using ML algorithms
- Shadow IT detection for unauthorized devices
Comprehensive Vulnerability Management System
Designed and implemented an enterprise vulnerability management system:
| Component | Implementation |
|---|---|
| CVE Database Integration | Real-time sync with national and international CVE feeds |
| Risk Assessment | Automated CVSS scoring and prioritization |
| NIS 2 Compliance | Spanish NIS Directive compliance checking and reporting |
| Certificate Monitoring | Automated tracking of certificate expiration across 100% of assets |
Compliance focus
Ensuring full compliance with Spain’s NIS 2 Directive requirements for critical infrastructure protection, including energy, manufacturing, and transportation sectors.
Multi-Channel Alerting & Incident Response
Built sophisticated automated alerting system with workflow automation:
- Multi-channel notifications (Email, SMS, Slack, Teams)
- Automated ticketing integration for incident response
- Smart escalation policies based on severity and asset criticality
- 24/7 monitoring of IT/OT assets with intelligent noise reduction
Monitoring Coverage
- 100% IT/OT asset visibility across facilities
- Certificate expiration tracking with advance warnings
- Vulnerability detection and risk scoring
- Operational anomaly detection using ML models
Critical Infrastructure Impact
Client Results
Working with critical infrastructure clients including:
- Bridgestone manufacturing plants - Complete IT/OT monitoring
- Energy sector facilities - NIS 2 compliance and threat detection
- Industrial facilities - Asset discovery and vulnerability management
Key Achievements
- 100% asset visibility for critical infrastructure clients
- Proactive threat detection using ML-powered anomaly detection
- NIS 2 compliance for Spanish critical infrastructure requirements
- Automated incident response reducing MTTR by 60%
Impact on national security
Rabel is becoming a cornerstone platform for protecting Spain’s critical infrastructure, directly contributing to national cybersecurity resilience.
Technical Innovation
ML-Powered Security
Leveraging machine learning for:
- Pattern recognition in industrial operations
- Predictive maintenance and failure prevention
- Automated threat classification and response
Enterprise Scale
Handling:
- Thousands of assets across multiple facilities
- Millions of events processed daily
- Real-time analysis with sub-second latency
Technology Stack
- Backend: Python, Java, C#
- ML/AI: Anomaly Detection Models, Fingerprinting Algorithms
- Security: CVE Analysis, NIS 2 Framework, Vulnerability Scanning
- Monitoring: IDboxRT, Custom Alerting Systems
- Infrastructure: Distributed architecture for high availability
Strategic Role
This position represents the culmination of my expertise in:
- Backend development across multiple languages
- ML integration for industrial applications
- Security compliance and vulnerability management
- Critical infrastructure protection and monitoring
Working with INCIBE provides unique insight into national cybersecurity strategies and the opportunity to directly impact Spain’s critical infrastructure resilience.
