Shawn R. Chaput

For over three decades, I have operated as a foundational architect of the digital economy, anticipating the security implications of nascent technologies long before they reached mass adoption. From the early implementation of commercial internet protocols to the complex orchestration of cloud-native and AI-driven ecosystems, I have consistently served as the vanguard, defining the security paradigms that underpin modern global infrastructure. My career trajectory is defined not merely by participating in technological shifts but by a proactive role in engineering the defenses that made these transformations sustainable. By spearheading the transition from rigid, perimeter-based security models to dynamic, identity-centric architectures, I have enabled enterprises to embrace digital innovation without compromising operational resilience, effectively bridging the chasm between theoretical risk and practical, scalable engineering.

Defining security best practices for emerging technologies has been the central tenet of my professional journey, requiring the ability to navigate the "fog of development" where standards do not yet exist. As the industry grappled with the vulnerabilities inherent in successive waves of innovation—ranging from the first chaotic adoption of e-commerce platforms to the proliferation of IoT and microservices—I formulated and operationalized governance frameworks that have since become standard reference architectures. Whether establishing secure ecomerce requirements during the dot-com era, designing resilient self-healing microservice environments, or currently architecting defenses against adversarial artificial intelligence, my focus has remained on creating "security by design." This work has involved direct contributions to the maturity of security standards, influencing how global organizations detect, respond to, and neutralize sophisticated threats.

Beyond technical innovation, I have successfully elevated the cybersecurity function from a back-office IT sub-discipline to a critical Executive-level imperative. By translating complex technical risks into business value, I have cultivated cultures of security across diverse engineering teams and multinational organizations. This leadership extends to mentoring the next generation of security professionals and Chief Information Security Officers (CISOs), fostering a community of practice that prioritizes ethical resilience and adaptive defense. The result is a legacy of robust systems that have withstood the test of time and an enduring influence on the strategic direction of the information security domain

Simon Fraser University (SFU) Beedie School of Business, Vancouver, BC

Master of Business Administration, Management of Technology, 2011

• MBA (2011)  

• Thesis Advisor: Ian Hand

University of Winnipeg, Winnipeg, MB

Baccalaureate of Arts, Double Honours in Economics and Political Science, 2003

• BA (2003)  

• Thesis Advisor: Dr. Rais Khan

• Amazon Web Services (AWS) Certified Solutions Architect Associate [Amazon], #370107057

  • Credly; 2020

• Certified Associate Business Continuity Professional (ABCP) [DRII] #11246

  • 2006

• Certified Cloud Security Professional (CCSP) [ISC2] #47243

  • Credly; 2019; 2022; 2025

• Certified Fraud Examiner (CFE) [ACFE] #504067

  • 2008

• Certified Information Privacy Professional Canada (CIPP/C) [IAPP], #834091

  • 2008

• Certified Information Security Manager (CISM) [ISACA] #0301300

  • Credly; 2003; 2006; 2007; 2010; 2013

• Certified Information Systems Auditor (CISA) [ISACA] #0436802

  • Credly; 2004; 2008; 2011; 2014

• Certified Information Systems Security Architecture Professional (ISSAP) [ISC2] #47243

  • Credly: 2003; 2006; 2009; 2012; 2022; 2024

• Certified Information Systems Security Engineering Professional (ISSEP) [ISC2] #47243

  • Credly; 2022; 2025

• Certified Information Systems Security Management Professional (ISSMP) [ISC2] #47243

  • Credly:  2003; 2006; 2009; 2012; 2022; 2024

• Certified Information Systems Security Professional (CISSP) [ISC2] #47243

  • Credly; 2003; 2006; 2009; 2012; 2018; 2021; 2024

• Certified Internal Auditor (CIA) [IIA] #1291409

  • Credly; 2007

• Certified in Governance of Enterprise IT (CGEIT) [ISACA], #0800645

  • Credly; 2008; 2012; 2015

• Certified in Risk and Information System Control (CRISC) [ISACA], #1000045

  • Credly; 2011

• Certification in Risk Management Assurance (CRMA) [IIA], #170

  • Credly; 2011

• Certified Netware Administrator (CNA) [Novel]

