Demar Parkes
New York
Summary
Cybersecurity and IT professional with proven experience securing hybrid cloud and on-premises environments. Skilled in endpoint protection, identity management, and incident response using tools such as SentinelOne, Datto EDR, and Microsoft 365 Security. Adept at managing Active Directory, Azure AD, and MFA integrations (Okta, Duo, JumpCloud) to enforce least-privilege access and reduce risk exposure. Experienced in vulnerability management, threat monitoring, and compliance frameworks including HIPAA and ITIL 4. Certified in CompTIA Security+, CySA+, (ISC)² SSCP, and ITIL 4, with a focus on proactive defense, system hardening, and continuous improvement of security operations.
Overview
5
5
years of professional experience
1
1
Certification
Work History
Help Desk Technician
CMIT Solutions of NYCE
01.2025 - Current
- Delivered Tier 2 technical and security support across hybrid Windows and macOS environments, ensuring system integrity and minimizing downtime for client networks.
- Administered and secured Active Directory and Azure AD user objects, enforcing MFA policies (Okta, Duo) and access control best practices.
- Resolved Microsoft 365 authentication, licensing, and synchronization issues within hybrid on-prem/cloud infrastructures.
- Supported endpoint protection deployment (SentinelOne, Datto EDR, Webroot) and monitored alerts for potential security incidents.
- Conducted proactive system audits, patch management, and compliance checks to reduce client exposure to vulnerabilities.
- Collaborated with senior engineers on data protection, backup strategy, and disaster recovery planning for small-business environments.
Customer Service Representative
Alliance Ground International
12.2022 - 02.2024
- Provided technical support and incident triage for endpoint, network, and user-access issues across multi-user environments.
Performed root-cause analysis and mitigated recurring endpoint or authentication issues to improve operational resilience.
Assisted with deployment and configuration of secure communication systems, enforcing password and device-access policies.
Supported onboarding and offboarding procedures aligned with security and compliance standards.
Documented incidents, troubleshooting steps, and escalation notes in ticketing systems for audit and reporting purposes.
IT Desk Support
St Mary High School
01.2021 - 12.2022
- Managed IT support desk at St Mary High School, ensuring smooth operations
- Troubleshot and resolved over 200+ tech issues, improving system efficiency by 30%
- Implemented innovative IT solutions, enhancing school's digital infrastructure
- Collaborated with teachers and staff, providing timely IT assistance.
Education
Bachelor of Science - Cybersecurity And Information Assurance
Western Governors University
Salt Lake City, UTSkills
- Endpoint Security & EDR (SentinelOne, Datto EDR)
- Active Directory & Azure AD Administration
- Microsoft 365 & Cloud Management
- Incident Response & Threat Mitigation
- Network Security & VPN Configuration
- Multi-Factor Authentication (Okta, Duo, JumpCloud)
- PowerShell Automation & Scripting
- SIEM & Log Analysis (Wazuh, Sysmon)
- Backup & Disaster Recovery Management
Certification
- Comptia A+
- Comptia Network+
- Comptia Security +
- Pentest +
- CySA+
- SSCP
- ITIL 4
Timeline
Help Desk Technician
CMIT Solutions of NYCE
01.2025 - Current
Customer Service Representative
Alliance Ground International
12.2022 - 02.2024
IT Desk Support
St Mary High School
01.2021 - 12.2022
Bachelor of Science - Cybersecurity And Information Assurance
Western Governors University
Projects
Windows Defender Deployment & Endpoint Hardening — SentinelOne/Defender, GPO, PowerShell
- Deployed and configured Microsoft Defender across workstation fleet; implemented real-time protection, centralized policy, and scheduled scans.
- Hardened endpoint configurations via GPO and PowerShell automation to reduce attack surface and enforce agent compliance.
Wazuh SIEM Implementation & Log Pipeline — Wazuh, Sysmon, Winlogbeat, ELK
- Built a Wazuh server for centralized log collection and detection; onboarded Windows devices via Wazuh agents.
- Configured Sysmon and Winlogbeat to forward rich telemetry (process creation, network connections, file events) to the SIEM for correlation and alerting.
- Tuned rules to reduce false positives and improve visibility into suspicious activity.
Malware Analysis Workflow with VirusTotal — VirusTotal, SHA256 hash analysis
- Integrated VirusTotal hash lookups into incident triage processes to quickly classify suspicious binaries and prioritize response.
- Used hash-based indicators to enrich alerts and inform containment/remediation decisions.
Adversary Emulation Lab: Kali → Windows VM — Kali Linux, Metasploit, Windows VM, Wazuh
- Performed controlled attack simulations against a sandbox Windows VM to validate detection coverage and log fidelity.
- Mapped attacker techniques to logged events, identifying gaps in telemetry and enhancing detection rules.
Honeypot Research & Network Reconnaissance — Cowrie/Dionaea (honeypot), network monitoring
- Developing a productionized honeypot to capture reconnaissance and lateral movement attempts; analyzing attacker behavior to refine IDS/SIEM signatures.
- Using collected TTPs to prioritize hardening tasks and update detection logic.
Additional Info
Software: Datto RMM, SentinelOne, JumpCloud, Zorus, Datto EDR, Mosyle, ConnectWise, ScreenConnect, Webroot, KnowBe4, MS Sentinel