Shawn Banta

Cloud Security Engineer

Portland, OR • shawnbanta@example.comLinkedInDownload PDF

Summary

Experienced Cloud Security Engineer specializing in AWS security architecture, vulnerability management, red teaming, and Infrastructure as Code. Proven track record of designing and automating security processes to protect critical environments at scale.

Experience

Cloud Security Engineer, Benchling

Feb 2023 – Present · Oregon · Remote

  • Built and automated a cloud vulnerability management process leveraging AWS-native tools and automation pipelines to streamline detection, triage, and remediation.
  • Led the design and implementation of an auditable, approval-based emergency access workflow to eliminate persistent production access.
  • Deployed and operationalized a CSPM platform with integration into ticketing and security workflows for rapid remediation.
  • Conducted security reviews of cloud-native features and third-party integrations to reduce risk and ensure best practice adherence.

Enterprise Security Engineer

Oct 2021 – Feb 2023 · San Francisco Bay Area

  • Designed and secured corporate IT infrastructure as the founding enterprise security engineer.
  • Implemented email security enhancements including DMARC enforcement and SPF/DKIM alignment.
  • Developed and launched a supplier risk assessment program with measurable controls and onboarding processes.
  • Hardened Okta and AWS Workspaces identity configurations to support a secure, scalable VDI environment.

Senior Offensive Security Engineer, Salesforce

Nov 2020 – Oct 2021 · Hybrid

  • Led red teaming and adversarial simulations targeting Salesforce production and corporate environments.
  • Built robust C2 infrastructure to emulate advanced persistent threats and validate detection mechanisms.
  • Crafted detailed attack narratives and exploit chains to demonstrate high-impact vulnerabilities.

Senior Enterprise Security Engineer

Nov 2019 – Nov 2020 · Hybrid

  • Architected and executed a secure enterprise data center migration aligned with data classification policies.
  • Advised the Cloud Center of Excellence, integrating security design patterns into global cloud strategy.

Enterprise Security Engineer

Mar 2018 – Nov 2019

  • Performed deep-dive infrastructure assessments and developed threat models to guide remediation.
  • Enabled security-by-design practices within DevOps teams through secure SDLC consulting.
  • Researched emerging threats to inform architectural hardening and detection priorities.

Information Security Engineer, Rally Health

Aug 2016 – Mar 2018 · Hybrid · San Francisco Bay Area

  • Led cloud environment security hardening and compliance readiness initiatives (HIPAA, SOC 2).
  • Built vulnerability scanning automation into CI/CD workflows across internal teams.
  • Launched TLS decryption and DLP coverage to improve security visibility and response.

Senior Information Security Engineer, Vantiv

Sep 2014 – Aug 2016 · Cincinnati, OH · Hybrid

  • Developed and deployed enterprise-wide security standards, improving audit outcomes and compliance posture.
  • Mentored junior engineers and analysts, scaling team expertise and capabilities.

Information Security Engineer II

Mar 2014 – Sep 2014

  • Managed endpoint security tooling for 10,000+ devices, improving detection precision and analyst efficiency.
  • Served as internal advocate for secure practices and trained technical teams on detection logic improvements.

Information Systems Client Administrator, Fischer Homes

Nov 2012 – Mar 2014 · Crestview Hills, KY · On-site

  • Maintained uptime and security for IT infrastructure including backups, VPNs, and LAN switching.
  • Delivered high-quality support to a distributed user base across four states.

IT Intern, Northern Kentucky Health Department

Jun 2012 – Aug 2012 · Erlanger, KY · On-site

  • Supported network operations, helped configure systems, and resolved technical issues across departments.

Education

  • Master of Science, Cybersecurity & Information Assurance
    Western Governors University (2019 – 2020)
  • Bachelor of Science, Computer Information Technology
    Northern Kentucky University (2007 – 2013)
    Tau Kappa Epsilon, CCDC Team

Licenses & Certifications

  • AWS Solutions Architect, SysOps Admin, Developer Associate
  • Terraform Associate – HashiCorp
  • OSCP, OSWP, OSCE – OffSec
  • GCIH, GWAPT, GSEC – GIAC
  • CISSP, SSCP – ISC2
  • CCSK – Cloud Security Alliance
  • CEH v8 – EC-Council
  • CompTIA A+, Network+, Security+
  • CCENT – Cisco
  • Black Hat: Advanced Infrastructure Hacking, Mastering Container Security

Visitor Count

Loading…

Blog

Read my latest post on what I learned while building this resume site.