  • 1998

• Cisco Certified Design Associate (CCDA) [Cisco], CSCO#11798556

  • Credly; 2011

• Conversational Capacity [Blanchard]

  • Credly; 2025

• Fearless Innovation [Blanchard]

  • Credly, 2025

• Information Technology Infrastructure Library (ITIL) Foundation Certified, v.3, AXELOS, #00134124

  • 2010

• Microsoft 365 Certified: Enterprise Administrator Expert [Microsoft], #H429-1803

  • Credly; 2020

• Microsoft 365 Certified: Security Administrator Associate [Microsoft], #H419-8003

  • Credly; 2020

• Microsoft Certified Azure Administrator Associate [Microsoft], #H334-5413

  • Credly; 2020

• Microsoft Certified Azure DevOps Engineer Expert [Microsoft], #H372-6432

  • Credly; 2020

• Microsoft Certified Azure Security Engineer Associate [Microsoft], #H365-6299

  • Credly; 2020

• Microsoft Certified Azure Solutions Architect Expert [Microsoft], #H356-8201

  • Credly; 2020

• Microsoft Certified IT Professional (MCITP) - Server Administrator [Microsoft]

  • 2011

• Microsoft Certified IT Professional (MCITP) - Windows Server 2008 [Microsoft], #A103-7368

  • 2011

• Microsoft Certified Professional (MCP) [Microsoft], #E904-3314

  • 2012

• Microsoft Certified Professional - Windows 95 (MCP) [Microsoft], #985395

  • 1997

• Microsoft Certified Professional - Windows NT 4 Server, (MCP) [Microsoft], #985395

  • 1998

• Microsoft Certified Solutions Associate (MCSA) - Windows Server 2008[Microsoft]

  • 2012

• Microsoft Certified Solutions Associate (MCSA) - Windows Server 2016 (Charter)  [Microsoft]

  • Credly; 2020

• Microsoft Certified Solutions Expert (MCSE) – Core Infrastructure [Microsoft], #H433-3306

  • Credly; 2020

• Payment Card Industry Professional (PCIP), [PCI SSC], 1000-016

  • Credly; 2012, 2022

• Payment Card Industry Qualified Security Assessor (PCI QSA) [Payment Card Industry Security Standards Committee [PCI SSC]), #201-047

  • Credly; 2010; 2011; 2012; 2013; 2014; 2015; 2016; 2017; 2018; 2019; 2020; 2021

• Project Management Professional (PMP) [PMI] #473618

  • Credly; 2007; 2011; 2014; 2017; 2020; 2023; 2026

• Sherwood Applied Business Security Architecture (SABSA) Chartered Architect, Foundation (SCF) [SABSA Institute], #SCF240502056895

  • Credly; 2024

• The Open Group Architecture Framework (TOGAF) 10 Enterprise Architecture Practitioner [Open Group] #181528

  • Credly; 2024

• The Open Group Certified: Integrating Risk and Security [Open Group] 

  • Credly: 2022

• Full Microsoft Transcript https://learn.microsoft.com/en-us/users/shawnrchaput-4325/transcript/d4y88ukezj6e00r 

• SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals, [SANS], 2025

  • https://www.sans.org/cyber-security-courses/applied-data-science-machine-learning 

• Fearless Innovation, [Blanchard], 2025

  • https://www.blanchard.com/our-content/programs/fearless-innovation 

• SABSA AI Security Architecture, [David Lynas Consulting]. 2025 

  • https://davidlynas.com/sabsa-training/architecting-secure-ai/ 

• Conversational Capacity - Navigating Difficult Conversations. [Blanchard], 2025

  • https://www.blanchard.com/our-content/programs/conversational-capacity 

• SABSA - A3 - Advanced Architecture Design & Development, [David Lynas Consulting], 2025

  • https://davidlynas.com/sabsa-training/sabsa-a3-architecture-design-development/ 

• SABSA - Foundation, [David Lynas Consulting], 2024

  • https://davidlynas.com/sabsa-training/sabsa-foundation/ 

• Qualified Security Assessor (QSA) Training [PCI SSC], 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019.

