Jason Shuck
Mars
Summary
Strategic IT security leader with a proven track record in enhancing organizational resilience and ensuring robust compliance across diverse regulatory landscapes. Expert in proactive risk identification, comprehensive vulnerability assessments, and the implementation of targeted remediation strategies to safeguard critical assets. Proficient in key compliance frameworks, including NIST cybersecurity framework, ISO27001, and PCI-DSS. Adept at developing and deploying impactful security awareness programs, optimizing security controls, and formulating refined internal policies to minimize exposure. Skilled in fostering collaborative environments to address complex security challenges and embed best practices throughout the organization.
Overview
24
24
years of professional experience
1
1
Certification
Work History
Lead Information Security Analyst
Wells Fargo
03.2016 - Current
- Conduct comprehensive information security risk assessments for a wide range of enterprise technology assets, ensuring identification, remediation, or risk-based acceptance of vulnerabilities in alignment with the organization's risk appetite.
- Oversee the end-to-end execution of information security assessments, providing expert guidance on findings and implementation of effective mitigation controls.
- Advise stakeholders on information security best practices to drive adherence to enterprise security policies, procedures, and standards.
- Preside over mentorship of junior team members, fostering growth, enhancing team capabilities, and promoting knowledge sharing across the security function.
- Review and interpret internal and enterprise-wide information security policies and standards, offering actionable recommendations for continuous improvement.
- Collaborate with cross-functional teams to resolve security issues with urgency and align efforts with organizational objectives.
- Led enterprise-wide initiatives to enhance information security awareness and ensure compliance with security policies, standards, and processes, resulting in increased organizational adherence.
- Directed remediation of security assessment findings and complex data analysis, reducing risk exposure and improving reporting efficiency.
- Evaluated and improved internal security policies and procedures, delivering actionable recommendations that strengthened operational security and minimized vulnerabilities.
- Consistently exceeded monthly target of completed information security assessments-50% above the required quota, earning recognition from management and being entrusted with additional assessments to support team-wide goals.
Systems/Security Administrator
Tiversa
Pittsburgh
03.2011 - 03.2016
- Spearheaded IT support for critical DoD projects under active Top-Secret clearance, ensuring operational continuity and strict security compliance.
- Built and managed a high-performing IT infrastructure team, streamlining the separation of duties and improving organizational efficiency.
- Managed PCI-compliant IT infrastructure to ensure high availability and a strong security posture.
- Administered 60+ Windows/Linux servers supporting core services (AD, DHCP, DNS, File/Print, IIS, SQL AlwaysOn, Solr Cluster).
- Oversaw advanced network security tools, including Layer 7 Next-Gen Firewall (App Control, GeoIP, Botnet filtering, WAF), and endpoint protection solutions.
- Maintained large-scale storage systems: 1.5PB Isilon NAS (SyncIQ, SmartPools, Deduplication) and NetApp SAN.
- Supported messaging environment via MS Exchange 2010 and ensured effective vulnerability and integrity scanning (Syslog, HIDS, file integrity monitoring).
- Designed and deployed scalable IT infrastructure for MetlifeDefender.com, supporting global identity theft protection services.
- Developed and enforced comprehensive IT policies and procedures, aligning operations with industry standards and best practices.
- Oversaw successful PCI-DSS audit, achieving 100% compliance and significantly enhancing the company's data security posture.
- Deployed Next-Gen firewall capable of handling 2.5M concurrent connections with full IDS/IPS and AV scanning.
- Seamlessly migrated 300TB of data to a 1.5 PB NAS solution with minimal downtime and preserved access control.
- Authored and executed a technology relocation plan for the full company infrastructure.
- Upgraded Active Directory (2003 to 2008 R2) and Exchange (2003 to 2010).
- Implemented automated patch management (WSS and third-party tools).
- Built and led an IT infrastructure team to meet PCI separation-of-duties requirements.
Systems Administrator
Duquesne University
Pittsburgh
01.2007 - 03.2011
Network/System Administrator
Wilkinsburg School District
Wilkinsburg
06.2002 - 01.2007
Information Technology Systems Manager
Greater PA Regional Council of Carpenters
Pittsburgh
12.2001 - 06.2002
Education
Bachelor of Science - Information Technology
Duquesne University
Pittsburgh, PASkills
- Information Security Risk Identification
- Cyber Security & Risk Management
- Security Policy & Standards Development
- Threat & Vulnerability Management
- Security Awareness & Training
- Security Assessment & Remediation
- Data Analysis & Reporting
- Strategic Planning and Execution
- Training and Mentoring
- Organizational Leadership
- Cross-functional Collaboration
- NIST
- PCI-DSS
- FFIEC
- Evaluation of security controls
- CISA
- Firewalls
- Active Directory
- Network Protocols
- SIEM
- Strong attention to detail
- Problem-solving
- Strong communication
- Collaboration
- Time Management
- Information security assessments
- Vulnerability remediation
- Best practices implementation
Certification
Certified Information Security Auditor (CISA)
Timeline
Lead Information Security Analyst
Wells Fargo
03.2016 - Current
Systems/Security Administrator
Tiversa
03.2011 - 03.2016
Systems Administrator
Duquesne University
01.2007 - 03.2011
Network/System Administrator
Wilkinsburg School District
06.2002 - 01.2007
Information Technology Systems Manager
Greater PA Regional Council of Carpenters
12.2001 - 06.2002
Bachelor of Science - Information Technology
Duquesne University