Technical management with
legal and analytical rigor
Hello! I'm Sergio, a Cybersecurity Consultant with +3.5 years of demonstrable professional experience operating as a PKI expert in critical infrastructures, providing services from Telefónica Tech to clients such as MAPFRE.
My day-to-day is based on coordinating the Digital Certificates, Domains, and Delegated Signatures team, automating the certificate lifecycle through in-house development (Python), and technical management of signatures with solutions like DigiCert and nebulaCERT.
In addition to my technical side, I hold a Degree in Criminology. This equips me with extensive theoretical knowledge of security regulations (eIDAS, ENS, ETSI), as well as investigation methodologies (OSINT). This academic foundation is a key strategic complement when deploying and internally auditing secure architectures aligned with the law.
Applications and Automations
In the corporate environment, I not only manage infrastructures, but I also build efficient solutions to optimize processes and reduce operational times. Here are 2 of my flagship applications, which have significantly reduced service management times.
iLock 4.5
Tool that automates the certificate lifecycle. This tool is part of the Telefónica Tech project for MAPFRE and solves the imminent problem for companies adapting to the renewal policy imposed by the CA/Browser Forum, which foresees that certificates will only be valid for 47 days by 2029.
I automated the issuance of certificates, renewal of existing ones, automated notifications to administrator groups, expiration analysis, domain validation, pending request system, and integration with the internal PKI (Microsoft ADCS) using the DIGICERT API. Furthermore, it integrates a registration system logging all relevant data (owners, cost, administrator group, etc.) into our database.
Liberty Go 2.1
Tool created to automate time tracking for Telefónica Tech batches in MAPFRE using frequent codes and topics.
It is characterized by its deep integration with the Request Ticketing (RT) API, allowing not only automatic time tracking but also a powerful team indicator extraction system. This system evaluates key metrics in real-time such as invested efforts, volume of managed tickets, and progress in improving the operational efficiency of the technical team.
What can I bring
to a work environment?
I combine my solid operational technical specialization (+3.5 years) in PKI infrastructures and systems with the rigor of the regulatory and legal knowledge acquired through my studies and training in Criminology.
*Note: The skills listed under the "Regulations" tab refer to academic foundations and technical understanding of regulations. I do not hold auditor certifications or direct work experience in a GRC position, although I would be happy to specialize further if the position requires it.
Select your character
Swipe to see the roles where I can add immediate value to your team, highlighting my strong operational specialization in PKI and my profile as an advanced analyst/operator.
PKI Consultant / Advanced Operator
More than 3.5 years of technical experience.
Complete management of critical infrastructures for delegated signatures and certificates. Experience in hardened Tier 0 environments, managing the lifecycle of corporate cryptography and user support.
🔐 Certificate and Domain Management
DigiCert nebulaCERT TLS / EV / VMC / PKCS12 Domain Management⚙️ Infrastructure / OS
Microsoft ADCS HSM, CRL and CA Renewal Template creation and OCSP protocol Active Directory / DNS PAW Environments in Azure☁️ Automation & Cloud
Python LLMs (Gemini/Claude) AWS Cloudflare🎧 Advanced Level Support
Resolution of technical incidents for proxies and executives in portals using Autofirma and services like Contratación del Estado, Ivneos, etc.
Cybersecurity Analyst
Protection, monitoring, and threat investigation (Blue Team).
Very solid profile for defensive security. Great ability to learn quickly and adapt to SIEM solutions and internal corporate technologies.
🔍 Cyber Intelligence
OSINT Censys Shodan🕸️ Network / Web Analysis
Wireshark Burp Suite🔑 Management & ITSM
CyberArk HPSM RT🧠 AI and Efficiency
LLMs (Gemini/Claude)Use of Generative AI to optimize processes and scripts.
GRC Consultant / Regulatory Advisor
Synergy between Criminology and Cybersecurity.
I provide an analytical and investigative vision to understand and apply regulatory guidelines in the technical operations of corporate cybersecurity teams.
🏛️ European Standards
eIDAS ETSI 319 401 ETSI 319 411-1/2🛡️ Regulatory Frameworks
ENS NIST / MITRE ISO 27001 / 9001📊 Reporting & KPIs
PowerBI Suite O365Proven ability to draft executive reports.
💡 Differential Value
Criminologist profile: analytical and legal capacity applied to technical technology.
{{ item.companyName.en }}
{{ item.jobTitle.en }}
{{ item.desc.en }}
My journey to becoming
who I am today
With more than 3.5 years of professional trajectory as a PKI consultant, my career has been consolidated in the technical and operational management, as well as the automation of digital certificates for large multinationals.
My foundation as a Criminologist forged my analytical mindset and deep attention to legal compliance. Taking the leap into the technology sector through a specialized Bootcamp, I immersed myself in defensive cybersecurity, the Cloud ecosystem, and PKI architectures.
Today, at Telefónica Tech for clients like MAPFRE, I do not just operate critical security technologies; I design and implement developments (such as automations in Python and APIs) to streamline the key lifecycle, ensuring corporations comply with the latest global industry guidelines.
Interested in my profile?
Let's talk!
You can contact me through these channels. I would be delighted to attend an interview to detail how my +3.5 years of operational experience in PKI, OSINT, and regulatory knowledge can add value to your team.
-
Address: 28008, Madrid, Spain -
Mobile: -
-
Availability: Full-time