Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.
Nik has over 15 years in IT, with the last 6 being more focused on Security. He is currently employed as a Manager, Cyber Security for a Managed Security Services Provider, spending most of his days leading a team responsible for IDS/IPS and SIEM technologies.
His academic credentials include a BSc Computer Science, along with PG Cert (Hons) specialization in VoIP and Wireless Broadband. Current industry certifications such as CISSP, GCIA, GCIH, CCNP Security and R&S, CCMSE +VSX, SFCA, SFCE, SWSE, MCSE, MCITP/EA, BCCPA,IBM Certified Deployment Professional - Security QRadar SIEM V7.1, ITIL, ISO9001 Internal Auditor, etc.
You can also reach out to Nik via his blog at securitynik.blogspot.com or via linkedin at http://ca.linkedin.com/pub/nik-alleyne-cissp-gcia/51/1b8/364/
Chadwick Banning started his career in technical support. His technical aptitude saw him move up to Systems and Network Administrator and finally to Technical Director for an educational startup. Currently, Chadwick is a Linux Administrator at the Rimm-Kaufman Group, an online digital marketing firm. Over the course of his career he has garnered experience in everything from desktop support and web development to systems administration and information security. He holds a wide-range of certifications including GCED, CCNA Security, RHCSA, RHCE, MCITP: Server Administrator, LPIC-I, A+, Security+, and Network+ as well as a BA in Mass Communications from Virginia Tech. He is excited about mentoring because he enjoys getting his passion for security rub off on other people.
Joshua Barone has 10 years of experience as a software developer with 5 years specialized in security design and development. Joshua Barone has a core background in Java, .Net, Python, and security development. Joshua specializes in .Net and Java Enterprise technologies, Web Services, Agile Methodologies, Open Source, and Test-Driven Development. He is familiar with a variety of platforms (Windows, Mac OS X, Linux, Unix), databases (PostrgreSQL, MySQL, MSSQL, Oracle), J2EE Application Servers, Software Development Methodologies and Tools. Joshua is also experienced in security vulnerability assessment for platforms and applications. Joshua Barone is a Certified Information System Security Professional (CISSP).
David Bernal Michelena holds a bachelors degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since July 2013, he is a member of Security Events team at Alstom, a world leader company in energy and transport solutions. Alstom has a huge network, formed by about 80,000 hosts and servers distributed worldwide. He was attracted by the challenge that represents defending such a large network, having the opportunity to use and enhance Alstom cutting edge technologies and applying his forensic abilities to bring value to the team. His main activities are incident response, security patching management, malware analysis and remediation, forensic analysis, IPS/IDS and correlation management and optimization.
He formerly served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitumās clients. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
In November 2010, David was one of the main instructors in the forensics workshop on LINUX systems at the prestigious local event UNAM security conference. From August 2009 to July 2011 he worked as an incident handler and forensic analyst in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico.
In August 2010, he was one of the winners of Honeynet 5th Forensic Challenge, log mysteries. In 2011 he gave his first SANS 508 Advanced Computer Forensic and Incident Response course in Mexico, in 2013 he gave his second course. He loves teaching, specially InfoSec courses.
David is GCFA, GCFE and Access Data certified. He also likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to play the piano.
Greg Blake is currently an IT Security Specialist with a state-wide college system. He has almost 20 years of experience in IT within education, insurance, and defense. Over the course of his career he has responded to multiple security incidents, helped his employers secure and defend their infrastructures, conducted forensic investigations, and provided expertise regarding PCI compliance. He holds a Masters of Business Administration and a B.A. in Information Technology Management degrees. In his career Greg has held multiple certifications including MCNE, CNA, MCP, and SANS GCIH and GCFA. Greg currently holds CISSP, GPEN, and is a certified PCI Internal Security Assessor. Greg also teaches the ISC2 Safe and Secure Online program to school age children and their parents within his community.
