CISSP · (ISC)² Certified Cybersecurity Engineer

NoahShaffer

Securing AWS-native SaaS platforms and ML pipelines against modern adversaries. Expertise across SIEM · Zero Trust · DevSecOps · AI/ML security automation.

Download Resume Get In Touch

2M+

Events / Day Secured

95%+

ML Detection Accuracy

40%

MTTR Reduction

CISSP

Certified (ISC)²

scroll

01. About

Who I Am

I'm a CISSP-certified Cybersecurity Engineer with hands-on experience securing AWS-native SaaS platforms, regulated financial systems, and ML pipelines processing 2M+ events per day.

As Co-Founder & Founding Cybersecurity Engineer at Aurepath, I architect Zero Trust controls into an AI SaaS platform from day one. At Lockridge Cybersecurity LLC, I built ML-driven threat detection achieving 95%+ accuracy against BEC and credential phishing. At Curvature Securities, I protect regulated financial market data under SEC Reg SCI and FINRA Rule 4370.

Currently pursuing my M.S. in Cybersecurity Engineering at the University of San Diego (NSA/CAE-accredited), applying threat modeling, incident response, and AI/ML automation to harden cloud workloads against modern adversaries.

Location: Tallahassee, FL

Degree: M.S. Cybersecurity — USD (Expected Aug 2026)

Current: Founding Engineer @ Aurepath · Security Eng @ Curvature Securities

LinkedIn GitHub Email

profile.sh

$ whoami

noah_shaffer@cybersec

$ cat profile.json

{

"cert": "CISSP (ISC)²",

"ms_program": "USD Cybersecurity",

"specialties": [

"AWS Security", "Zero Trust",

"DevSecOps", "ML Security"

"status": "available"

}

02. Skills

Core Competencies

Six years of hands-on security engineering across cloud, endpoint, network, and application layers.

CISSP Security Domains

Security & Risk ManagementAsset SecuritySecurity Architecture & EngineeringCommunication & Network SecurityIdentity & Access ManagementSecurity Assessment & TestingSecurity OperationsSoftware Development Security

Frameworks & Compliance

NIST CSFNIST 800-53NIST 800-171ISO 27001SOC 2 Type IIPCI-DSSHIPAA / GDPR / CCPAFedRAMPMITRE ATT&CKOWASP Top 10CIS ControlsSEC Reg SCIFINRA Rule 4370CSA CCM

Security Tools & Platforms

SplunkElastic SIEMCrowdStrikeSentinelOneMicrosoft Defender XDRSnort / SuricataPalo Alto / Fortinet NGFWNessus / QualysBurp SuiteWiresharkMetasploitOWASP ZAPSemgrepSnyk / Trivy

Cloud & Infrastructure

AWS IAMAWS GuardDutyAWS Security HubAWS KMS / CloudTrailAWS WAF / Macie / InspectorAzure AD / Entra IDGCP IAMDockerKubernetes (EKS)TerraformGitHub Actions / CI/CDLinux (RHEL, Ubuntu)Windows Server

Engineering & Practices

Threat Modeling (STRIDE, PASTA)DevSecOpsSecure SDLCCryptography & PKIZero Trust ArchitectureIncident Response & ForensicsVulnerability ManagementPenetration TestingRed / Blue TeamAI/ML SecurityAPI SecurityData Loss Prevention

Languages & ML

PythonBashC / C++SQLJavaScript / TypeScriptGo (intermediate)PyTorchTensorFlowscikit-learnPandasREST / GraphQL API

03. Experience

Professional Experience

AurepathFounding

Co-Founder & Founding Cybersecurity Engineer

Feb 2026 – Present

Remote

Lead security architecture for an AWS-native AI SaaS platform, embedding Zero Trust controls across IAM, secrets management, KMS-backed encryption, and VPC network segmentation from day one; secured $2.5K pre-seed funding and signed first enterprise design partner.
Built a secure SDLC and DevSecOps pipeline (CI/CD with GitHub Actions, SAST via Semgrep, DAST, Snyk dependency scanning, Trivy container scanning, Terraform IaC review), reducing mean time to remediate critical vulnerabilities by 40%.
Designed and deployed REST APIs handling 10K+ daily calls with TLS 1.3, OAuth 2.0 / OIDC, rate limiting, and structured logging into a centralized SIEM, achieving sub-100ms p95 latency.
Authored security policies, risk register, and control mappings aligned to SOC 2 Type II, NIST CSF, and ISO 27001 to accelerate enterprise pilot conversations and audit readiness.
Conducted threat modeling (STRIDE) and tabletop incident response exercises across the platform, producing prioritized remediation roadmaps tied to MITRE ATT&CK coverage gaps.

