Shawnterio M.
Details
Cybersecurity
University of Maryland University College
2016 : 2017
Bachelors of Technology
Network Administration
State University of New York College of Agriculture and Technology at Morrisville
2009 : 2011
Associates in Applied Science
Information Technology/Information Systems Security
Erie Community College
2008 : 2009
Univera Healthcare
InfoSec & Cybersecurity Engineer III
2021 :
Erie Community College
Information Technology Advisory Board Member
Direct endpoint threat resolution matters through cloud-based security solutions, such as Qualys and CrowdStrike. Drive strict compliance to relevant regulations, including Payment Card Industry (PCI), General Data Protection Regulation (GDPR), and California Consumer Privacy Act (CCPA), by defining and updating security controls. Conduct penetration testing with Open-Source Intelligence (OSINT) tools to perform reconnaissance on publicly available accounts. Steer management of Proof of Concepts (PoCs) for third party security tools. Collaborate with multidisciplinary IT departments, such as networking, Point of Sale (PoS), and systems, to discuss Indicator of Compromises (IoCs) and security intelligence of devices, infra, and policies.
Optimized organizational cybersecurity measures by designing and executing reinforced cybersecurity policies, governance, and procedures.
Strengthened understanding of security processes through development of security awareness presentations and materials as well as information protection training sessions.
Advanced security intelligence capabilities of company by introducing XDR/SIEM infrastructure, leading to optimum security posture.
2019 : 2022
Delaware North
Senior Cybersecurity Engineer
Oversaw operations of enterprise security monitoring program with focus on continuous enhancement of company monitoring policies and procedures; incorporated efficiency boosts into program and drove personnel to achieve objectives in line with company standards as well as Chief Information Security Officer expectations. Analyzed security-impacting actions of system, database, application, and network administrators. Identified and escalated issues to senior management to ensure minimal risk. Organized department security policies by defining key information risk metrics and reporting procedures. Engaged with database team to ensure strict adherence of database infrastructure governance to security assurance principles.
Pioneered deployment of exceptional database activity and security monitoring infrastructure.
Conceptualized intelligent alerts to advance monitoring and questionable activity management capabilities.
Integrated enterprise-wide awareness program to improve security knowledge of information risk team.
2016 : 2019
Independent Health
Senior Security Engineer
Conducted analyses of cyber incidents and threats in order to devise remediation measures; assessed computer infrastructure to identify compromised systems with live response, logs, and centric evidence sources in compliance with operating standards. Served as point of escalation to associate event analysts and IT operations employees to maximize accuracy and efficiency of incident resolution processes. Coordinated with systems and firewall team to define objectives for network and system security firewall data processing on Soltra Edge platform.
Played key leadership role in enterprise-wide deployment/configuration initiative for Soltra Edge server virtualization, resulting in improved threat intelligence data analysis.
Created and executed security incident management process with ticketing features, HP Service Manager, and Resilient Systems.
Secured significant decrease in security risks by establishing open-communication lines with end users in terms of security concerns and queries.
Designed training workshops for associate analysts and senior leadership to enhance strategic decision-making processes in line with industry best practices.
2015 : 2016
M&T Bank
Security Event Analyst
Skills
API Development, Cisco Technologies, Cloud Security, Customer Service, Cyber Defense, Cyber Threat Intelligence (CTI), Database Security, DLP, Endpoint Security, Help Desk Support, IBM Guardium, Incident Response, Information Security, Information Security Management, Linux, Network Administration, Networking, Network Security, OWASP, Payment Card Industry Data Security Standard (PCI DSS), Penetration Testing, Risk Management, Security, Security Engineering, Security Information and Event Management (SIEM), Server Administration, Server Management, Technical Support, Threat & Vulnerability Management, Tripwire Enterprise, VMware, Vulnerability Assessment, Vulnerability Scanning, Web Application Security, Windows Server
About
First and foremost, I fell in love with computers at a young age when my uncle showed me how they operate, what they are used for, and understanding how they are changing the world. I didn’t know what I wanted to do at the time in the computer field because I had various passions in a lot of areas. By the time I arrived at college, my mentor, Mrs. Louise Kowalski, helped me grow my passion by introducing me into cybersecurity. Her teachings sparked my interested in this field because my curiosity grew on learning how to hack, but I ended up getting hacked myself. My personal information was compromised, and the hacker sent me a direct email saying they hacked me and how they did. I was beyond shocked, but it was eye opening for me.
At that very moment my life and passion grew to learn and gain the skills necessary in cybersecurity to learning all the tooling and techniques to defend against the bad guys defend. My motto is – “to defeat a bad guy, you must think and be like one.” Channeling The Art of War here.
Outside of work, I enjoy playing video games. In conjunction, in my current job role, I play games that involve using specialize tools to defend against outside intruders from invading. In gaming, studying, and testing out new tools and loadouts while playing is no different in staying up to date in knowledge, and testing out new tooling and loadouts in this field of cybersecurity. In addition, I am part of the Information Technology Committee at Erie Community College. My role involves helping reshape and provide ideals for growth within the Information Technology curriculum to pay it forward to future inspiring technologist.
Being certified as a cyber security engineering professional with extensive experience with providing leadership and direction to drive the achievement of key organizational IT security-related goals and objectives. I am skilled at developing and implementing strategic solutions designed to place the organization on a stable position in terms of information security. In addition, I bring proven strength building and maintaining strong relationships with business partners and project stakeholders based on the support provided and the effectiveness of the solutions presented. If you are looking to connect with a fast learning, curious, results-oriented senior cybersecurity specialist with years of cybersecurity experience – let’s get in contact!
Areas of Expertise include: Database Security, Security Intelligence, Network Security, Threat Analysis and Detection, Security Applications, Risk Management, Cloud Security
Profile Photo