Elton Booker is a Forensic Analyst at MIT Lincoln Laboratory where he has been involved in forensic analysis, incident response, and risk assessments for the last 3 years. He began his career in criminal justice working with local and federal Law Enforcement agencies and eventually as an investigator for a local institution, while performing acquisitions and rudimentary forensic analysis. Booker started his career in Information Security as a Compliance Analyst conducting system audits, security/risk assessments and remediation to specific security functions including internal vulnerability assessments, penetration testing and malware infections. Currently he is an active member of Infragard, HTCIA, and the Computer Technology Investigators Network (CTIN). Booker's educational background includes an MS in Criminal Theory from Roger Williams University and a BS in Digital Forensics from Champlain College. He currently holds the GCFE, GCFA, GCIH, EnCE, Security+, Network+, CCE and a professional certificate in Linux Security Administration.
Over the course of Sergeās 10+ years as a security professional he has had the opportunity to work for various organizations and clients on all sorts of initiatives, ranging from implementing transparent biometric user authentication in online banking applications to dumpster diving and penetration testing. Serge earned his Bachelorās of Science degree in Electronic Business Management and a Masterās of Science degree in Computer Systems Security prior to earning the CISSP and three SANS certifications: GPEN, GCFA and GWAPT. Prior to his current role, Serge was responsible for application security, fraud prevention, audit compliance, vulnerability assessing, security awareness and the like in an electronic banking environment encompassing hundreds of servers, thousands of websites and over one million unique end users.
Marcelo enforced Firewall, Intrusion Prevention System (IPS), Demilitarized Zone (DMZ), anti-virus and anti-spam configuration and maintenance. He assisted with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements. He analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place. Audited, verified network security and gave recommendations to improve the network security. Executed wireless evaluations and security auditings. Advised organizations with current information about information security technologies and issues and researched and recommended solutions. Wrote user manuals on security softwares and computer, email and Internet user policy. Developed and implemented user security awareness programs, with seminars, conferences, folders, newsletters and helpful suggestions. Designed and reviewed Windows 2000/XP/Vista/Windows 7 and Linux security architecture.
Marcelo has assisted task forces in lawsuits as technical assistant, acting as a expert witness in civil trails. He assisted in computer crimes (cybercrime) investigations and was responsible for establishing a chain of custody for evidence. He performed customer data analysis of data requested from banks and telecommunication companies, as requested by Brazilian Attorneys. He wrote, compiled and edited reports of security activities.
Marcelo has also worked as an associate professor on some colleges training on the following subjects: Law, Investigation and Ethics; Physical Security; Systems Security and Auditing; Networking; Cryptography; Software Engineering; Data Processing Center Administration. He worked as instructor for the Security Fundamentals Course (Presidency of Republic) for over than 10 classes. He was lecturer at the most important Information Security conferences in Brazil.
Finally, Marcelo holds a Masters degree in Computer Science and a Bachelor degree in Information Systems. He also has some certifications, which illustrates his passion to learn: GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH), CISSP (Certified Information Systems Security Professional) and EnCase Certified Examiner (EnCE).
Smita Carneiro has been working in the IT industry for a long time. After getting an engineering degree, she worked for a company that specialized in Novell LANS. She became certified in Novell and then transitioned to Windows getting her MCSE starting with NT 4.0 and working up to 2003. She became interested in application packaging and SMS and spent more than 10 years with SMS/SCCM. Along the way she obtained GIAC certification. She now works as an Active Directory Systems Engineer for Purdue University and also holds the GCWN certification. She learnt a lot doing both SANS courses and wants to help others get interested in and learn more about security. http://www.linkedin.com/pub/smita-carneiro/7/4a3/64b/
Jerry Chen has been working in network security area for over 10 years, he immigrated to Canada and started his career as a network and security instructor in a private college, teaching Cisco CCNA, CCNP and Check Point CCSA, CCSE course. He got his master degree in computer networking from Ryerson University and joined financial industry as network support analyst, senior information security analyst. He gained lots of experience in security area through his daily practice in designing network security infrastructure, analyzing security logs and vulnerabilities, especially after he got trained by Sans GCIH course.
Troy Cunningham has work in IT for a decade now in multiple roles, with a strong focus on system and network administration. He is currently positioned as a Senior Network Administrator with a private sector organization. In addition to working with enterprise level networks with a big focus on SaaS in both classic and Software Distributed Datacenters, Troy also works with smaller businesses to develop their IT infrastructure. With a personal love of learning more about the world, comes a love of teaching. While this may the beginning of a teaching career in Information Technology for Troy, hes often given discourses in other subjects such as philosophy and theology. In this regard he is consistently open to questions and open discussions.
