Thomas Pavan, CISSP

CEO

Los Angeles, California, United States10 yrs 11 mos experience
Most Likely To SwitchAI Enabled

Key Highlights

  • Expert in application security and penetration testing.
  • Proven track record in ISO 27001 compliance.
  • Strong leadership in cybersecurity initiatives.
Stackforce AI infers this person is a Cybersecurity expert with extensive experience in application security and risk management.

Contact

LinkedIn

Skills

Core Skills

It Security PoliciesEmbedded SystemsInformation Security GovernancePenetration TestingCybersecurityApplication SecurityDevsecopsContinuous Integration And Continuous Delivery (ci/cd)

Other Skills

Hardware SecurityExecutive ManagementApplication Security AssessmentsAccount Portfolio ManagementArtificial Intelligence (AI)GitHub Advanced SecurityGitHub ActionsGitHub CopilotAmazon Web Services (AWS)ConsultingRisk AssessmentSSDLCpentestingCodeQLDocker

About

Experienced and versatile executive professional with hands-on experience in application development, engineering, hardware security, and penetration testing. Demonstrated success in establishing vulnerability triage frameworks and implementing enterprise security measures and policies. Skilled in designing secure IT infrastructures and software pipelines with automated security controls. Proficient in embedded systems security testing, as well as hardware vulnerability discovery and classification. Compliant with DoD IAM/IAT 8570 Level III requirements and holding an active DoD Secret security clearance.

Experience

Kynetics

Chief Information Security Officer

Jan 2026Present · 2 mos · Los Angeles, California, United States · Hybrid

  • Oversee the security lifecycle management of embedded systems, ensuring robust protection against vulnerabilities.
  • Develop and implement corporate security policies and application security software, enhancing overall security posture.
  • Leading initiatives for ISO 27001 compliance, fostering a culture of security awareness within the organization.
  • Conduct hardware penetration testing to identify and mitigate potential security risks in products.
IT Security PoliciesEmbedded SystemsInformation Security GovernanceHardware SecurityExecutive Management

Mastodon security

Principal Ethical Hacker

Oct 2025Present · 5 mos · Veneto, Italy · Remote

  • Conduct comprehensive penetration testing across network, cloud, web, and hardware environments to identify vulnerabilities.
  • Lead client engagements from Request for Information (RFI) through Statement of Work (SOW) to project closure, ensuring seamless project execution.
  • Develop and maintain client relationships, providing trust and collaboration throughout the project lifecycle.
Penetration TestingApplication Security AssessmentsAccount Portfolio Management

Infomagnus

Senior DevSecOps Consultant

Jun 2024Present · 1 yr 9 mos · Los Angeles Metropolitan Area · Remote

  • Supported application security initiatives and AI activities, specializing in GitHub Advanced Security and GitHub Copilot.
  • Provided expert guidance to customers on their adoption journey for GitHub Advanced Security and GitHub Copilot.
  • Achieved accreditation as a professional in GitHub Actions, Copilot, Administration, and Advanced Security.
  • Collaborated with teams to enhance security practices and streamline development processes.
CybersecurityArtificial Intelligence (AI)GitHub Advanced SecurityGitHub ActionsGitHub Copilot

Mastodon security llc

Owner

Nov 2023Present · 2 yrs 4 mos · Santa Clarita, California, United States · Hybrid

  • Providing a diverse spectrum of IT security services including risk assessment, SSDLC, threat intelligence, pentesting, security training/coaching, embedded systems/ICS security assessment, using an unbiased holistic approach.
CybersecurityAmazon Web Services (AWS)ConsultingGitHub Advanced SecurityRisk AssessmentSSDLC+4

Coveros

Senior Security Consultant

May 2022Nov 2023 · 1 yr 6 mos · Fairfax, Virginia, United States · Remote

  • Engaged customers with security risk assessments including attack surface identification, threat modeling, penetration testing, coaching and remediation.
Amazon Web Services (AWS)Penetration TestingGitHub Advanced SecurityRisk AssessmentContinuous Integration and Continuous Delivery (CI/CD)pentesting+8

Micro focus

Worldwide Security Solution Enablement - Fortify

May 2019May 2022 · 3 yrs · Santa Clara, California, United States · Remote

  • Provided worldwide training, support and technical expertise to field engineers and pre-sales teams on Micro Focus Fortify application security software portfolio.
Amazon Web Services (AWS)Continuous Integration and Continuous Delivery (CI/CD)Application SecurityVulnerability AssessmentDockerVulnerability

Farmers insurance

DevSecOps - AppSec Lead

Jun 2017May 2019 · 1 yr 11 mos · Woodland Hills · On-site

  • DevSecOps and digital modernization champion.
Amazon Web Services (AWS)Continuous Integration and Continuous Delivery (CI/CD)Application SecurityDockerJenkinsAgile Methodologies+1

Azubu

QA Architect

Apr 2015May 2017 · 2 yrs 1 mo · Greater Los Angeles Area · On-site

  • Design, testing and implementation of systems, processes and documentation for software QA automation and continuous delivery - integration within an Agile SDLC, using Selenium Webdriver with Java, Jenkins, Protractor, AngularJS, Jasmine TDD, NodeJS, MongoDB, PostgreSQL, Docker-Vagrant and AWS.
Amazon Web Services (AWS)JavaContinuous Integration and Continuous Delivery (CI/CD)DockerDevSecOps

Us navy reserve

Chief Petty Officer

Mar 2005Present · 21 yrs · Ventura County, California, United States · On-site

  • Operations LCPO overseeing 7 sailors supporting "O" Level maintenance for five C-130 Hercules aircraft with a US Navy high tempo fleet logistic support squadron.
  • Command: VR-55 "Minutemen"

Education

Scuola Sottufficiali Marina Militare Taranto

BS EE — Power Engineering

I.T.I.S. "A. Rossi"

Cert — Marine Diving Technologies

Jan 2002Jan 2003

College of the Canyons

Associate of Science - AS — Computer Engineering

Aug 2025Dec 2027

Stackforce found 100+ more professionals with It Security Policies & Embedded Systems

Explore similar profiles based on matching skills and experience

Sanal Narayan

Sanal Narayan

Director Information Security

at Victoria's Secret

Bengaluru, India21 yrs 8 mos exp
Application SecurityCybersecurity GovernanceIT Risk ManagementIdentity ManagementSecurity Operations
Venicia Solomons

Venicia Solomons

Lead Cloud Security Architect

at Carlsberg Group

Copenhagen, Denmark17 yrs exp
Business OwnershipCloud SecurityCyber Threat Intelligence (CTI)CybersecurityLeadership
Krutin Karia

Krutin Karia

Product Security Leader

at Atlassian

Bengaluru, India20 yrs exp
JW

James Warren

Senior Vice President

at Stanton House

Chicago, United States11 yrs 5 mos exp
Abhinav Srivastava

Abhinav Srivastava

Founder and CEO (Acquired by JumpCloud)

at Breez

New York City, United States22 yrs 8 mos exp
Pankaj Badgotra

Pankaj Badgotra

Founding Member

at Stealth Startup

India8 yrs 11 mos exp
DevSecOpsInformation Security ManagementPenetration TestingProduct Security
Farhad K.

Farhad K.

Executive Cloud Security Architect

at CGI

Munich, Germany12 yrs 6 mos exp
Cloud SecurityIdentity and Access Management (IAM)Microsoft 365Security Information and Event Management (SIEM)
Mitchell T.

Mitchell T.

Founder

at securemetrics.

Phoenix, United States5 yrs 4 mos exp