  • https://www.pcisecuritystandards.org/program_training_and_qualification/qsa_certification/ ;  PDF

• Canadian Standards Association – Standards Foundations training [CSA/SCC] 2018.

  • Link 

• Canadian Standards Association – Chair and Vice Chair training [CSA/SCC] 2018.

• General Data Protection Regulation (GDPR) Assessments, Implementation, and Auditing Approaches [IIA], 2018.

  • https://www.gifttool.com/registrar/ShowEventDetails?ID=1913&EID=25571 ; PDF

• Certified Cloud Security Professional (CCSP) training [ISC2], 2016

  • https://www.isc2.org/training/online-self-paced/ccsp-online-self-paced 

• Certified Management Accounting - Accelerated Program (Incomplete, 2013)

  • https://www.bccpa.ca/become-a-cpa/about-the-program/ 

• VMWare Sales Professional Program [VMWare], 2011.

• VMWare Technical Sales Professional Program [VMWare], 2011.

• Symantec Endpoint Protection 11 Sales Training [Symantec], 2011.

• Symantec Endpoint Protection 12 Small Business Edition Sales Training [Symantec], 2011.

• Symantec Backup Exec for Windows Servers Sales Training [Symantec], 2011.

• Symantec Protection Suite: SMB, Advanced Business and Enterprise Edition Sales Training, 2011.

• Symantec Enterprise Vault 9.0 Sales Training [Symantec], 2011.

• Red Hat Partner Platform Training, [Red Hat], 2011.

• Red Hat Partner Virtualization Training [Red Hat], 2011

• Microsoft Licensing Overview [Microsoft], 2010

• Microsoft Business Ready Security Overview [Microsoft], 2010.

• Microsoft Information Protection [Microsoft], 2010.

• Microsoft Identity and Access Management [Microsoft], 2010.

• Microsoft Secure Collaboration [Microsoft], 2010.

• Microsoft Secure Endpoint [Microsoft], 2010.

• Microsoft Secure Messaging [Microsoft], 2010.

• Cisco SMB Specialization for Engineers [Cisco], 2010.

• Cisco SMB Specialization for Account Managers [Cisco], 2010.

• CIPP/C Training Program [IAPP], 2008.

  • https://iapp.org/train/cippc-training 

• Deep Blue Consulting [IBM], 2007.

• Best Practices & Professional Standards [CAMC/ CMC Canada], 2007. 

  • https://www.cmc-canada.ca/EB 

• Cisco MARS & NAC Appliance Design & Development Architecture [IBM/Cisco], 2007.

• Certified Fraud Examiner Canadian Preparation Course [ACFE], 2007.

  • https://www.acfe.com/training-events-and-products/cfe-exam-preparation/cfe-exam-prep---study-on-your-own-options/cfe-exam-prep-course 

• Ethical Hacking Methodology [IBM], 2006.

• BCLE2000 – Business Continuity Management – Accelerated [DRII/DRIC], 2006.

  • https://drii.org/education/BCLE-2000 

• Project Management Professional Exam Preparation Course [PMI/CWC Chapter], 2006.

• PeopleTools 8.44 1 & 2 Training [PeopleSoft/Oracle], 2004.

• PeopleSoft Administration and Installation 8.44 Training [PeopleSoft/Oracle], 2004.

• PeopleSoft Security 8.44 Training [PeopleSoft/Oracle], 2004.

• Certified Novell Administrator Training [University of Winnipeg Continuing Education], 1998.

