Welcome to my CyberJourney
Hello! My name is David, and I am a US Army Veteran. I am transitioning into Cybersecurity. I'm working as a SOC Analyst intern at CyberNow Labs, receiving hands-on training on various SIEM tools (Splunk & IBM Qradar), EDR/XDR tools and more. I graduated with a Master of Science in Cybersecurity and Information Assurance this past May, and I have already earned a Bachelor's degree in the same field. Additionally, I hold 19 industry certifications.
This website serves as a platform for me to showcase my skills, education, and various home-lab projects that I have undertaken to enhance my practical skills. My ultimate goal is to secure a job in the cybersecurity industry. I am excited to share my journey with you and to demonstrate my dedication to this ever-evolving field. Please explore my website to learn more about my accomplishments and how I can become a valuable team member for your organization!
Education
Master of Science (Western Governors University)
Cyber Security and Information Assurance
Excellence Award for my "Secure Network Design" project. (View PDF)
Transcript (view here)
Certifications
ISC² SSCP (Associate)
Linux Professional Institute - Linux Essentials
Bachelor of Science (Western Governors University)
Cybersecurity and Information Assurance
Additional CompTIA (stackable) & Misc Certifications
CompTIA Network Security Professional - CNSP
CompTIA Network Vulnerability Assessment Professional - CNVP
CompTIA Secure Infrastructure Specialist – CSIS
CompTIA Security Analytics Professional – CSAP
CompTIA IT Operations Specialist – CIOS
Fortinet Fortigate 7.4 Operator
IBM QRadar SIEM Foundation
OWASP TOP 10
Tenable.io (Nessus) Vulnerability Management
Qualys Vulnerability Management Detection and Response
Projects (can also be easily viewed from my LinkedIn Profile without needing to download a file)
Active Directory and Group Policy Lab
In the Active Directory and Group Policy lab, I accomplished a variety of tasks that enhanced my understanding and skills in managing a domain. I learned how to use Active Directory Users and Computers, and gained a deep understanding of what Group Policy is, how it works, and how to use it in a domain. I now understand GPO (Group Policy Object) precedence and have written Powershell scripts to automate redundant tasks, saving countless hours of repetitive work.
I learned how to create test OUs (organizational units) to safely test new GPOs and manage domain workstations and servers with Group Policy and Active Directory. I've also configured domain user desktop backgrounds and deployed software to specific users or computers with Group Policy.
Using Group Policy Management, I've secured the domain and learned how to troubleshoot Group Policy issues. I've applied GPOs to target OUs, users, and/or computers, and created & secured Network Share Drives, publishing them to Active Directory Users and Computers. In the Active Directory and Group Policy lab, I accomplished a variety of tasks that enhanced my understanding and skills in managing a domain. I learned how to use Active Directory Users and Computers, and gained a deep understanding of what Group Policy is, how it works, and how to use it in a domain. I now understand GPO (Group Policy Object) precedence and have written Powershell scripts to automate redundant tasks, saving countless hours of repetitive work. I learned how to create test OUs (organizational units) to safely test new GPOs and manage domain workstations and servers with Group Policy and Active Directory. I've also configured domain user desktop backgrounds and deployed software to specific users or computers with Group Policy. Using Group Policy Management, I've secured the domain and learned how to troubleshoot Group Policy issues. I've applied GPOs to target OUs, users, and/or computers, and created & secured Network Share Drives, publishing them to Active Directory Users and Computers.
Skills: Group Policy · Virtualization · Troubleshooting · Network Administration · Digital Authentication · Domain Controller · DLP · Active Directory · Windows Server
BS CSIA Degree Capstone
For my Capstone Project, which was the culmination of my knowledge gained while pursuing my BS in Cybersecurity and Information Assurance, I developed a comprehensive case study. This involved creating a hypothetical scenario where a company, RetailPro Inc., was operating with an entirely outdated network infrastructure and a conspicuous absence of basic security and access controls.
The scenario highlighted the consequences of inadequate controls and user training, which led to a successful data breach following a user’s susceptibility to a phishing attack. This project served as a practical application of my academic knowledge in a professional context.
The project was divided into 3 tasks:
1.) The Topic Proposal: This was an overview of the project, providing a brief description of what the project would entail based on the scenario.
2.) The IT Proposal: This was a comprehensive document that pinpointed the existing problem and proposed an IT solution. It outlined my strategic plan for implementing the project to effectively address the issue, including a well-defined methodology for project development.
