Andres Pavez

Senior Cryptographic Key Manager at ICANN
  • Claim this Profile
Contact Information
us****@****om
(386) 825-5501
Location
Los Angeles, California, United States, US
Languages
  • English Professional working proficiency
  • Spanish Native or bilingual proficiency
Skills

Topline Score

Topline score feature will be out soon.

Bio

Generated by
Topline AI

You need to have a working account to view this content.
Join now
You need to have a working account to view this content.
Join now

Credentials

  • CISSP
    ISC2
    Mar, 2013
    - Nov, 2024
  • PMP
    PMI
    Jun, 2012
    - Nov, 2024

Experience

  • ICANN
    • United States
    • Technology, Information and Internet
    • 300 - 400 Employee
    • Senior Cryptographic Key Manager
      • Aug 2014 - Present

      Responsible for all aspects of the cryptographic assets and cryptographic key management process for the Domain Name System Security Extensions (DNSSEC) Root Key Signing Key (KSK). Summary of key responsibilities: ○ Manage cryptographic assets and cryptographic key management processes, including those for the KSK ○ Manage certificate authority hierarchy and certificate profiles, including X.509 Certificate Authority (CA) ○ Manage the lifecycle of certificates and cryptographic keys ○ Write, review, edit, approve and maintain all cryptography key security management related documentations and policies, standards and procedures of these processes ○ Plan and execute KSK management ceremonies as needed, including logistical coordi- nation ○ Manage and test disaster recovery plans for key management operations ○ Propose process improvements to maintain maximum security and maintain continuing operations ○ Minimize risks associated with managing cryptographic keys, including coordination of physical security ○ Prepare responses to third-party audits for key management functions ○ Function as the point-of-contact for cryptographic key management security and policy management issues ○ Attend and participate (e.g., provide briefings) in meeting to discuss execution of its key management responsibilities, and regional and international Internet technical forums and network operations group meetings Show less

  • Transbank
    • Chile
    • Financial Services
    • 700 & Above Employee
    • Information Security Project Manager
      • Dec 2011 - Jun 2014

      Project Manager in security initiatives and projects. Consultant on different company projects, technology models, products, and services based on security standards, cost- benefit, and security risk recommendations. Actively participate in the diagnosis, design, and report of security breaches, vulnerabilities, events, or incidents detected on hardware, software, and the information when it is stored, transferred, and processed. Define, propose, and implement information security policies, standards, and controls. Summary of key responsibilities: ○ Responsible for the PKI digital certificate administration ○ Responsible for creating encryption keys for POS and software ○ Responsible for custody of password and encryption keys ○ Responsible for the creation and maintenance of security policies, standard and controls ○ Responsible for risk management evaluation in company projects ○ Responsible for the definition of security controls/safeguards in projects ○ Responsible for collecting evidence for PCI DSS certification ○ Responsible for the networking traffic approval Show less

  • UNIACC University
    • Security Information Instructor
      • Mar 2010 - Jul 2012

      University professor of introduction course to Information Security at UNIACC University. Specialization degree for senior students in the last year of digital multimedia communication career. University professor of introduction course to Information Security at UNIACC University. Specialization degree for senior students in the last year of digital multimedia communication career.

  • MetLife
    • United States
    • Insurance
    • 700 & Above Employee
    • IT Security Leader and Project Manager
      • Jan 2007 - Nov 2011

      Project Manager in security project implementations like company data classification, IT Security Policies, and awareness, Key IT Controls, and processes. Project’s PMO in different initiatives like Disaster recovery site relocation, Oracle database upgrade, and Networking projects. Supervise one person on business-as-usual tasks, including definition, documentation, maintenance, communication, and implementation of IT Information Security Policies in IT controls and services for application development and technology deployment. Controls, reports, and audit implementation in IT systems and platforms supporting incident escalation procedures, data privacy, access controls, patch management, security designs, change management, and encryption solutions. Operates recurring processes related to information security management, including tracking for IT action plans and IT SOX controls coordinator, business continuity plan, disaster recovery plans, and coordination; and IT security risk assessments Summary of key responsibilities: ○ Responsible for auditing access in all company systems like applications, databases, and firewalls ○ Responsible for the security of network and security devices ○ Responsible for the creation and maintenance of security policies, standards, and controls ○ Responsible for risk management evaluation in company projects. ○ Responsible for maintenance of the disaster recovery plan and planning disaster recovery test ○ IT SOX controls coordinator and responsible for collecting evidence Show less

  • everis
    • Spain
    • IT Services and IT Consulting
    • 700 & Above Employee
    • Team leader and Oracle Data Bases Administrator
      • Mar 2006 - Dec 2006

      Responsible for leading a team of Data Assurance Testing and Oracle database administration. Supervise six persons and plan, schedule, and assign team tasks about prepared data of test applications. Responsible for leading a team of Data Assurance Testing and Oracle database administration. Supervise six persons and plan, schedule, and assign team tasks about prepared data of test applications.

  • Universidad Tecnica Federico Santa Maria
    • Chile
    • Research Services
    • 700 & Above Employee
    • System Administrator
      • Mar 2002 - Jul 2005

      Administration of core IT systems and network equipment supporting then main computer lab facility. Extensive experience in administration in GNU/Linux, ID administration, Web Servers and E-mails. Administration of core IT systems and network equipment supporting then main computer lab facility. Extensive experience in administration in GNU/Linux, ID administration, Web Servers and E-mails.

  • La Silla Observatory, European Southern Observatory.
    • Summer Student
      • Jan 2005 - Feb 2005

      Implementation of the TYPO3 tool for corporate websites and the development of the engineering website (mechanics, software, instrumentation, electronics, and IT). Training for TYPO3 users and documents like Typo3 reference manual, User Manual, and all the required procedures for its installation and maintenance. Implementation of the TYPO3 tool for corporate websites and the development of the engineering website (mechanics, software, instrumentation, electronics, and IT). Training for TYPO3 users and documents like Typo3 reference manual, User Manual, and all the required procedures for its installation and maintenance.

Education

  • Universidad Tecnica Federico Santa Maria
    Informatics Engineering, Computer Systems
    1998 - 2006

Community

You need to have a working account to view this content. Click here to join now