Summary
Overview
Work History
Education
Skills
Certification
Timeline
Generic

Frank Bazan

San Antonio,TX

Summary

Dynamic technical leader with over 15 years of experience in driving secure and scalable digital platform solutions while automating critical workflows within complex enterprise environments. Expertise in leading cross-functional teams through technical delivery and transformation, fostering the adoption of secure practices and certificate lifecycle automation. Deep knowledge in Public Key Infrastructure (PKI), cryptographic services, and infrastructure-as-code (IaC), with hands-on leadership in integrating Venafi, AWS ACM PCA, and Entrust CA Gateway across hybrid and cloud-native environments. Currently advancing knowledge in post-quantum cryptography and crypto-agility through a graduate security program, focusing on future-proofing enterprise security architectures.

Overview

13
13
years of professional experience
1
1
Certification

Work History

Senior PKI Engineer

Federal Reserve Bank of Richmond
05.2022 - Current
  • Architected and deployed comprehensive PKI solutions to support certificate and key lifecycle management in complex on-prem and hybrid cloud environments, with a focus on AWS infrastructure.
  • Designed enterprise PKI architecture ensuring alignment with NIST CSF and internal risk frameworks.
  • Created and maintained reusable architecture patterns for certificate lifecycle automation, enabling consistent implementation across on-prem and multi-cloud platforms.
  • Partnered with enterprise architects, risk officers, and security leaders to embed cryptographic services into broader infrastructure and application architectures.
  • Developed and enforced standards for PKI integration with IAM, PAM, and hybrid cloud security controls.
  • Presented solution designs and security alignment documentation to architecture review boards for approval.
  • Designed monitoring and compliance dashboards (Splunk, Venafi Metrics) to support audit readiness, incident response, and operational governance.

Professional Services Consultant

Venafi
05.2021 - 06.2022
  • Served as a subject matter expert regarding Machine Identity Protection for customers and internal teams.
  • Led creation of strategic PKI automation and crypto-agility roadmaps for Fortune 500 customers and presented those to executive stakeholders, aligning business priorities with technical execution.
  • Acted as lead engineer for customer cloud enablement and certificate automation, integrating Venafi TPP with Entrust CA Gateway, Microsoft CA, AWS Private CA and HSMs to provide full lifecycle certificate management across multi-cloud environments.
  • Served as security architecture advisor for Fortune 500 customers, designing PKI automation reference architectures across AWS, Azure and On-Premise Data Centers.
  • Defined reusable, security-by-design patterns for integrating Venafi TPP with CA gateways, IAM/PAM, and DevSecOps pipelines.
  • Created security maturity roadmaps for enterprise adoption of automated certificate lifecycle management, presenting to executive stakeholders.
  • Mapped security solutions to NIST CSF and ISO 27001 frameworks, ensuring compliance and audit alignment.
  • Collaborated with enterprise architects, DevOps leads, and infrastructure teams to embed security controls into CI/CD processes without impacting delivery timelines.
  • Produced architecture diagrams, integration specifications, and governance models for multi-tier PKI deployments.

Security Systems Engineer - Cryptographic Services

United Services Automobile Association
04.2016 - 05.2021
  • Provide engineering, analysis, and infrastructure expertise in hybrid environment supporting multiple technologies to create coherent, stable infrastructure and secure environment.
  • Implemented and consulted on hybrid PKI and cryptographic architectures supporting enterprise risk reduction and compliance requirements.
  • Partnered with enterprise security architecture teams to embed PKI standards and controls into application and infrastructure solutions.
  • Developed governance processes, technical reference models, and integration standards for certificate lifecycle management.
  • Aligned cryptographic services with IAM/PAM strategies to enforce secure authentication and authorization policies.
  • Created cross-functional training programs to promote adoption of secure architecture patterns across DevOps, infrastructure, and application teams.

Technical Specialist II

HEB Grocery, Threat Assessments and Vulnerabilities
02.2013 - 04.2016
  • Provide Tier 3 analysis, architecture expertise and continued security analysis in enterprise IT environment supporting multiple technologies to create coherent, stable and secure infrastructure.
  • Designed and implemented security configurations for enterprise infrastructure in alignment with NIST and PCI-DSS standards.
  • Developed security-focused automation scripts for incident response, configuration enforcement, and compliance reporting.
  • Collaborated with system architects and business leaders to ensure technology deployments aligned to enterprise security requirements.
  • Design and implement infrastructure processes for administrating and maintaining current and newly acquired technologies.
  • Research OS system updates and upgrades to ensure system failures and outage impact minimization.
  • Create and deliver formal proposals, project planning timelines and requirement documentation.
  • Integration, testing and implementation of newly developed applications.
  • Develop automate deployment and administration methods for maximizing team time management.

Education

Master of Science - Information Systems & Security

University of The Cumberlands
11.2025

Bachelor of Science - Computer & Information Technology

Texas A&M University At San Antonio
San Antonio, TX

Skills

Cloud & Infrastructure Security:

  • AWS, Azure, GCP, AWS ACM PCA, Azure Key Vault, Hybrid Cloud Security Patterns

Security Frameworks & Governance:

  • NIST CSF, ISO 27001, TOGAF-aligned patterns, Crypto-agility, Post-Quantum Readiness

Identity & Access Management:

  • Active Directory, OKTA, CyberArk, IAM, RBAC, PAM

DevSecOps Integration:

  • Terraform, Ansible, Jenkins, Git CI/CD, Secure SDLC, API Automation (Venafi, Entrust)

Monitoring & Compliance:

  • Splunk, Venafi Metrics, Security Logging, Audit Dashboards

Certification

  • ISC(2) - CISSP
  • ISC(2) - CCSP (In-Progress)
  • GCP Associate Cloud Engineer Training
  • AWS Certified Solutions Architect
  • AWS Certified SysOps Administrator
  • Scaled Agile SAFe
  • Familiarity with TOGAF & ISO 27001 Framework

Timeline

Senior PKI Engineer

Federal Reserve Bank of Richmond
05.2022 - Current

Professional Services Consultant

Venafi
05.2021 - 06.2022

Security Systems Engineer - Cryptographic Services

United Services Automobile Association
04.2016 - 05.2021

Technical Specialist II

HEB Grocery, Threat Assessments and Vulnerabilities
02.2013 - 04.2016

Master of Science - Information Systems & Security

University of The Cumberlands

Bachelor of Science - Computer & Information Technology

Texas A&M University At San Antonio

Similar Profiles

  • Sridhar Sambu

    Sridhar SambuSridhar Sambu

    Senior Consultant at Federal Reserve Bank of RichmondSenior Consultant at Federal Reserve Bank of Richmond

  • Asia Warden

    Asia WardenAsia Warden

    IT Service Desk Technician at Federal Reserve Bank of RichmondIT Service Desk Technician at Federal Reserve Bank of Richmond

  • John Anderson

    John AndersonJohn Anderson

    Senior Officer at Federal Reserve Bank of Richmond 5th DistrictSenior Officer at Federal Reserve Bank of Richmond 5th District

  • Collin Doan

    Collin DoanCollin Doan

    Sales Associate at Sams Club DistributionSales Associate at Sams Club Distribution

  • Karen Vasquez

    Karen VasquezKaren Vasquez

    Registrar at Urban Champions AcademyRegistrar at Urban Champions Academy

CREATE PROFILE