This month’s member spotlight is Pablo Agrio, vulnerability management lead for SHEIN. Pablo always felt that he had a knack for defense, on the sports field and in debates, pleading his case as a kid, so he looked for a career where he could fuse his interest in IT with his defensive mindset.
Knowing he had that IT interest, Pablo started his education earning a Bachelor of Science from San Diego State University in computer engineering, which allowed him to begin working in a Windows and Linux system administrator role. Not completely satisfied and looking to advance in his career, he began work towards a master’s degree in management information systems, which he would earn from National University. During this time, a position opened up at his company in the cybersecurity department. His reputation as a hard worker put him at the top of the list when they looked inwards to hire. He jumped at the opportunity, starting his journey in cybersecurity.
Over the next few years, Pablo held a few security analyst and engineer positions, where he developed his skills, earned his CISSP certification, and discovered his passion for vulnerability management — finally, the perfect marriage of defense and IT that he had been looking for.
Now, Pablo is the vulnerability management lead for SHEIN, where his day-to-day work consists of a cycle of scanning, reviewing, assessing, prioritizing, remediating, and validating. It’s a constant evaluation of what assets the organization manages and has on the network to analyze attack surfaces and threats to the company.
We asked Pablo to tell us more about his current work with SHEIN and how he has benefited from the culture of sharing in cybersecurity:
RH-ISAC: Sharing and collaboration are key to what we do. Can you share a story of how you were helped or when you helped another?
Pablo: I subscribe to the philosophy that failure is perception. Every opportunity is an opportunity to learn and grow, which is a positive. I’ve met a variety of characters throughout my journey, and each has helped me evolve into a better person and employee.
I’ve been able to pay it forward by helping a colleague who was in a similar situation as I had been. They were looking to advance their career but couldn’t find an organization willing to invest in them. I essentially trained my replacement. I mentored them until they were ready to take their first certification exam. They passed and eventually replaced me, allowing me an opportunity to continue my professional growth with another organization.
RH-ISAC: What do you think is the greatest benefit that the RH-ISAC community brings to your company?
Pablo: There’s a wealth of information available online to help cybersecurity professionals grow professionally, but communities like RH-ISAC help turn resources into something real. RH-ISAC provides members – including myself – with opportunities to meet, network, and collaborate with peers. This community helps us all learn new skills that we can take back and implement within our own organizations. Personally, I’ve started to share “proof of concept” scripts that help automate some of the daily or weekly TVM tasks that could be helpful to other RH-ISAC members.
RH-ISAC: What do you enjoy most about working in the cybersecurity field?
Pablo: As someone who’s very self-motivated and driven, I find enjoyment in the simplest and most complex things. We all know that cybersecurity is such a large field, which truly allows you to work across many different industries and roles. Personally, I’ve realized how much the cybersecurity industry can teach you, and I still find myself being a student of the game. Compared to other industries I’ve worked in, I’ve seen how rapidly cybersecurity is evolving, and it has allowed me to share my knowledge and experience with colleagues and peers.
RH-ISAC: What do you enjoy outside of work?
Pablo: I enjoy spending quality time with my children, family, and friends. I’m also a very active person and enjoy playing basketball, biking, hiking, and running.