• Business Writing Skills Training [AT&T Solutions Customer Care], 1996.

• NIST AI Consortium; Member Representative of Autodesk; 2025 - Present

  • NIST AI Consortium Link; PDF Export; 

• Standards Council of Canada , Canadian Advisory Committee JTC1 SC27; Voting Member & Recognized Expert; 2007 - 2023

  • Welcome Letter to the Committee;  Sample Emails

• IIA Vancouver Chapter; Member of the Board of Directors; 2020-2023

  • Announcement on Linkedin of Board Addition; 

• Standards Council of Canada ,Canadian Advisory Committee for GDPR WG (CAC-GDPR); Contributor; 2019-2020

  • Thank you letter

• Cloud Security Alliance; Founding Member, Contributor, and Team Leader; 2008-2010

  • Web Link; Export of Website

• ISACA Vancouver Chapter; Chair of the Programs Committee & Member of the Board of Directors; 2007-2008

  • Board Meeting Agenda (Oct 2007); Board Meeting Agenda (May 2008); Board Meeting Agenda (June 2008)

• ISACA International Standards Committee, Member and Contributor; 2008

  • Standards Board Meeting Invitiation;  Travel Instructions; Meeting Agenda; Travel Documents; Meeting agenda

• West Coast Security Forum, Chair of the Speaker Selection Committee; 2008

  • Speaker Selection method documentation and outcomes

• West Coast Security Forum, Member of the Planning Committee, 2006-2007

  • Speaker introduction instructions; Speaker selection criteria

• The IIA Magazine (August 2021 Issue); Quote highlighted by the Editor (Page 11); named interviewee in "Reigning in Cyber Risk" (Page 25-29); Neil Hodge; August 2021

  • Circulation ~120,000 Global Readers

  • Full Magazine PDF

• Secure Computing Magazine (July 2011); "Something Borrowed: Benefits of PCI"; Stephen Lawton; July 2011

  • Circulation ~50,000 Global Readers

  • Web Archive PDF

• Costco Connection Magazine (May/June 2010 Issue); "Computing in the Clouds: Businesses May Find Benefits in Remote Services"(Page 17); Eric Taub; 2010

  • Circulation ~15.4 Million Global Readers

  • Article Extract PDF

• Autodesk TechX Conference; Track Reviewer (AI Productivity Track); November 2025- December 2025

  • Speaker Presentation Proposal Scoring Airtable

• Autodesk TechX Conference; Track Reviewer (Trust Track); December 2024 - January 2025

  • Speaker Presentation Proposal Scoring Airtable

• ISO JTC-1 SC27; Recognized Expert, Canadian Representative with Voting Rights; 2016- 2024

  • 2007 Welcome Letter;  Sample Emails 1; Sample Emails 2; Sample Emails 3; Sample Emails 4; Sample Emails 5; Sample Emails 6; Sample Emails 7; Sample Emails 8; Sample Emails 9; Sample Emails 10; Sample Emails 11

• Vancouver International Privacy and Security Summit; Moderator of "Navigating Employee Retention Amid the Great Resignation";  2022

  • Conference Agenda;  Conference Bio

• Open Group, Jericho Forum; Moderated Panel: "Developing Requirements for Govenance, Risk, Compliance, and Audit beyond the CSA 1.0 Guidance"; July 23, 2009

  • Announcement & Agenda

• West Coast Security Forum, Chair of the Speaker Selection Committee; 2008

  • Speaker Submission Scorecards

• West Coast Security Forum, Speaker Selection Committee Member; 2007

  • Speaker Submission Scorecards

• US Patent:  Data Classification and Privacy Repository; Patent No:  US 8,407,194 B1; Date: March 26, 2013

  •  PDF Document

• Named inventor on a pending U.S. patent application (USPTO filed)

• • Disclosure ID 3010; Record of Invention #1374; 1374 | Lecorpio IAM Solution Suite; Disclosure ID 3022; Record of Invention #1380; Internal disclosure 1

