Summary
Overview
Work History
Education
Skills
Affiliations
Websites
Certification
Additional Information
Timeline
Generic

Shaun Cody

Atlanta

Summary

Results-oriented and highly skilled Blue Team Cyber Security Engineer with over eight years of experience in designing, implementing, and managing robust security measures to safeguard organizations from cyber threats. Possessing a master's degree in healthcare informatics with Specialization in Cyber Security, I have a proven track record of developing and maintaining effective defense strategies, conducting comprehensive vulnerability assessments, and promptly responding to security incidents. I excel at collaborating with cross-functional teams to bolster network security and ensure adherence to industry standards. My strong analytical and problem-solving abilities, coupled with exceptional communication and leadership skills, contribute to my ability to deliver impactful results.

Overview

6
6
years of professional experience
1
1
Certification

Work History

Security Engineer II

Northside Hospital Atlanta
Atlanta, CA
08.2023 - Current
  • Investigated security breaches, evaluated risk factors, and developed remediation plans.
  • Determined possible breach of company proprietary data to unauthorized resources and analyzed past performance data to enhance operations.
  • Audited networks and security systems to identify vulnerabilities.
  • Updated virus protection systems based on computer virus reports.

SecOps Engineer I

Ent Credit Union
09.2022 - 08.2023
  • Implement and manage Trellix, LogRhythm, Azure, Proofpoint, ServiceNow, CheckPoint, and Palo Alto security solutions for effective cyber defense.
  • Conduct regular vulnerability assessments and penetration testing using the aforementioned tools to identify potential security risks and vulnerabilities.
  • Develop and implement robust incident response plans leveraging ServiceNow for efficient management and resolution of security incidents.
  • Design and configure network security policies using CheckPoint and Palo Alto firewalls to protect critical assets from unauthorized access.
  • Monitor and analyze security events and logs in real-time using LogRhythm to detect and respond to potential security incidents.
  • Implement multi-factor authentication (MFA) and access control mechanisms using Azure Active Directory for enhanced user authentication and authorization.
  • Utilize Proofpoint to effectively manage and protect against email-based threats such as phishing, malware, and spam.
  • Collaborate with cross-functional teams to ensure compliance with industry standards and regulatory requirements, leveraging Trellix for governance and risk management.
  • Conduct security awareness training and education programs to promote a culture of cybersecurity within the organization.
  • Perform regular security audits and compliance assessments using Trellix and ServiceNow to identify and address any non-compliant areas.
  • Maintain up-to-date knowledge of emerging threats, vulnerabilities, and industry best practices in the field of cybersecurity.
  • Provide technical guidance and support to IT teams and end-users for the implementation and configuration of security tools, ensuring smooth operation and maximum security effectiveness.

Cyber Security Analyst I

Morehouse School Of Medicine
08.2021 - 09.2022
  • Conduct regular risk assessments: As a Cyber Security Analyst, you will be responsible for performing routine risk assessments to identify vulnerabilities and potential threats within the healthcare organization's information systems and networks.
  • Develop and implement security policies: With your expertise in healthcare informatics, you can create and enforce security policies and procedures that align with industry standards and regulations, ensuring the protection of sensitive patient data.
  • Monitor network activity: You will need to monitor network traffic and log files, analyzing patterns and anomalies to detect any unauthorized access attempts or suspicious activities that could indicate a cyber threat.
  • Respond to security incidents: In the event of a security incident or breach, your role will involve coordinating incident response efforts, conducting investigations, and implementing corrective actions to mitigate the impact and prevent future incidents.
  • Perform vulnerability assessments: Regularly assess the organization's systems and applications for vulnerabilities, employing tools and techniques to identify weaknesses that could be exploited by attackers.
  • Conduct security awareness training: Educating staff and employees about the importance of cybersecurity and best practices is crucial. You will develop and deliver training sessions to promote awareness and help reduce the risk of human error leading to security breaches.
  • Ensure compliance with regulations: Healthcare organizations are subject to numerous regulations and standards, such as HIPAA. Your role will involve ensuring the organization's cybersecurity practices meet these requirements and assisting in audits and compliance assessments.
  • Implement access controls: To safeguard sensitive patient information, you will be responsible for implementing and managing access controls, such as role-based access and two-factor authentication, to restrict unauthorized access to critical systems and data.
  • Stay updated on emerging threats and technologies: Cyber threats evolve rapidly, and staying abreast of the latest trends, vulnerabilities, and security solutions is essential. You will need to continuously update your knowledge and skills through research, training, and professional development activities.
  • Collaborate with IT and healthcare teams: Effective communication and collaboration with IT teams, healthcare professionals, and other stakeholders are crucial to address cybersecurity concerns. You will work closely with these teams to develop and implement effective security measures and incident response plans.

