NICOLAS SHRUBSTOK
Miami,FL
Summary
Highly motivated, strategic, and articulate Security Professional seeking a role with increased responsibilities to stimulate growth and ensure secure organizational efficacy within the modern technological realm. Possess a passion for aligning security architecture plans and processes with security frameworks and business goals. Extensive experience developing and testing security solutions for cloud-based software, while being versed in robust network defense strategies. A results-driven professional with notable success in planning, analysis, and implementation of security initiatives across the board.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Lead Cybersecurity Analyst
Hit Promotional Products
09.2022 - Current
- Successfully manage and direct daily operations for Hit Promotional Security Operations Center (SOC), ensuring continuous monitoring, detection, and response to security events
- Spearhead design and implementation of Identity and Access Management (IAM) strategies within Azure and AWS, including Single Sign-On (SSO), SAML integrations, OAuth, FIDO2, Identity Federation, and Multi-Factor Authentication (MFA) using Duo Security
- Configure security related software such as CrowdStrike, Umbrella, Cloudflare, Intune, and SecureWorks XDR to detect and prevent malicious activities
- Administer and monitor cloud-based firewalls, while implementing, managing, and monitoring resource security in Azure
- Oversee organizational compliance initiatives, spearheading SOC 2 engagement for top 3 national supplier from scratch, ensuring organizational regulatory compliance to SOC 2 and ISO 27001 which contributed to millions of dollars in revenue for the organization.
- Develop and maintain comprehensive regulatory compliance frameworks for third-party relationships, ensuring adherence to industry-specific regulations, utilizing BitSight, Third-Party Trust, and Jira Cloud boards
- Proficiently utilize Splunk SIEM to analyze, detect, and respond to security incidents, enhancing real-time threat monitoring and incident management
- Conduct thorough vulnerability testing through Qualys and Nessus, identifying and addressing weaknesses to fortify organization's cyber defenses
- Manage company-wide compliance training and orchestrated phishing simulations, enhancing employee awareness while reducing potential security risks through KnowBe4
- Collaborate with third-party payment card industry (PCI) compliance partners such as Bank of America and American Express
- Direct in-house cybersecurity auditing program to detect flaws and weaknesses within various software , while also designing company-wide policies to bring operations in line with Center for Internet Security (CIS) standards.
Security Analyst
ClearGage LLC
09.2021 - 09.2022
- Oversaw SOC incident response and monitoring infrastructures.
- Identified, researched, and resolved suspicious events using SIEM and analysis tools (Alert Logic, AWS, Splunk).
- Administered cloud-based environments utilizing Azure and O365
- Configured and tested network security systems and tools to ensure top-quality infrastructure security and risk mitigation.
- Deployed data protection controls while overseeing File Integrity Monitoring and use of data files for regulated access within Varonis
- Automated security controls, data handling processes, and operational procedures to streamline security operations
- Performed lead responsibilities, including SOC shift briefings, aligning team with goals and processes requested by upper management.
- Educated and trained users on information security policies and procedures, while administering compliance training programs like KnowBe4.
- Improved Vulnerability Management process, successfully decreasing high-risk vulnerabilities by 75% while spearheading the adoption to organizational SLA's for patching.
- Coordinated development of roadmaps and standard processes for Identity and Access Management.
- Led implementation of multi-factor and SSO authentication for all users, improving security without negatively impacting productivity.
- Conducted risk analysis while participating in filing and creation of GRC goals.
- Provided safety reports and data analysis to management to relay trends and security processes.
Network/Security Specialist
TEKsystems
06.2021 - 09.2021
- Analyzed and defined client requirements to ensure resolution of network and security needs.
- Resolved virus and malware issues with 100% success rate.
- Investigated and resolved incidents of unauthorized access to sensitive information.
- Troubleshooted and resolved access management provisioning workflow errors.
- Mitigated risk by analyzing complex computer systems to assess vulnerabilities and ensured GRC standards were met.
- Ensured systemic communication between Cisco devices in corporate environment.
- Executed client network resolution through collection of network performance data, hardware/software modernizations, and regular servicing of WLAN.
- Carried out campus-wide audits of devices and information to effectively maintain domain knowledge-based documentation..
Tier 1 Support Engineer
VirtuStation
06.2020 - 06.2021
- Assisted clients with data migration and warehousing from physical servers to cloud operating systems, specifically Azure
- Configured Firewalls, VPN connections, and workstation baselines in order to ensure secure working environments
- Managed organizational Azure Active Directory service and 80% of ticket queue, while implementing Multi-Factor Authentication and Single Sign-On functionalities
- Provided technical support for users, ranging from network resolution, configuration of operating systems, and timely support in response to ticket requests
- Promoted growth by administering metric consultation and communication to stakeholders regarding high priority managed services
- Regular installation and refurbishment of software for clients through remote monitoring and management
- Management of End-User Accounts and Help Desk ticketing platform in order to promote efficient troubleshooting and resolution of client requests.
Network Support Specialist
AJAX Technologies Inc
01.2019 - 06.2020
- Onboarding of new clients by assessing business requirements and use of agile project management tools (Primarily Jira)
- Performed network diagnostics to determine performance levels and detect existing faults in infrastructure with monitoring platforms such as Windows and SolarWinds
- Provided management and support for all major clients, while implementing and following change control processes for all operational and development goals
- Analyzed security logs to improve client performance, address operational issues, and improve resource allocation
- Configured Identity and Access Management solutions for over 100 devices using Azure AD and installed firewalls to connect and protect users
- Compiled monthly network reports and infrastructure metrics using native windows tools such as PerfMon and third-party applications such as Microsoft Power BI.
Education
Bachelor of Science - Political Science, Information Systems
Towson University
Baltimore, MD05.2018
Skills
- Adaptability
- Application Security
- Cloud Security Administration
- Communication
- Cybersecurity Policy Development
- Email Security
- File Integrity and Monitoring
- Identity Access Management (IAM)
- Incident Response Management
- Information Security
- Management
- Malware Analysis
- Network Security
- Operational Improvements
- Operating Systems & Virtual Machines
- Preventative Maintenance
- Problem Solving
- Project Management
- Risk Management
- SSO & SAML Integrations
- SQL
- Security Frameworks and Auditing
- SNMP Monitoring
- Splunk SIEM Management
- Threat Detection & Remediation Activities
- Vulnerability and Penetration Testing
- Training Junior Team Members
Certification
- Microsoft Azure Fundamentals (2021)
- ISC2 Certified in Cybersecurity (2023)
Timeline
Lead Cybersecurity Analyst
Hit Promotional Products
09.2022 - Current
Security Analyst
ClearGage LLC
09.2021 - 09.2022
Network/Security Specialist
TEKsystems
06.2021 - 09.2021
Tier 1 Support Engineer
VirtuStation
06.2020 - 06.2021
Network Support Specialist
AJAX Technologies Inc
01.2019 - 06.2020
Bachelor of Science - Political Science, Information Systems
Towson University
- Microsoft Azure Fundamentals (2021)
- ISC2 Certified in Cybersecurity (2023)
Similar Profiles
Eric TiensivuEric Tiensivu
Warehouse Worker at Hit Promotional Products Inc.Warehouse Worker at Hit Promotional Products Inc.
Maikel Rondon RuizMaikel Rondon Ruiz
Warehouse Packer at Hit Promotional Products Inc.Warehouse Packer at Hit Promotional Products Inc.
Angelica OrozcoAngelica Orozco
Production Expeditor at Hit Promotional Products Inc.Production Expeditor at Hit Promotional Products Inc.