3.) The Post-Implementation Report: This was a thorough report on the project I proposed. It detailed how I successfully implemented an IT solution to resolve the identified problem, including a step-by-step account of my project implementation methodologyFor my Capstone Project, which was the culmination of my knowledge gained while pursuing my BS in Cybersecurity and Information Assurance, I developed a comprehensive case study. This involved creating a hypothetical scenario where a company, RetailPro Inc., was operating with an entirely outdated network infrastructure and a conspicuous absence of basic security and access controls. The scenario highlighted the consequences of inadequate controls and user training, which led to a successful data breach following a user’s susceptibility to a phishing attack. This project served as a practical application of my academic knowledge in a professional context. The project was divided into 3 tasks: 1.) The Topic Proposal: This was an overview of the project, providing a brief description of what the project would entail based on the scenario. 2.) The IT Proposal: This was a comprehensive document that pinpointed the existing problem and proposed an IT solution. It outlined my strategic plan for implementing the project to effectively address the issue, including a well-defined methodology for project development. 3.) The Post-Implementation Report: This was a thorough report on the project I proposed. It detailed how I successfully implemented an IT solution to resolve the identified problem, including a step-by-step account of my project implementation methodology
Skills: Project Management · Intrusion Detection · Network Security · VLAN · Cybersecurity · Information Security Management · NIST 800-53 · ISO 27001
Microsoft (Azure) Sentinel SIEM
Developed content for, and performed tasks for Azure Sentinel (SIEM).
Used custom PowerShell script to extract metadata from Windows Event Viewer to be forwarded to third party API for geolocation data.
Configured Log Analytics Workspace in Azure to ingest custom logs containing geographic information (latitude, longitude, state/province, and country).
Configured Custom Fields in Log Analytics Workspace with the intent of mapping geo data in Azure Sentinel.
Configured Azure Sentinel (Microsoft’s cloud SIEM) workbook to display global attack data (RDP brute force) on world map according to physical location and magnitude of attacks.Developed content for, and performed tasks for Azure Sentinel (SIEM). Used custom PowerShell script to extract metadata from Windows Event Viewer to be forwarded to third party API for geolocation data. Configured Log Analytics Workspace in Azure to ingest custom logs containing geographic information (latitude, longitude, state/province, and country). Configured Custom Fields in Log Analytics Workspace with the intent of mapping geo data in Azure Sentinel. Configured Azure Sentinel (Microsoft’s cloud SIEM) workbook to display global attack data (RDP brute force) on world map according to physical location and magnitude of attacks.
Skills: Microsoft Azure · Azure Sentinel · SIEM · Powershell · Remote Desktop Protocol (RDP) · Threat & Vulnerability Management
Penetration Testing Lab
I Created home lab using VirtualBox, using a Kali VM and a vulnerable machine I downloaded from Vulnhub. I used various tools (like Nmap, Searchsploit, Metasploit, enum4Linux) to enumerate the host, find its vulnerabilities (open ports, outdated software, OS, etc.) and gain root access of the machine.
Skills: Penetration Testing · Nmap · Linux · Threat & Vulnerability Management · Ethical Hacking · Problem Solving · Kali Linux
-----------------------------------------------
Python & Bash Scripting Projects
I initially delved into Python during my undergraduate studies at WGU, where I took an introductory course. Now, I'm actively enhancing my proficiency through a comprehensive Udemy course. My overarching objective is to master the intricacies of Python programming, particularly with the aim of creating custom scripts relevant to my role as a penetration tester or cyber security analyst.
Below are examples of some Python programs I've developed as part of this journey. I initially delved into Python during my undergraduate studies at WGU, where I took an introductory course. Now, I'm actively enhancing my proficiency through a comprehensive Udemy course. My overarching objective is to master the intricacies of Python programming, particularly with the aim of creating custom scripts relevant to my role as a penetration tester or cyber security analyst. Below are examples of some Python programs I've developed as part of this journey.
Skills: Python (Programming Language) · Encryption · Scripting · Debugging Code · Software Development
-----------------------------------------------
References
Aaron Kinsey: American Patrols Inc. CEO aaron@americanpatrols.com | (979) 492-0424
Russell Eral: Western Governors University Program Mentor
russell.eral@wgu.edu | (385) 428-8218
Vicente Rosario: Captain U.S. Army, Western Governors University MSCSIA student
vicente.rosario1@outlook.com | (720) 742-0995
Contact
Get in touch with me (or learn more about me on my About page). - I am actively seeking a role in the Information Security / Cybersecurity / Information Technology field.
Hiring me is like buying apple stock in the 80's. Seems like it could be a risky move, but WOW did that payoff.
d.demark@live.com
+1 254-449-6552
Websites
LinkedIn: https://www.linkedin.com/in/david-demark
TryHackMe: https://www.tryhackme.com/p/ddemark