CollegiateComputer

William Delmar

Info Sec Professional | Linux Enthusiast | Perpetual Tinkerer

~$ ./About_Me

I am one of those people who is lucky enough not only to get to do what they love every day but also to get to make a living doing it. Officially, my career in information security started in August of 2018 when I accepted my first full-time information security position at a company providing hospital and healthcare services across the US after graduating from Pennsylvania State University with a bachelor's degree in Security and Risk Analysis (SRA) in the spring of that same year. However, I've always found this way of marking the start of one's personal career growth to be a bit reductionist as, like many others in this field, I began training for what would eventually become my career much less formally years before I even started at Penn State. In reality, information security is not just something I started learning in college. I have been interested in what we now formally call "information security" for as long as I can remember; and in computers and technology broadly for even longer. Even still, all of these things aren't just interests of mine, they are also the things that I am most passionate about.

Suffice it to say, having only been working in information security professionally since 2018, I still have a lot of professional development to do. So far, in my relatively limited time in this industry, I’ve learned far more than I can easily quantify. I am by no means, at the point where I am today, an expert in the field, but my passion to become one continues to drive me to learn, research, and educate myself at every opportunity I have. As I once put it in a job interview, for me this doesn't stop at five o'clock when I leave the office for the day. That's just the way that it is with the things we're passionate about and it still remains true for me today.

~$ ./Work_Experience

UHS of Delaware, Inc.
Information Security Analyst
Aug 2018 - Present
  • Regularly perform offline password cracking attacks against directory accounts to identify weak passwords
  • Manage vulnerability scanning for corporate offices and over 320 Acute Care and Behavioral Health facilities
  • Act as enterprise administrator for web filtering at corporate offices and over 300 Behavioral Health facilities
  • Function as technical lead on the deployment of Forcepoint DLP Endpoint enterprise-wide
  • Work with endpoint detection and response solutions CrowdStrike Falcon Insight and Trend Micro Apex One
  • Perform security incident detection, response, and recovery when necessary
  • Support deployment and management of full disk encryption on endpoints at facilities across all divisions
Aramark Corporation
Co-op – IT Security, Governance, & Compliance
Oct 2017 - Aug 2018
  • Compiled weekly reports of infected PCs for locations of operation in 18 countries and delivered to CISO
  • Coordinated on remediation of infected endpoints with system administrators in US and global locations
  • Compiled actionable risk reports utilizing vulnerability data gathered from internal and external scans
  • Provided support on implementation of phishing and security awareness training programs
Aramark Corporation
Intern - IT Security, Governance, & Compliance
May 2017 - Aug 2017
  • Scheduled, configured, and generated reports for internal network vulnerability scans
  • Compiled asset vulnerability reports utilizing data gathered from vulnerability scans
  • Coordinated on Payment Card Industry Data Security Standard compliance with lines of business
  • Created and launched simulated phishing campaigns for platform testing and employee training purposes

~$ ./Education

Security and Risk Analysis

Pennsylvania State University

Jun 2014 - May 2018

B.S. in Security and Risk Analysis: Information and Cyber Security from Pennsylvania State University College of Information Sciences and Technology - Recognized as a National Center of Academic Excellence in Information Assurance and Cyber Defense by the National Security Agency and Department of Homeland Security.

~$ ./Skills

Languages

Python

HTML

CSS

Java

JavaScript

C/C++

SQL

Platforms

Windows Desktop (XP - 10)

Ubuntu (12.04+)

Kali

Debian (Wheezy+)

Windows Server (2012 - 2019)

Fedora (34+)

RHEL 8

Red Team Tools

Nmap

Hashcat

Recon-ng

Metasploit Framework

theHarvester

SQLmap

Blue Team Tools

Forcepoint Web Security

Forcepoint DLP

Tenable.SC/IO

CrowdStrike Falcon Insight EDR

Trend Micro Apex One

Analysis Tools

MITM Proxy

Burp Suite

OWASP Zed Attack Proxy (ZAP)

Telerik Fiddler

Wireshark

Ghidra

Core Competencies

  • Vulnerability Assessment & Management
  • Threat Source Identification
  • Task Automation with Python
  • Technical Writing
  • Risk Assessment (NIST SP 800-30)
  • Information Security Testing (NIST SP 800-115)
  • Identity Security (NIST SP 800-63)
  • PCI DSS Compliance