Senior IT Engineer

Alexander Properties Group
12.2017 - 04.2022
  • Develop and maintain the infrastructure: An IT engineer in a financial institution is responsible for designing, implementing, and managing the technology infrastructure that supports the organization's financial systems, including networks, servers, databases, and security measures.
  • Ensure data security and privacy: IT engineers play a critical role in safeguarding sensitive financial data and ensuring compliance with industry regulations. They implement and manage security protocols, such as firewalls, encryption, access controls, and regular data backups.
  • Troubleshoot technical issues: IT engineers are adept at diagnosing and resolving technical problems that may arise in the financial institution's systems, software, or hardware. They investigate issues, identify root causes, and implement effective solutions to minimize downtime and maintain operational efficiency.
  • Manage software applications: IT engineers oversee the installation, configuration, and maintenance of software applications used in the financial institution. They ensure that the applications are running smoothly, perform updates and patches as needed, and provide technical support to end-users.
  • Collaborate with cross-functional teams: IT engineers work closely with other teams, such as finance, risk management, compliance, and operations, to understand their technology needs and provide appropriate solutions. They participate in project planning, contribute technical expertise, and ensure seamless integration of IT systems with business processes.
  • Conduct system upgrades and migrations: As technology evolves, IT engineers are responsible for evaluating and implementing system upgrades and migrations to ensure the financial institution remains up-to-date with the latest technologies. They plan and execute these transitions, minimizing disruption to business operations.
  • Monitor system performance: IT engineers monitor the performance of the financial institution's IT infrastructure, applications, and services. They utilize monitoring tools to track key performance indicators, identify bottlenecks or performance issues, and proactively optimize systems to ensure optimal performance and availability.
  • Implement disaster recovery and business continuity plans: IT engineers collaborate with business stakeholders to develop and implement robust disaster recovery and business continuity plans. They establish backup and recovery procedures, test the effectiveness of these plans regularly, and ensure the organization can swiftly recover from any unexpected disruptions.
  • Stay abreast of industry trends and technologies: IT engineers keep themselves updated with the latest trends, developments, and emerging technologies in the financial and IT sectors. They evaluate new technologies and assess their potential benefits for the financial institution, recommending strategic investments that enhance efficiency, security, and competitiveness.
  • Provide technical support and training: IT engineers offer technical support to end-users, resolving their queries and issues related to IT systems. They also provide training and guidance to employees on the effective use of technology tools, ensuring that they can leverage the available resources to enhance their productivity and efficiency.

Education

Master of Science - Informatics (Cyber Security)

Morehouse School of Medicine
Atlanta, GA
03.2023

Bachelor of Science - Information Technology (Cyber Security)

