Resume
Shawn L. Donahue
https://www.linkedin.com/in/shawn-l-donahue/
BRIEF
I hold a Master of Science in Cybersecurity and Information Assurance and a Bachelor of Science in Information Technology Security. With experience working state government agencies, national ISPs, and AWS; I’ve served as a NOC team lead, Cloud Engineer, Network Security Engineer and Cyber Security III. My expertise includes securing critical infrastructure, managing network security operations, and protecting systems at scale. I’m committed to safeguarding data and ensuring robust security protocols for the organizations and people I serve.
KEY COMPETENCIES
Cybersecurity leadership, Incident response, Threat and vulnerability management, Cybersecurity reporting and presenting, Security guideline development, Excellent communication skills, Cloud infrastructure support, Cybersecurity training, Strategic thinking, Cross-functional collaboration
PROFESSIONAL EXPERIENCE
Cyber Security III
Incident Identification & Response: led incident response efforts, leveraging Darktrace NDR tools to detect, analyze, and respond to potential threats across networked systems. Implemented structured triage, containment, and root cause analysis, elevating the organization’s overall security resilience.
Runbooks & SOP Development: Authored and refined incident response runbooks and standard operating procedures (SOPs), ensuring clear guidance for rapid response actions. Developed HEAL and Recover playbooks to streamline recovery operations following incidents.
Endpoint, Network, and Cloud Forensics: Performed forensic investigations across endpoint, network, and cloud environments to identify, analyze, and respond to incidents. Leveraged Splunk and other SIEM tools to monitor and analyze logs, detect anomalies, and correlate events for comprehensive threat assessments. Documented findings and provided actionable insights to enhance incident response processes. Led projects to migrate logging to Splunk servers.
Tooling & Automation: Designed and implemented scripts and custom tools for automating security tasks, such as Cisco firewall integrations and API-based responses, reducing manual workload and response times. Initiated development of automated response capabilities that enabled faster detection and remediation processes. Integrated STIX/TAXII Federal ISAC threat feeds, enhancing visibility and response capabilities against advanced persistent threats.
Mentorship & Team Support: Served as a knowledge resource and mentor for junior team members, providing guidance on incident handling and advanced threat mitigation techniques. Acted as an escalation point during complex incidents, ensuring team cohesion and effective resolution.
Vulnerability Management: Utilized Tenable.io and Tenable.sc for proactive vulnerability scanning and analysis, generating actionable reports to inform risk mitigation strategies. Conducted thorough assessments of new applications to identify and address security weaknesses prior to deployment. Air-Gapped Systems Security: Developed and implemented guidelines for securing isolated field servers, aligning with NIST SP 800-53 and SP 800-82 standards to ensure the protection of critical infrastructure and compliance with cybersecurity regulations.OSINT and Public Exposure Monitoring: Conducted regular OSINT activities, including Shodan scans and external assessments, to identify, report, and mitigate potential vulnerabilities within public-facing systems. Proactively analyzed internet-facing assets and reported findings to maintain a secure perimeter against external threats.
Cybersecurity Training & Reporting: Delivered cybersecurity training sessions and regularly briefed stakeholders on threat landscape changes and current vulnerabilities, fostering a proactive security culture. Provided insights and recommendations based on Darktrace, Tenable, and MITRE frameworks, enabling data-driven decision-making.
Vendor Risk Assessments: Conducted thorough risk assessments of new and existing vendors, ensuring compliance with Colorado Information Security Policies (CISP). Evaluated vendor cybersecurity practices, identified potential risks, and recommended mitigation strategies to align vendors with organizational security standards.
Cloud Support Engineer, Network Monitoring and Scale
Advanced Technical Support: Delivered expert technical support to enterprise clients for critical AWS services, including Elastic Load Balancing, Auto Scaling, Amazon EC2, Amazon VPC, Amazon CloudWatch, Amazon CloudTrail, and AWS CloudFormation. Efficiently managed and resolved complex support requests via phone, text, and email, ensuring timely resolution of issues.
Performance Optimization: Assisted customers in optimizing their AWS infrastructure, leveraging tools and services to enhance scalability and performance. Provided actionable insights and recommendations to improve system efficiency and reliability.
Customer Relationship Management: Fostered strong relationships with enterprise clients by providing high- quality support and guidance, contributing to improved customer satisfaction and retention.
Performance Recognition: Consistently received high-quality daily reviews for exceptional service and support, reflecting a strong commitment to customer satisfaction and technical expertise.
Network Security Engineer
Firewall Management: Oversaw all aspects of firewall management, including upgrades, physical and software configurations, access control lists (ACLs), rules, VPN tunnels, and user management. Successfully deployed High Availability (HA) FMC for the first time, enhancing network security resilience.
Security System Implementation: Led the removal of Cisco WSAs to streamline network services, and bolstered security by deploying Cisco Identity Services Engine (ISE) and Cisco Umbrella DNS across regional sites, enhancing both security and compliance.
Incident Response Playbooks: Initiated and developed multiple incident response playbooks, standardizing and improving response procedures for cybersecurity incidents. Trained analysts on new systems and protocols to enhance team effectiveness.
Multiple Technical, NOC, and Engineering Roles
Systems Engineer III, Wi-Fi Core Operations
Systems Engineer II, Wi-Fi Core Operations
Team Lead, Enterprise Network Operations Center (NOC)Team Lead
Network Operations Center (NOC) Technician
Business Support Technician, Small and Medium Business
Residential Technical Support III
EDUCATION
Bachelor of Science, Graduated
Majors: Information Security
Master of Science, Graduated
Majors: Cybersecurity and Information Assurance
CERTIFICATIONS
ISC2 member, Certified in Cybersecurity
Actively enrolled in an ISC2 CISSP program
AWS Certified Cloud Practitioner
CompTIA Project+
CompTIA Linux+
Recently Held:
CompTIA Security+
CompTIA Network+
CompTIA A+
Cisco - CCNA Security
Cisco - CCNA
EC-Council Certified Ethical Hacker ( CEH )