Profiles search
Shawn Stephens
Senior Cyber Engineer (Automation) - GPYC, GPEN, GWAPT, GCIH, GCIA
Orlando, FL, United States
Details
Experience:
Roles and responsibilities include deployment and configuration of classified LANs, automating redundant tasks, implementing security controls in line with NIST SP 800-171/800-53, provisioning user Windows, Mac, and Linux devices, supporting offline repository updates, and generating security artifacts to assist gaining Authorities to Operate (ATO).
• Developed a CLI based Go application for performing McAfee anti-virus definition updates from a CD/DVD. The application uses concurrency to SSH to multiple hosts and perform a series of commands within a classified environment.
• Championed the use of Infrastructure as Code, DevSecOps, and extreme automation for reducing human error and labor costs associated with establishing a Classified Network.
2021 : Present
Research Innovations Incorporated
Information Security Engineer
Roles and responsibilities include deployment and configuration of private cloud environments. Support application development environments based on CentOS8/RHEL 8. Design, Implement, and optimize Continuous Integration/Continuous Deployment (CI/CD) pipelines. Perform Vulnerability Assessments of systems and applications using industry standard tools.
• Lead the design and configuration of GitLab CI/CD pipelines to perform automated testing and security checks. Pipelines performed all-in-one and multiple-node deployment, Selenium tests, OpenScap scanning, and OWASP ZAP full scans to provide actionable results to developers prior to releasing software.
• Supported the design and deployment of Splunk Phantom into a hardened Blue-Team server stack used for production forensic and cyber responses.
• Stewarded the DevSecOps methodology to enhance the security and improve software release timeframes on multiple programs.
• Developed Ansible collections and roles to support operational system checks of F5, NetApp, Dell Servers, vSphere, NSX and custom applications across multiple security classifications.
2020 : 2021
ManTech
Senior Cyber Engineer
Roles and Responsibilities include automating installations, application updates, and other redundant tasks using a variety of methods and languages. Employ security throughout the development lifecycle to provide the customer with hardened products.
● Lead and participated with a small team on engineering activities to support updating Command and Control deployments. Converted multiple bash scripts into Ansible Roles for deploying Redmine, MatterMost, NextCloud, NGINX with additional modules, and PostgreSQL 12 on Red Hat Virtualization (RHEV). Performed Automated DISA STIGs of RedHat 7 and PostgreSQL using Ansible playbooks.
● Containerize open source tools onto hardened Red Hat Universal Basic Images
● Utilize GitLab CI/CD to develop pipelines for automating compilation, software testing, containerization, and deployment
2020 : 2020
ManTech
Automation Engineer
Roles and responsibilities include configuration and maintenance of private cloud. Hardware and software include : NetApp Ontap 9, vSphere 6.x, ESXi, NSX, Red Hat, Cisco Nexus and Catalyst devices, F5 physical and virtual firewalls.
• Reconfigured and updated a private cloud to accommodate the removal of staging and testing sandboxes to provide a Production only training system.
• Developed a deep understanding of VMware and other virtualization technologies to increase efficiency and cost benefits using existing hardware.
• Provided micro-segmentation of networks using NSX to minimize the risk of spillage between multiple sandbox environments.
• Utilize DevOps principles to integrate vendor software, containers, and virtual machines within several sandbox environments.
• Develop Ansible and Powershell scripts to automate routine infrastructure management tasks. Includes iDRAC Generic LDAP configurations, vSphere Advanced Settings, and NetApp configurations.
2019 : 2020
Cole Engineering Services, Inc.
Cyber Security Engineer
Roles and responsibilities include developing new Windows 10 images for use in 80+ customer sites, assembly of server racks and video teleconferencing equipment, and maintaining and revising operating/assembly guides. Server racks include commercial off the shelf (COTS) hardware and software along with proprietary software in various rack configurations. Equipment includes Dell servers, Cisco routers, switches and firewalls, and network encryptors.
● Mitigated $1.1 million of lost equipment and labor dollars due to excessive heat from failing IPS safe cooling. Actions led to recognition from Mission Operations Engineering (MOE) Lead/Manager.
● Develop Powershell scripts to automate common configuration tasks reducing configuration errors.
● Apply security configurations in accordance with applicable DISA STIGs.
● Perform SCAP scans of new media, prior to deployment to production environment.
● Coordinated and executed 3 subcontract line items totaling $162 thousand of program taskings, meeting all aspects of cost, schedule, and performance.
● Install commercial off the shelf (COTS) hardware and software along with proprietary software in various rack configurations. Equipment includes Dell PowerEdge R630, Cisco switches, KG175-D network encryption, Cisco ASA 5515-X, and Cisco routers.
● Develop and revise current operating procedures and documentation, using Microsoft Visio and other Office products.
● Perform lab testing of future and current networked environments prior to deployment to the production environment.
2017 : 2019
Northrop Grumman
Systems Engineer
• Developed a CLI based Go application for performing McAfee anti-virus definition updates from a CD/DVD. The application uses concurrency to SSH to multiple hosts and perform a series of commands within a classified environment.