Southern New Hampshire University
Hooksett, NH
07.2021

Skills

  • LogRhythm: LogRhythm is a security information and event management (SIEM) platform that helps organizations monitor, detect, and respond to potential security threats It collects and analyzes log data from various sources to provide real-time insights and facilitate threat detection and incident response
  • Infocyte: Infocyte is a threat hunting and incident response platform that helps organizations identify and eliminate advanced persistent threats (APTs) and other malicious activities within their networks It conducts automated and manual threat hunting to detect hidden threats and provides actionable intelligence for effective incident response
  • Cloudflare: Cloudflare is a web security and performance platform that offers a range of services to protect websites and applications from various online threats It provides distributed denial-of-service (DDoS) protection, content delivery network (CDN) services, web application firewall (WAF), and other security features to enhance performance and secure online assets
  • Phishlabs: Phishlabs is a cybersecurity company that specializes in protecting organizations against phishing attacks They offer services such as anti-phishing threat intelligence, employee training and awareness programs, and incident response to help organizations identify and mitigate phishing threats
  • Azure Active Directory PIM: Azure Active Directory (Azure AD) Privileged Identity Management (PIM) is a service provided by Microsoft for managing and controlling privileged access within Azure AD It helps organizations monitor and manage privileged roles, perform just-in-time access, enforce multi-factor authentication, and maintain security and compliance for critical resources
  • Checkpoint Firewall: Checkpoint Firewall is a network security appliance or software solution developed by Check Point Software Technologies It provides firewall protection to secure networks by monitoring and controlling incoming and outgoing network traffic based on predefined security rules It helps prevent unauthorized access and defends against various cyber threats
  • FireEye/Trellix: FireEye/Trellix refers to FireEye's threat intelligence platform, Trellix FireEye is a cybersecurity company that offers a range of solutions for threat detection, prevention, and response Trellix is a central intelligence platform that aggregates and analyzes threat data from various sources to provide actionable insights and assist in identifying and mitigating advanced threats
  • Sophos: Sophos is a cybersecurity company that provides a wide range of security products and services Their offerings include endpoint protection, network security, email and web security, encryption, mobile security, and threat intelligence solutions Sophos aims to protect organizations from a variety of cyber threats
  • Active Directory On-premises: Active Directory (AD) is a directory service developed by Microsoft for managing user accounts, permissions, and network resources in a Windows domain environment Active Directory On-premises refers to the version of Active Directory that is installed and managed locally within an organization's own infrastructure, as opposed to using cloud-based directory services
  • ManageEngine AD: ManageEngine AD (Active Directory) is a suite of IT management solutions offered by ManageEngine, a division of Zoho Corporation It includes various tools and utilities for managing and monitoring Active Directory environments, such as user provisioning, group policy management, security auditing, and reporting
  • Carbon Black: Carbon Black is a cloud-native endpoint protection platform that provides advanced threat detection and response capabilities It uses artificial intelligence and machine learning to analyze endpoint activities and identify malicious behavior Carbon Black helps organizations detect and respond to sophisticated cyber threats on their endpoints

Affiliations

The Atlanta University Center Consortium is the world's oldest and largest consortium of historically Black colleges and universities. Comprised of four member institutions – Clark Atlanta University, Morehouse College, Morehouse School of Medicine, and Spelman College, the Consortium is a vibrant intellectual community with a long tradition of scholarship, service and community engagement. AUC Consortium, Inc., is a 501 (c)(3) nonprofit corporation under the laws of the State of Georgia, formed in 1929, operating on behalf of its members to advance each institution's mission and strategic goals by fostering collaboration, managing center-wide initiatives, offering services that benefit our students and community, and leveraging our shared resources.

Certification

Microsoft Certified: Security Engineer Associate AZ 500

Microsoft Certified: AZ - 900

Google IT Support Certification

CISSP In progress May 2023

Additional Information

Hosea Williams Feed the Hungry (2021)

Volunteered at BIG Miller Grove Church (2022)

Emmanual Missionary Baptist Church (2023)


Timeline

Security Engineer II

Northside Hospital Atlanta
08.2023 - Current

SecOps Engineer I

Ent Credit Union
09.2022 - 08.2023

Cyber Security Analyst I

Morehouse School Of Medicine
08.2021 - 09.2022

Senior IT Engineer

Alexander Properties Group
12.2017 - 04.2022

Master of Science - Informatics (Cyber Security)

Morehouse School of Medicine

Bachelor of Science - Information Technology (Cyber Security)

Southern New Hampshire University
Shaun Cody