Jason has been practicing in the technology industry for 10 years. Security has always been a major focus, and his sole focus for 4 years.
Jason has an ardent interest for following trends and identifying new technologies and relevant applications. His devotion to continuous learning and research keeps him ahead of the curve. He currently holds GSLC and GSEC certifications.
Currently employed as a Technology Security and Compliance Manager, he has working knowledge of various security related technologies and vendors. Such technologies include Rapid 7 Nexpose and Metasploit, Logrhythm SIEM, and Palo Alto Networks Next Gen Firewalls. Working specifically in the realms PCI-DSS Compliance, and SOX Compliance, Jason has experience with leading, deploying, and evaluating compliance programs.
Recently, Jason obtained his first SANS Challenge Coin (RMO) during his SEC504 training by being a member of the SEC504 Capture the Flag winning team at SANS Chicago 2013.
Jason has a great ability to communicate technical concepts in a non-technical manner, and welcomes the opportunity to share his knowledge and experience.
Schuyler have several years of hands on security experience. His I.T. career started as helpdesk but with a security emphasis as he knew from the beginning that security was his goal. Fast forward several years, he is working a security consultant. He has gained several professional certifications and completed his Master's of Science in Information Security. Due to his background of being on the blue team while performing red team assessments, he is able to accurately perform security assessments and speak to the remediation and assists many companies in the hands on mitigation approaches.
Jeremy Druin works as an internal pen-tester, incident responder, and defect-remediation expert for a multi-national transportation logistics company. Other responsibilities include web vulnerability assessment operations, setting application and database security standards, creating developer training programs, and teaching developers how to architect, design and write secure applications. Additionally Jeremy develops the open-source Mutillidae 2.x training environment and consults on web-application security topics. As the Director of Education for the Kentuckiana ISSA chapter, Jeremy presents on web application pen-testing and remediation along with operating the "webpwnized" YouTube video channel. Jeremy has a Bachelor in Computer Science from Indiana University and is a GIAC-certified Network/Web Application Pen-Tester and Exploit Developer.
Mark Elliott has served as an information security professional since 1999 and an information technology professional since taking his first class in computer programming in 1988. He is a retired Army Warrant Officer, having served over 34 years in the Army and the Army National Guard. He has conducted numerous red-team and blue-team assessments and is currently the lead security engineer on a government contract. He holds the CISSP, GPEN, GCIH, and GCED. You can connect with Mark at https://www.linkedin.com/in/elliottmg
Jesse Fernandez currently works as a Senior IS Audit Specialist in the insurance industry. In his role, Fernandez conducts complex information security audits. During 2012, Fernandez worked with the PCI Security Standards Council to develop guidance around conducting a PCI DSS risk assessment in the role of Content-Coordinator to ensure document consistency, technical soundness, and assist in the development of the table of contents. Fernandez holds the GSLC, GSEC, GCED, GCIH, CISSP, and CISA certifications, has over ten years of industry experience, and has been a guest speaker for SANS, ISACA, and the ISSA.
Jarrod started on computers in elementary school on a TRS-80, and moved through the years to the Apple II, the Macintosh, and eventually the PC. After working for a couple of years as the unofficial "computer guy" in his department, he transitioned into a full-time IT role in the mid-1990s, eventually working on projects involving wireless networking and PKI cryptography. Since then has held a strong interest in the cat-and-mouse games between attacker and defender. He's worked in a variety of industries, including medical manufacturing, financial, energy, and local government, learning that while every environment is different, no environment is truly unique. For the last few years, he's been involved in security operations at an ACS, Inc., contract at the County of Orange, overseeing a wireless networking deployment and taking a strong role in re-engineering the County's security infrastructure, among many other projects. He holds a GAWN and GCIH, and has no plans to stop with those.
Jon has worked in Information Technology for over 10 years, and has focused on Information Security for the last 7 years. He is passionate about security, and loves trying to ignite that passion in other people. Jon was a Warrant Officer in the Army Reserve, where he served for over 11 years. He currently maintains the GCIH, CISSP,MCSE: Security and Security+.
