Abraham Ermann Ermann


Information Technology Professional with experience on diferent areas such as: end users desktop support, internal and external security hardware administration, local and domain policy administration; auditing: project management, business continuity (DRP, BCP, BIA's), software development, vendor compliance (SLA's and SI), and performing penetration testing (web app and mobile app), computer forensics, IS GAP Analisys.-

Work History

Work History
Jan 2004 - Present

IT Auditor

Banco de Chile

Since Jan 2004 working at Banco de Chile, Chilean bank and financial services company with headquarters in Santiago. It is a Financial institution who provides, directly and indirectly through subsidiaries and affiliates, a wide variety of credit and non-credit products and services to all segments of the Chilean financial market.

Employees: +16.000

Sr. IT Auditor Sep 2011 - today

Leading and participated in audits of general information technology policy, ISO 27000, SAS70 and SOX compliance controls in the company also to critical service external providers.

  • Conducted management/staff interviews
  • Focus on finding weaknesses in physical, system and network security
  • Monitoring and deliver presentations on the status of remediation measures.
  • Internal Fraud: Performed forensic analysis procedures including: collect data (imaging), chain of custody, data analysis (carving), and reporting.
  • Hack Events: GAP Analysis, Event Tracking, Logs Analysis and Breach Cost Estimation / affected clients


  • Recognition to compromise and employee engagement

IT Security Engineer Aug. 2009 – Sep 2011

As IT Security Engineer, Incident and Support Staff Handling:- Firewall Administrator (VPN Site-to-Site, Rule admin, Log control, troubleshooting staff)- IT Project Lead- Ensuring IT Security Compliance- Analysis / Deployment IT Policies

Remarkable projects of the period:

  • Implementation of eDMZ Solution (privileged account management)
  • Implementation of CA Access Control (control and monitor privileged users)
  • Implementation of McAfee Data Loss Prevention (DLP)
  • Implementation of F5 (Web Aplication Firewall)
  • Implementation of Imperva (Database firewall)

Senior IT Technical (C-Level Users) May 2007 – Aug 2009

Main responsibilities include:

Keep a 24/7 Support Service Mobile-Desktop maintenanceRe-Search and deployment of Software and Hardware solutions


  • First time leading people (2 external resources)

Back-Office Specialist Support Jun 2005 – May 2007

2 Level Support TeamHandled technical troubleshooting within an enterprise environment, including system crashes and slow-downs. ATM, Online Money Transfer and Account Operations dispute and resolution.Engaged and tracked Priority 1 issues, with responsibility for the timely documentation, escalation (if appropriate), resolution of trouble tickets.


  • recognition improve workgroup climate

Help Desk Operator Jan 2004 – Jun 2005

Provide networking/desktop support and perform mainframe and account maintenance tasks. Earned commendations for teamwork, flexibility and work excellence in providing IT support to entire Company.


  • promoted to 2 Level Support Team


Dec 2012

Software Engineering

Universidad Gabriela Mistral



Software Applications

Microsoft Suite (Word, Excel, Power Point, Access), Visio, Adobe suite, CAD Software

Network and Forensics Tools

NMAP, Wireshark, Nessus Scanner, HEX-Edit, PowerGrep, FTK Imager, OS-Forensics, EnCase, Volatility, PE Studio, Exeinfo PE., Sandboxie

Audit Tools

ACL, IDEA, Picalo

Operating Systems

Windows 7, 2008, Linux (Debian, Ubuntu, RedHat)

Database systems

DB2, MySQL, PostgreSQL, SQL-Server

Programming languages

PHP, Java, .Net, et al.



Análisis Forense y Auditoría de Aplicaciones WEB (OWASP)


Computer Forencics - EKO Party

Ing. Gustavo Daniel Presman (MCP – EnCE – CCE – EnCI - ACE)

Windows 7, Enterprise Desktop Support Techniciar

New Horizons

Certified Ethical Hacker V.8 (Ec-Council)