Jon Shern

Cybersecurity Leader

+1 320-293-9154 | jon.shern@gmail.com | Plymouth, MN

LinkedIn/jonshern

Summary

Enterprise Security Leader with 15+ years of experience guiding organizations through complex security transformations. Known as a positive, people-first coach who helps teams transition from traditional security models to modern, engineering-driven approaches such as Infrastructure and Security as Code. Proven record in identity, infrastructure security, governance, and compliance with expertise in CIS, NIST, and PCI frameworks. Skilled at building strategy, developing measurable metrics, and influencing senior leadership to drive secure enterprise adoption.

Professional Skills:

Communication | Strategic thinking | Agile methodologies | Data analysis | Customer empathy | Project Management | Product development | Governance and Compliance

Work Experience

Principal Security Architect

October 2024 – Present

Entegris, Minnesota

  • Designed and delivered DevSecOps training across engineering teams, coaching Infrastructure as Code and Policy as Code approaches for secure development.
  • Authored and rolled out the Enterprise Network Security Policy, aligning to regulatory requirements and industry best practices.
  • Coach and motivate team around engineering automation practices, and move team to a more sustainable operational model.
  • Built out automation for Entra, PAM, Netskope using Terraform and CI/CD.
  • Created enterprise Privileged Access Management roadmap, including vendor analysis and strategy for onboarding.
  • Built the Security Architecture practice base level architectures around Agentic AI, Ingress/Egress, GCP/Azure API Patterns.
  • Drove adoption of Secure Web Gateway (Netskope), including operational automation, and policy development/automation.
  • Developed metrics and dashboards to measure Secure Web Gateway adoption and PAM usage, enabling data-driven security decisions.

Skills: Policy and Standard Development, DevSecOps, Infrastructure as Code, Policy as Code, PAM, SWG, Metrics & Dashboards, Python

Lead Product Manager - Identity

July 2021 – October 2024

Cargill, Minnesota

  • Architected and led enterprise IAM strategy, including SSO, Conditional Access, PKI, and PAM for 80k+ employees.
  • Managed Cloud Network Security and Infrastructure automation.
  • Created and managed product backlog in Jira, writing user stories/features and refining roadmap with engineering teams.
  • Coached a team to embrace new techniques around automation and removed over 80% of their operational work by enabling their ability to automate their own manual work.
  • Partnered with cybersecurity, risk, and compliance teams to align identity security strategy with enterprise governance.
  • Reduced costs by $600K annually while delivering colleague-driven, API-first authentication services.
  • Built metrics and dashboards to track PAM usage and adoption, providing leadership with actionable insights.

Skills: IAM, Azure AD/Entra, SSO, Conditional Access, PKI, PAM, Jira, Roadmap & Backlog Management, Metrics & Dashboards

Principal Cloud Security Architect / Principal Engineer

August 2016 – July 2021

Cargill, Minnesota

  • Architected AWS compliance framework leveraging serverless, delivering real-time visibility for governance and audit readiness.
  • Built IP Scanner & Vulnerability Detection Platform: High-performance Go application using SQS and Lambda to scan 10K+ IPs in under an hour, with IPAM integration and automated compliance screenshot capture.
  • Coached team around new network security approaches. Drove automation and self-service approaches to firewall rules, enabling engineering teams to move faster while having a more secure network policy.
  • Built Policy as Code Framework using Open Policy Agent for Cloud Security Policies.
  • Developed infrastructure-as-code (Terraform) for firewall rules, IAM, and network security standards.
  • Partnered with engineering and product teams to operationalize security policy into consumable cloud patterns.
  • Reviewed and approved security architectures across business-critical cloud projects (AWS/Azure).

Skills: Go Lang, Python, AWS, Azure, Security Architecture, Serverless, Terraform, Firewall/Network Security, Compliance Frameworks

Engineering Manager

June 2011 – August 2016

Cargill, Minnesota

  • Managed team of 8–13 engineers delivering enterprise-scale applications with budgets of $3M–$4.5M.
  • Architected iOS/Azure mobile companion app and core RESTful services to modernize legacy platforms.
  • Spearheaded rewrite of major client app and web app, improving customer satisfaction and reducing defects.
  • Introduced Agile, continuous deployment, and code review practices, driving quality and efficiency.

Skills: Team Leadership, Agile, Azure, iOS, RESTful Services, Continuous Deployment, Application Architecture

Education

Bachelor's Degree

St. Cloud State University (SCSU), St. Cloud, MN | 2002

Applied Computer Science

Certifications

AWS Professional Architect Certification

2019

CIS Security Training

2017

Fundamentals of Management

Cargill Leadership Academy | 2013