After serving the country in the United States Navy for 8 years, Charles (Chip) Greene began his career in Information Technology. Over the next 18 years, Chip has held positions in Support, Design, Research and Development, Education, Disaster Recovery, and most recently in Information Security. As a Senior Information Security Analyst, Chip leads the Identity and Access Management Team at Virginia Commonwealth University Health Systems. Chip has received a Bachelor's Degree in Information Systems from Virginia Commonwealth University, and a Master's Degree in Disaster Sciences from the University of Richmond. He currently holds a GIAC Security Leadership Certification and previously held the Cisco Certified Security Professional certification. Mr. Greene was also honored with an Outstanding Educational Performance Award from the University of Richmond upon graduation from his Masters program. Education and training are extremely important to ones career and Chip believes that it is important for everyone to take advantage of the opportunities presented to them. The SANS Mentor Program is an outstanding way for Information Technology Professionals to gather, learn and develop from each others experiences and knowledge.
Matthew J. Harmon brings over two decades of offensive and defensive security industry knowledge including; systems administration, international standards development, penetration testing, incident response and digital forensics, methodological risk assessments, GRC and a deep understanding of underlying technologies to his sessions.
Mr. Harmon leads and manages the risk assessment and tactical control testing consulting firm IT Risk Limited based in Minneapolis, Minnesota. In additon, he leads the (ISC)2 Twin Cities MN Chapter, present frequently, participates on several advisory boards, is organizing Security B-Sides MSP and maintains an online knowledge base of security and gardening tips at matthewjharmon.com .
Links -> to:
"IT Risk Limited" -> https://itriskltd.com
"(ISC)2 Twin Cities MN Chapter" -> http://isc2tc.org
"Security B-Sides MSP" -> http://bit.ly/BSidesMSP2014
"knowledge base" and "matthewjharmon.com" -> http://matthewjharmon.com
Daniel Harper has been working in IT for the past 11 years, 7 of which have been with an emphasis on security. He has a Bachelor's in IT Networking and Security from Utah Valley University. When his schedule permits, Dan writes on his blog at hakinthebox.blogspot.com. In Dan's spare time he likes to tinker with projects such as the WiFi Pineapple, USB Rubber Ducky, and the RaspberryPi and play games with his friends and family.
Dave Harris is a Computer Forensics and Intrusions Analyst at General Dynamics Advanced Information Systems where he is responsible for forensic analysis, reversing and decoding of network, media and memory artifacts from malware intrusion events. Dave also develops software tools to support intrusion artifact analysis.
Dave previously worked on an internal research and development program investigating the use of Big Data technologies and analytics in network defense operations. He was also the ISSE Lead on a program for a DoD customer which inserts automated malware detection technology into the Customer's network infrastructure and is transitioning from DIACAP to NIST 800-53-based C&A in the life cycle for this program.
Dave was previously the Scrum Master for two projects involved in the development of cyber event indicator databases and automated malware analysis systems at the Dept. of Homeland Security. In addition to the PMI-ACP (PMI Agile Certified Practitioner) and CompTIA Network+ certifications, Dave holds the (ISC)2 CISSP, (ISC)2 CSSLP (Certified Software Security Lifecycle Professional) and GIAC Reverse Engineering Malware (GREM) certifications. He has spent 25+ years in Information Technology including software and database design and development (Oracle, Java, C/C++, etc.), systems and system security engineering, enterprise data modeling and architecture (DoDAF).
Dave is committed to making sure the broad exposure to actual tools and techniques of malware analysis provided in this course can be applied the next day at the student's work location. Far from a death-by-powerpoint experience, we will discuss real-world situations, applications and case studies. Software developers and system administrators, especially, will appreciate the discussion of coding issues and OS data structures behind the analysis of malware.
Dave enjoys going on malware analysis and pen-testing adventures with the malware analysis lab in his man cave and networking with like-minded folks. His desire is to provide hands-on, example-oriented experiences with students and looks forward to what he will learn from students in the process of mentoring and teaching.