ApexShield LLC (ShieldAudit)SaaS Build

Software Engineer — Sole Engineer, ShieldAudit Platform

Jan 2026 – May 2026

Capstone Engagement

Sole engineer designing and building ShieldAudit — a SaaS platform automating annual CCPA cybersecurity audits required under Cal. Code Regs. tit. 11, §§ 7120–7124 (effective January 1, 2026).
Architected a multi-tenant Next.js / PostgreSQL application with Clerk authentication, Drizzle ORM, and Neon serverless DB; implemented an immutable audit trail enforced at the database trigger level.
Built an 18-component, 40-question assessment engine with risk-weighted scoring aligned to NIST CSF, producing automated PDF/DOCX reports formatted for regulatory submission.
Implemented Stripe per-assessment billing with white-label reseller tier; productized at $9,500 direct and $300–$500 reseller price points for California covered businesses.
Hardened with row-level tenancy isolation, AES-256 PII encryption at rest, TLS 1.3 in transit, CSP/HSTS headers, OWASP Top 10 mitigations, and continuous dependency scanning.

Lockridge Cybersecurity LLCFounder

Founder & Lead Security / ML Engineer

Dec 2025 – Apr 2026

Tallahassee, FL

Founded a security practice focused on ML-driven threat intelligence; deployed production PyTorch and TensorFlow models for phishing detection and malware classification across a pipeline processing 2M+ emails per day.
Built supervised and unsupervised anomaly detection systems achieving 95%+ validated accuracy against BEC, credential phishing, and malicious attachments.
Scaled MLOps infrastructure on AWS using Docker, Kubernetes (EKS), and Argo Workflows, enabling 10x traffic with automated retraining, drift monitoring, model versioning, and OpenTelemetry observability.
Mapped detection coverage to MITRE ATT&CK (Initial Access, Defense Evasion) and authored runbooks for SOC analysts integrating outputs into Splunk and downstream SOAR playbooks.

Curvature SecuritiesFull-Time

Security Engineer

Aug 2023 – Present

Financial Services

Monitor and secure access to sensitive fixed-income market data — including real-time CUSIP-level pricing (BVAL, discount, and dollar prices), Treasury yield curves, OAS/repo spreads, and hedge calculations — across trading and analytics systems.
Apply data integrity and access control standards aligned with SEC Regulation SCI, FINRA Rule 4370, PCI-DSS, and SOC 2 to ensure CIA of proprietary trading data.
Operate and tune SIEM detections, EDR alerts, and DLP policies for insider-threat and market-data exfiltration scenarios; triage and remediate incidents per documented Reg SCI escalation procedures.
Lead quarterly vulnerability management and patch cadence across Windows and Linux trading infrastructure.
Contribute to FINRA 4370 BC/DR testing including failover validation, tabletop exercises, and post-incident reporting.

04. Certifications

Credentials

CISSPActive

Certified Information Systems Security Professional

(ISC)²

The gold standard in cybersecurity certification, validating expertise across all 8 CISSP security domains.

Security & Risk MgmtAsset SecuritySecurity ArchitectureNetwork SecurityIAMAssessment & TestingSecurity OpsSoftware Dev Security

CCActive

Certified in Cybersecurity

(ISC)²

Entry-level certification demonstrating foundational knowledge of cybersecurity principles and best practices.

Security ConceptsBusiness ContinuityAccess ControlsNetwork SecuritySecurity Operations

AWS SecurityIn Progress

AWS Certified Security – Specialty

Amazon Web Services

AWS specialty certification validating advanced cloud security skills across identity, network, and data protection.

Incident ResponseLogging & MonitoringInfrastructure SecurityIAMData Protection

AI SecurityIn Progress

AI Security Certificate

In Progress

Certification covering AI/ML security risks, adversarial attacks, model hardening, and secure MLOps practices.

Adversarial MLModel SecurityAI Risk ManagementSecure MLOpsAI Governance

05. Education

Academic Background

University of San Diego

M.S., Cybersecurity Engineering

Expected August 2026

NSA/CAE-Accredited

NSA/CAE (Center of Academic Excellence) designated program

Applying threat modeling, IR, and AI/ML automation to cloud security research

Relevant Coursework

Secure Systems ArchitectureApplied CryptographyCyber Threat IntelligenceIncident Response & ForensicsGovernance, Risk & Compliance

Florida State University

B.S., Computer Science

2024

Graduated

Minors: Business, Mathematics

Leadership: Vice President, FSU student organization

Relevant Coursework

Data Structures & AlgorithmsOperating SystemsComputer NetworksSoftware EngineeringDiscrete Mathematics

06. Projects

GitHub Work

View All on GitHub

WebsiteFinal

No description available.

TypeScript

CPPA-AUDIT

No description available.

TypeScript

AutoStigs

No description available.

Python

ClaudeCodeAgentClone

No description available.

Python

autonomous-AI-framework-security

An autonomous AI framework that chains reconnaissance, exploitation, and post-exploitation into a single pipeline, then goes further by triaging every finding, implementing code fixes, and opening pull requests on your repository. From first packet to merged patch, with human oversight at every critical step.

Python

Wazuh_Siem

No description available.

Python

LockRidge

No description available.

TypeScript

Leet-coder

No description available.

phishing-detection-engine

No description available.

Python