; Internal disclosure 2; Presentation 1; Presentation 2' RFC 1; RFC 2

• Guidance for Containers and Container Orchestration Tools (PCI SSC); Contributor (Privity credited); 2022

  • Full Text PDF

• Understading GDPR: The role fo Standards in Compliance (Standards Council of Canada); Uncredited Contributor; 2020

  • Full Text PDF;  Thank you/Acknowledge Letter

• High Performance Computing; "Compliance Complexities Challenge Cloud Adoption"; Principal Author; March 2011

  • URL; Archived PDF

• Cloud Computing: Principles, Systems and Applications (Springer - ISBN 978-84996-240-7);  Chapter "Cloud Compliance: A Framework for Using Cloud Computing in a Regulated World" (Pages 241-256);  Credited Principal Author; 2010

  • Full Text PDF

• CISSP – ISSAP Official Textbook (ISC2 - ISBN 978-1439800935); Chapter “Requirements and Security Standards”, Uncredited Reviewer, 2010.

  •  Full Text PDF

• Guide to the ISSMP® CBK®. (ISC2 - ISBN 978-14200944350);Chapter “Enterprise Security Management Practices"; Uncredited Reviewer, 2007.

  • Full Text PDF

• Security Guidance for Critical Areas of Focus in Cloud Computing, v2.1 (Cloud Security Alliance); Chapter "Domain 4: Compliance and Audit" (Pages 37-40); Domain Leader & Contributor; December 2009

  • Full Text PDF

• Security Guidance for Critical Areas of Focus in Cloud Computing, v1 (Cloud Security Alliance); Chapter "Domain 5: Compliance and Audit" (Pages 44-47); Credited Principal Author; April 2009

  • Full Text PDF

• 2009 ISACA CISM Review Manual (ISACA - ISBN ); Contributing Editor; 2008

  • 
    

• IT Control Objectives for Basel II (ISACA & ITGI; ISBN ); Reviewer (IBM Credited); 2007

  • Full Text PDF

• Stepping Through the InfoSec Program (ISACA & ITGI), Uncredited Reviewer,  2006.

  • 
    

Google Scholar: https://scholar.google.com/citations?user=fX4wFvIAAAAJ&hl=en 

• Autodesk Defender Days,  "Novel Risks of MCP Security:  Why 'USB for LLMs' is a Dangerous Understatement"; October 8, 2025

  • Presentation PPTX

• Autodesk India Security Week, Bengaluru; "MCP Security";  June 22, 2025

  • Acknowledgement

• Autodesk TechX 2025;  "Unmasking AI/ML Threats - Discovering Hidden Vulnerabilities and Attack Vectors"; May 6, 2025

  • Presentation PPTX;  Speaker Community Welcome

• Institute of Internal Auditors (IIA), Vancouver Chapter;  "Risks to Consider When Using the Cloud";  February 11, 2021

  • Announcement;  Presentation PDF; Presentation PPTX

• CIPS Security Spectial Interest Group; "Risk Management - Compliance"; January 25, 2012

  • Presentation PPT

• BC ISO ISMS User Group; "What to Expect When the QSA Arrives";  2011

  • Presentation PPT

• Open Group, Jericho Forum; "Governance, Risk Management, Compliance, & Audit: An Overview of Cloud Security Alliance's Security Guidance for Critical Areas of Focus in Cloud Computing"; July 23, 2009

  • Presentation PPT (original); Presentation PDF;  Announcement/Agenda

• ISACA Vancouver; "Surviving the PCI Audit: A Level 1 Merchant Perspective"; April 2009

  • Presentation PPT

• IT4BC Conference; "Introduction to the ISO/IEC 27000 Series and How it can Address Your Regulatory and Legislative Requirements"; June 15, 2007

• BC ISO ISMS User Group; "ISO ISMS Interrelationships with COBIT and ITIL"; May 11, 2007