Dave is committed to making sure the broad exposure to actual tools and techniques of malware analysis provided in this course can be applied the next day at the studentās work location. Far from a death-by-powerpoint experience, we will discuss real-world situations, applications and case studies. Software developers and system administrators, especially, will appreciate the discussion of coding issues and OS data structures behind the analysis of malware.
Dave enjoys going on malware analysis and pen-testing adventures with the malware analysis lab in his man cave and networking with like-minded folks. His desire is to provide hands-on, example-oriented experiences with students and looks forward to what he will learn from students in the process of mentoring and teaching.
Arlie Hartman is an information security veteran with over 10 years experience in IT. He has worked in healthcare, manufacturing, and security consulting. Arlie has conducted compliance assesments, managed incident response, and led enterprise infrastructure projects. Arlie holds the ISC2 CISSP and GIAC GSEC certifications. You can connect with him on twitter @arliehartman or on linkedin http://www.linkedin.com/in/arliehartman/. Arlie is very passionate about developing peoples interest in information security.
Kirk Hayes is an Information Systems Security Manager for Innovative Defense Technologies. Kirk competed in the Cyber Aces challenge and was invited to be part of the inaugural cohort for the NJ Cyber Aces Academy at Brookdale. During his time at the cohort, Kirk completed SEC401, SEC504, SEC560, and SEC575 along with the certifications of GSEC, GCIH, GPEN, and GMOB. Kirk also holds other certifications such as Security+, Network+, A+, & MCP. Kirk has a passion for learning and all things pertaining to security. In his spare time, Kirk can be found hacking away at his test lab, including mobile devices, and playing with his children.
Diane has been a Technologist for over 20 years focusing on security since 9/11. She has worked in roles such as Help Desk, Pen Tester, Sys Admin, Network Engineer, Privacy Manager, Security Analytics, and Enterprise Security Architect. Her industry experience includes Retail, Healthcare, Technology, Utility, and Local Government. These roles and industry experience have garnered a deep understanding of security architecture and the underlying technologies and business processes. When not analyzing logs, hacker techniques, or packet captures; Diane is found with family, traveling, creating crafty things or playing games on and off the net. Mentoring Sec504 is exciting to Diane because it is one of the SANS courses that delves into the mindset of the attacker and often the student will leave the class with a new perspective.
Christina Kaiserman is a Security Analyst at Asante Health System, with four years in systems support and information security. She is a graduate of Southern Oregon University majoring in computer security and information assurance. Christina has the GCFE and is an associate of (ISC)2. She also volunteers with the Southern Oregon High Tech Crimes Task force.
Dennis King is the Chief Security Officer and President of Working Security Inc., a Saint Louis provider of information security risk management, compliance, and governance services. Dennis brings over 20 years experience working with more than one hundred large and small companies across the globe including Finance, Energy, and Healthcare clients. He has led development and management of compliance and secure infrastructure solutions at IBM and other IT outsourcing, cloud, and internet service providers, brought IaaS security services to market, led HIPAA, SSAE-16/SAS70, ISO/IEC 27000, PCI-DSS assessments, and managed a variety of forensic investigations. Dennis holds CISSP, GCFA, C|CISO, PMP and CSM certifications. He earned an MBA from Washington University in St. Louis and a BS in Engineering from Purdue University.
Sundar is SANS-GISF and GSEC certified and a senior software development leader with IMS Appature in Seattle. He earned the title of "Professor Sundar" from his previous team at Microsoft for teaching skills and has trained multiple teams on different aspects of software development. To make you think about information security the same way you think about physical security for yourself and your family is the holy grail. He is @sundarnut on Twitter for the latest #infosec topics, trends and incidents. Sundar aims to be a mentor so he can inculcate security as a fundamental technical trait and make it the best lecture you've ever taken!
Jason works for one of the big four accounting firms as the Cyber Defense Response Center Lead focusing on internal incident response and digital forensics. He has developed processes and procedures to reduce incident impact and cost, as well as early identification of incidents.
Jason also serves as the immediate past President of the Atlanta chapter of the HTCIA and served on the board for directors of the Atlanta chapter of the ISSA.
On his off hours Jason en-joys teaching SANS Forensics curriculum as part of the SANS Mentor program. He holds a Masters of Science in Information Security and Assurance (MSISA), and numerous security certifications such as: GCFA, GCIH, G2700, CISSP, CHFI, CEH and CISA.
