Open to opportunities

Delaney Scarangella

@dscarangella

Message

Cybersecurity engineer with 10+ years securing cloud, applications, and enterprise environments.

United States

Message

What I'm looking for

I seek a hands-on security engineering role where I can lead cloud/application security, drive DevSecOps automation, and build measurable risk-reduction programs.

I am a cybersecurity engineer with 10+ years of experience in vulnerability management, cloud security, application security, and security operations across Fortune 500 and federal environments.

I build and operationalize security programs that reduce risk while enabling secure development and resilient operations, with hands-on experience in Rapid7 InsightVM, Veracode, Elastic SIEM, Cloudflare, and multiple cloud platforms.

My work has included architecting SIEM and Zero Trust deployments, implementing DevSecOps automation and STRIDE threat modeling, and leading incident response and risk register development for large enterprises and federal clients.

I prioritize measurable outcomes—reducing detection time, lowering vulnerabilities reaching production, and improving endpoint visibility—while mentoring teams and translating technical controls into business-aligned risk reduction.

Experience

Work history, roles, and key accomplishments

Current

IT Security Engineer II

Current

Universal Service Administrative Company

Apr 2025 - Present (10 months)

Serve as primary engineer for Rapid7 InsightVM and Veracode platforms, standardized security SOPs, and analyzed 159,000+ NTLMv1 authentication events to enable POA&M creation and remediation planning.

Vulnerability Management Veracode Rapid7 InsightVM Splunk SOPs DAST Asset Discovery

Senior Security Engineer

Provable Inc

Aug 2024 - Feb 2025 (6 months)

Architected and deployed AT&T USM Anywhere SIEM across AWS/GCP reducing detection time by 40%, implemented DevSecOps automation to cut vulnerabilities reaching production by 35%, and deployed Zero Trust via Cloudflare WAF/ZTNA.

SIEM USM Anywhere AWS GCP DevSecOps GitHub Actions Cloudflare WAF Ansible Terraform

Security Engineer

RipRap Security

Apr 2024 - Aug 2024 (4 months)

Designed and executed phishing campaigns with a 33% initial click-through rate, engineered email security (SPF, DMARC, DKIM) reducing spoofing by 95%, and implemented Google Workspace DLP and CIS hardening.

Email Security SPF DMARC DKIM Google Workspace Google DLP

Senior Cybersecurity Consultant

Ernst & Young

Mar 2022 - Apr 2024 (2 years 1 month)

Led STRIDE threat modeling for Fortune 500 clients identifying ~30 threats, designed SEP Mobile in Azure protecting 5,000+ endpoints, and authored incident response playbooks and risk registers to improve readiness and reduce resolution time by 35%.

Threat Modeling Azure Intune Incident Response Risk Management SEP Mobile

Endpoint Engineer

Booz Allen Hamilton

Jun 2019 - Mar 2022 (2 years 9 months)

Led Carbon Black implementation to achieve 100% NIST 800-53 compliance and improved platform efficiency by 25%, performed Nessus scanning achieving 95% CIS Benchmark compliance, and developed custom Tanium sensors for threat hunting.

Carbon Black Nessus Tanium NIST 800 53 RSA Archer Threat Hunting

Systems Engineer

Geico

Jul 2014 - Jun 2019 (4 years 11 months)

Developed PowerShell automation reducing manual effort by 50%, implemented BeyondTrust privileged access across 100,000+ systems, and administered Carbon Black and patch management to maintain 98% security compliance.

PowerShell BeyondTrust Carbon Black SCCM Patch Management PKI

Education

Degrees, certifications, and relevant coursework

The Pennsylvania State University

Bachelor of Science, Information Sciences & Technology

2009 - 2013

Completed a Bachelor of Science in Information Sciences & Technology with a minor in Cybersecurity, focusing on information security concepts and applied IT practices.