• Championed the use of Infrastructure as Code, DevSecOps, and extreme automation for reducing human error and labor costs associated with establishing a Classified Network.
2021 : Present
Research Innovations Incorporated
Information Security Engineer
Roles and responsibilities include deployment and configuration of private cloud environments. Support application development environments based on CentOS8/RHEL 8. Design, Implement, and optimize Continuous Integration/Continuous Deployment (CI/CD) pipelines. Perform Vulnerability Assessments of systems and applications using industry standard tools.
• Lead the design and configuration of GitLab CI/CD pipelines to perform automated testing and security checks. Pipelines performed all-in-one and multiple-node deployment, Selenium tests, OpenScap scanning, and OWASP ZAP full scans to provide actionable results to developers prior to releasing software.
• Supported the design and deployment of Splunk Phantom into a hardened Blue-Team server stack used for production forensic and cyber responses.
• Stewarded the DevSecOps methodology to enhance the security and improve software release timeframes on multiple programs.
• Developed Ansible collections and roles to support operational system checks of F5, NetApp, Dell Servers, vSphere, NSX and custom applications across multiple security classifications.
2020 : 2021
ManTech
Senior Cyber Engineer
Roles and Responsibilities include automating installations, application updates, and other redundant tasks using a variety of methods and languages. Employ security throughout the development lifecycle to provide the customer with hardened products.
● Lead and participated with a small team on engineering activities to support updating Command and Control deployments. Converted multiple bash scripts into Ansible Roles for deploying Redmine, MatterMost, NextCloud, NGINX with additional modules, and PostgreSQL 12 on Red Hat Virtualization (RHEV). Performed Automated DISA STIGs of RedHat 7 and PostgreSQL using Ansible playbooks.
● Containerize open source tools onto hardened Red Hat Universal Basic Images
● Utilize GitLab CI/CD to develop pipelines for automating compilation, software testing, containerization, and deployment
2020 : 2020
ManTech
Automation Engineer
Roles and responsibilities include configuration and maintenance of private cloud. Hardware and software include : NetApp Ontap 9, vSphere 6.x, ESXi, NSX, Red Hat, Cisco Nexus and Catalyst devices, F5 physical and virtual firewalls.
• Reconfigured and updated a private cloud to accommodate the removal of staging and testing sandboxes to provide a Production only training system.
• Developed a deep understanding of VMware and other virtualization technologies to increase efficiency and cost benefits using existing hardware.
• Provided micro-segmentation of networks using NSX to minimize the risk of spillage between multiple sandbox environments.
• Utilize DevOps principles to integrate vendor software, containers, and virtual machines within several sandbox environments.
• Develop Ansible and Powershell scripts to automate routine infrastructure management tasks. Includes iDRAC Generic LDAP configurations, vSphere Advanced Settings, and NetApp configurations.
2019 : 2020
Cole Engineering Services, Inc.
Cyber Security Engineer
Roles and responsibilities include developing new Windows 10 images for use in 80+ customer sites, assembly of server racks and video teleconferencing equipment, and maintaining and revising operating/assembly guides. Server racks include commercial off the shelf (COTS) hardware and software along with proprietary software in various rack configurations. Equipment includes Dell servers, Cisco routers, switches and firewalls, and network encryptors.
● Mitigated $1.1 million of lost equipment and labor dollars due to excessive heat from failing IPS safe cooling. Actions led to recognition from Mission Operations Engineering (MOE) Lead/Manager.
● Develop Powershell scripts to automate common configuration tasks reducing configuration errors.
● Apply security configurations in accordance with applicable DISA STIGs.
● Perform SCAP scans of new media, prior to deployment to production environment.
● Coordinated and executed 3 subcontract line items totaling $162 thousand of program taskings, meeting all aspects of cost, schedule, and performance.
● Install commercial off the shelf (COTS) hardware and software along with proprietary software in various rack configurations. Equipment includes Dell PowerEdge R630, Cisco switches, KG175-D network encryption, Cisco ASA 5515-X, and Cisco routers.
● Develop and revise current operating procedures and documentation, using Microsoft Visio and other Office products.
● Perform lab testing of future and current networked environments prior to deployment to the production environment.
2017 : 2019
Northrop Grumman
Systems Engineer
Company:
Research Innovations Incorporated
Spoken Language:
English
About
Thrill-seeking IT explorer and decorated military ace with a whopping 14 years of shattering expectations. Embracing the ever-changing IT world with an unyielding commitment, and a knack for multitasking that would make an octopus jealous! A rich vein of expertise in team leadership and IT heroics, earned through a series of mission-critical operations on home soil and across the globe.
* TS/SCI
* IT Operations
* GIAC GPYC
* GIAC GPEN
* GIAC GWAPT
* GIAC GCIH
* GIAC GCIA
* GIAC GCCC
* CompTIA Security +
* CompTIA Network +
* Leadership / Supervision
* Data Analysis
* Policy Implementation
* Organization / Communication
* Systems Integration
Profile Photo