Jason firmly believes that the only way to truly be secure is by educating others, and he lives by this principle. Furthermore, if you take the time and listen, you can learn from anyone, mostly from your students.
David Mashburn is currently the IT Security Manager for a global non-profit organization in the Washington, D.C. area. He also has experience working as an IT security professional for several civilian Federal agencies, and over 15 years of experience in IT. He holds a Masters Degree in Computer Science from John Hopkins University, and earned a B.S. from the University of Maryland at College Park. David holds multiple security-related certifications, including CISSP, GPEN, GCIH, GCIA, and CEH. He is also a member of the SANS / GIAC advisory board, and teaches courses in the Cybersecurity curriculum at the University of Maryland - University College.
Chris Maulding has over 8 years of experience in the IT industry with three of those specializing in Security. Chris holds his GSEC from SANS along with his CompTIA A+, Certified Ethical Hacker(C|EH), Certified Penetration Tester(CPT), and CIW Web Foundations Associate. He currently holds his A.A.S in Computer Information Systems from Clinton Community College. Chris is also actively pursuing his B.S In Information Technology Security Emphasis online at Western Governors University. Chris is excited to mentor the SEC 401 class because he feels strongly about giving back to the Information security community by helping to develop young security talent. There is a growing need for talented CyberSecurity professionals and mentoring SEC401 is a great place to start.
Timothy McKenzie has more than 15 years of IT and Information Security experience working in financial, government, defense contractor, and service related markets. Timothy has been trained in malware research and exploit development, expert penetration, and forensics work. He uses these skills professionally throughout his daily work, as well as placing within the top 5 in many CTF events. Timothy loves sharing the vast knowledge he has acquired to give back to the Information Security community.
Thomas (CISSP,GCIH) has been working in the information technology field since 1996 where he has worked in field IT service positions. Thomas worked as a Field Support technician for the faculty and staff at Santa Clara University in Northern California with a focus on malware remediation and leveraging Linux solutions to complex security and networking issues. As of May 2008, Thomas has worked as a computer forensics and incident response analyst in the Western United States. He also spent 12 months on a combat-tour deployment in Southwest Asia in a Computer Network Defense (CND) role and served as a vulnerability assessment analyst for the US Army. Thomas attended Forensics Response training at Carnegie Mellon University (CMU) and was asked to deliver and teach this course to military audiences. Thomas is currently serving as a US Army Warrant Officer for the Army Reserve Information Operations Command (ARIOC) delivering support to the National Security Agency (NSA) in their yearly service academy exercises; performs training with and supports the US Army Regional Computer Emergency Response Team-Continental United States (RCERT-CONUS); when he was deployed to the Middle East, Thomas served with the US Army Regional Computer Emergency Response Team-Southwest Asia (RCERT-SWA) and was posted all over Afghanistan and Iraq. Thomas is currently holding the certifications for the EC Councils Certified Ethical Hacker (CEH), Guidance Softwares EnCase Certified Examiner (EnCE), Comptia Security+, and SANS GIAC Reverse Engineering Malware (GREM) and Certified Incident Handler (GCIH), and the (ISC)^2 Certified Information Systems Security Professional (CISSP) certifications. n addition Thomas is currently qualified for the US Department of Defense as a Digital Media Collector as a result in training the Defense Cyber Investigations Training Academy (DCITA).
Aaron Moss has over 10 years in Information Technology, working in positions ranging from Helpdesk to IT Manager. He is very passionate about IT, especially InfoSec. He currently holds the GIAC GSEC certification, a Bachelor's in Information Systems Security from ITT Technical Institute, and is working towards completing other non-GIAC certs, such as Cisco's CCNA and VMware's VCP. Aaron is very excited to be helping people achieve their goals, and learn something new everyday. He loved taking the GSEC course and exam and wants to help someone else accomplish their dreams too.