  • Presentation PPT; Announcement/Agenda

• ISACA Vancouver; "An Introduction to the ISO 27000 Series"; April 18, 2007

  • Presentation PPT; 

• Autodesk, [Platform Services and Emerging Technology Division] Sept 2024 - Present

  • Trust Architect, AI/ML

  • Accomplishments: 

• Central 1 Credit Union (Central 1), Aug 2021 - Sept 2024

  • Enterprise Security Architect

  • Accomplishments: SOC 2 Type 1/2; API Security Perimeter

• Privity Systems Inc.,  Oct 2008 - Present

  • Principal Security Consultant (Co-Owner)

  • Partial Client List:  Advisor Group (AZ); Alberta Health Services (AB); Bell Canada (BC); British Columbia Liquor Distribution Branch (BC); British Columbia Ministry of Finance (BC); Calgary International Airport Authority (AB); Central One Credit Union (BC); City of Richmond (BC); ENMAX Corp (AB); GLENTEL Inc. (BC); Imperial Parking Corp Canada (BC); Insurance Council of Manitoba (MB); Intrawest ULC (BC); Mosaic BC (BC), Rick Hansen Institute (BC); Rocky Mountaineer (BC); Thompson Rivers University (BC); Tides Canada (BC); TransLink (BC); Transportation Investment Corporation (BC); Vancouver Fraser Port Authority (BC); Westland Insurance Group Ltd. (BC); WorkSafeBC (BC) 

  • Accomplishments:  PCI QSA Company; Top Secret Clearance FSC /DSG, RFP/Supply Arrangement qualifications, 130+ engagements; Awared Patent for Sensitive Information Tracking System

• Imperial Parking Canada Corporation (Impark), Jan 2009 -2015

  • Manager, IT Security & Compliance  (Contracted through Privity)

  • Accomplishments: Merchant Level / Risk Reduction through transaction deaggregation

• British Columbia  Liquor Distribution Branch (BC LDB), Nov 2008- Apr 2009

  • PCI QSA Consultant (Contracted through Privity)

• Accenture @ Best Buy, April 2008 - Oct 2008

  • Security Architect

• IBM Canada, [Global Technology Services Division] July 2006 - April 2008

  • Senior IT Security Architect

  • Partial Client List:  Agrium Inc. (BC), ATB Financial (AB), Bell Canada (ON), Calgary Health Region (AB), Canadian Imperial Bank of Commerce (ON), Canadian Tire (ON), Echoworx (ON), Finning Canada (BC), National Insurance Board of Trinidad and Tobago (Trinidad & Tobago), Nexen Oil & Gas (AB), Philips Hagar & North Investments (BC), Rogers Communications (ON), Saskatchewan Crop Insurance (SK), TELUS (AB), Trillium Health Centre (ON)

• Vancouver International Airport Authority (YVR), July 2005 - July 2006

  • IT Security Planner (0728504 BC Ltd)

• University of British Columbia, [Finance Dept] June 2004 – July 2005

  • ERP Systems Security Administrator

• South Eastman Health Regional Health Authority (MB), [Now Southern Regional Health Authority], Jan 2004 – June 2004

  • Security Architect / Security Management Consultant

• EDS Canada (Winnipeg, MB), [Now HP Canada], January 2003 – January 2004

  • Position: Security Analyst / Auditor / Consultant

  • Client List: Best Buy (US)

• DecisionOne (Winnipeg, MB),[ Now Pomeroy], April 1997- December 2002

  • Network Support Engineer, Network Architect, Consultant

  • Partial Client List: Centra Gas, University of Manitoba, Winnipeg International Airport, Great West Life, Globe General Agencies, University of Winnipeg Continuing Education, Investors Group.

• AT&T Solutions Customer Care Canada (Winnipeg, MB), [Now Concentrix], November 1995 – November 1997.

  • End User Support Specialist, Technical Support.

  • Client List: Toronto Dominion Bank, BBN Planet.