PHILIP SHOETAN

Services: IAM, PAM, Active Directory, and application integrations (Okta, Auth0, MFA/SSO, access reviews, AD/environment cleanup).

• Advise and implement IAM and PAM strategies, helping organizations enforce least privilege, secure privileged accounts, and align identity processes with compliance and risk standards.
• Deliver identity platform and application integrations, reducing overprivileged accounts and improving operational security.
• Conduct risk assessments, remediation planning, and governance guidance, strengthening identity security while minimizing business disruption.

• Trusted by the CISO to support security governance and team growth, including participation in interview and onboarding panels, mentoring new team members, and acting as a technical point of escalation.
• Led enterprise security tool evaluations, owning the full lifecycle from Proof of Concept (PoC) and architectural assessment through integration, pilot deployment, CAB presentation, and enterprise-wide rollout.
• Designed and operated modern security capabilities across enterprise and cloud environments, including EDR, NDR, IAM/PAM, SIEM, and data protection platforms.
• Served as a key member of the cyber incident response team, leading investigation and remediation of security incidents and assessing threats across the IT enterprise.
• Defined business monitoring and logging standards in collaboration with stakeholders to improve visibility, compliance, and detection coverage.
• Administered and optimized security tooling such as CrowdStrike, Okta, Delinea PAM, Umbrella, Sumologic SIEM, Palo Alto Panorama, and Mimecast to support detection, response, and data protection.

• Owned identity and access governance across enterprise banking systems, managing employee identities, entitlements, and privileged access in alignment with regulatory and security requirements.
• Led access reviews, recertifications, and AD hygiene initiatives, identifying and remediating excessive, orphaned, and stale access to reduce privilege creep and strengthen audit compliance.
• Administered and maintained CyberArk PAM, including privileged account lifecycle management, cleanup of unused or over-privileged accounts, and certificate management and renewal.
• Partnered with IT, risk, and audit teams to respond to audits, validate IAM controls, and ensure continuous regulatory compliance (e.g., PCI DSS).
• Automated IAM operational tasks using PowerShell, improving consistency, efficiency, and reducing manual errors in access and AD management.
• Managed access for critical platforms including SWIFTNet and Nasdaq, ensuring appropriate segregation of duties and adherence to security standards.

• Trusted client advisor, presenting security posture, risk mitigations, and incident response outcomes to enterprise clients across the EU, gathering feedback to ensure SLA, RTO, and RPO compliance.
• Guided and escalated security investigations, mentoring L1 teams, improving incident response efficiency, and ensuring alignment with client SLAs.
• Monitored enterprise and client environments 24/7 across SIEM platforms (Splunk, QRadar, Sentinel), identifying threats and providing actionable intelligence.
• Performed advanced threat detection and analysis using EDR/XDR tools (CrowdStrike, Taegis, Cynet, Darktrace) and leveraged additional intelligence sources (Insight, Dark Web scanning, Mandiant DNS enumeration) to proactively mitigate risks.
• Collaborated with client security teams to investigate, remediate, and report incidents, supporting regulatory compliance and strengthening overall risk posture.

• Managed end-tManaged end-to-end EUC operations across Europe for 12,000+ employees, provisioning hardware, preloading OS images with company applications, and ensuring devices were deployment-ready.
• Ensured endpoint security and compliance, managing VPN certificates, patching via Jamf and Intune, performing vulnerability remediation with Qualys, and participating in CAB meetings for enterprise patch/change policies.
• Automated administrative tasks and performed secure remote management via PowerShell and BeyondTrust, improving efficiency and maintaining consistent endpoint configurations.
• Collaborated with Infosec, networking, and IT teams on bridge calls to resolve critical incidents, mitigate risks, and maintain business continuity while overseeing hardware lifecycle in coordination with procurement.

• Trusted enterprise IT generalist, providing end-to-end support across endpoints, software, networking, and security for employees across Europe, ensuring operational continuity and SLA compliance.
• Managed user accounts and access across multiple platforms including Ondemand, AS400, STARS, Okta, AWS Workspace, and VMware Virtual Desktop, enforcing policy compliance and segregation of duties.
• Administered Active Directory, printers, devices, and BitLocker, while preparing and imaging new hardware with preinstalled company applications for seamless onboarding.
• Resolved 25+ IT service requests and incidents daily via ServiceNow and on-call support, leveraging remote tools (RDP, Bomgar, Nexthink, BeyondTrust) to troubleshoot endpoints, software, and network issues.
• Managed VPN certificates, Intune, patching, and endpoint security compliance, collaborating with Infosec, networking, and server teams on bridge calls to resolve critical incidents and ensure business continuity.

• Provided technical support for hardware, software, and network issues, troubleshooting and resolving client requests.
• Assisted in the configuration and management of security tools, ensuring proper setup and functionality.
• Monitored systems for security vulnerabilities and responded to incidents under guidance.
• Supported routine system updates, patch management, and security audits.
• Managed user access controls and supported basic identity management tasks.
• Assisted in maintaining IT infrastructure, ensuring optimal performance and security compliance.

• Installed and replaced routers, switches, and servers on/off-site for banks and clients.
• Managed Windows AD, including user accounts, group policies, and access control.
• Monitored IT infrastructure daily, ensuring optimal performance and uptime.
• Performed maintenance, troubleshooting, and hardware upgrades to prevent downtime.
• Provided on-site and remote support, optimizing IT infrastructure and security.