John is passionate about security. He holds the CISSP, GWAPT, GSLC and GCIH certifications and is managing director for security services at Caliber Security Partners, a firm dedicated to helping clients achieve higher levels of security. Prior to joining Caliber, he was Director of Security and Compliance for Healthagen, Aetna's emerging businesses division. From 1999 to 2006, he led application security for multiple teams in Microsoft's product groups. John has 19 years of experience in information technology and software, and 15 years of experience in IT security. His security and compliance back-ground is in healthcare and secure development. John is married and enjoys time spent with his lovely wife and their six children.
Kevin Perryman started working with computers when he was 11 years old. Over the years Kevin has developed programs in 30+ computer languages, built personal computers from scratch and repaired computer hardware. Kevin has spent time reverse engineered software and data structures when the developing companies no longer supported their products. Long before it was called Forensic Data Recovery, Kevin developed his data recovery skills working for previous employers when hardware would fail. Using commercial applications, and when needed writing his own programs, to extract critical data elements from failed hard drives, floppy disk, zip drives and CD media. Kevin has developed skills in remote technical computing, data recovery, data analysis and email tracing. Kevin currently is self-employed providing IT Support to small business while also working as a Private Investigator.
Jeremy has worked in networking for the past 20 years, with an emphasis on security over the last 5. Jeremy earned a Master's Degree from the Minnesota School of Business in Information Technology. He is a founding member of Salt Lake City's hacker community, DC801. When he's not playing with packet captures or staring at source code, Jeremy can usually be found snowboarding or mountain biking throughout the Rockies.
Jonathon Ross took his first IT job on a help desk 23 years ago and has since worked as a systems administrator, netowrk engineer, and most recently as a systems engineer. Jon's journey into information security was initially a trial by fire when he suffered DDoS attacks in 1996 and later received a deeper understanding of BSD Unix from an attacker who repeatedly breached his systems. Jon has spent the last 15 years working for networking equipment vendors focusing on security products helping private companies and government agencies deploy controls, analyze security intelligence, and recover from attacks. He holds a B.S. in Computer Science, M.S. in Information Assurance as well as CISSP and GPEN certifications.
Kevin Russell grew up a stones throw from Disneyland, but can now be found in the Midwest saving the world, one information security crisis at a time. Ok. Sometimes two. Kevins career of 30+ years in the computer industry has given him an in-depth view of companies security needs from perspectives ranging from mainframe systems programmer to security and data recovery administrator to Senior Vice President and Information Security Officer for a billion dollar company. Today Kevin serves as a security architect and consultant for a national systems integration firm. Clients rely on Kevins expertise to assess their current security posture, optimize security programs, and deliver secure IT services. Kevin has worked with clients in a variety of industries healthcare, financial services, insurance, manufacturing, and retail addressing a variety of IT long-range planning, design, security, regulatory response, availability, recoverability, IT service deployment, and IT service governance challenges. Kevin has achieved a masters degree in cyber security, attended a number of SANs courses, and obtained certifications including CISSP, CRISC, and most recently a GSLC. Kevin also has a variety of additional industry certifications including NSA IEM and IAM, IBM Security Top Gun, and ITIL Foundation. Kevin is excited to mentor this course, as he has made it his mission to spread the word about security, help the next generation of security professionals expand, and help grow the field. After being plied with too many lunches from friends asking advice on Internet safety for their families, Kevin launched a personal security crusade, spending the last 12 years delivering workshops to parents, teens, church groups, scout troops, school assemblies, and others about how to protect their families on the Internet. In 2012 his book on keeping families safe on the Internet was published, to be followed by his book on senior citizen internet safety scheduled for the end of 2014. You may view Kevins blogs at http://dadsinternetsafety.blogspot.com/
Felix has more than 20 years of experience in IT and IT security. He held positions as IT systems engineer and IT advisory manager at a big four company. He has experience in IS management, IS auditing, IS consulting, attack & penetration testing, and IT forensics. He holds a BSc (hons) in science of computing (University of Derby) and a postgraduate certificate in business administration (Open University). His certifications include among others CISA, CISM, CISSP, GCUX, and EnCE. He was a key contributor to the OSSTMM.
He enjoys sharing his knowledge and learning from peers. He is looking forward to active discussions in class.
Greg Scheidel has over 20 years of hands-on experience in IT including desktop and server support, network design and implementation, application development and programming, IT service management, IT security, and information assurance. He currently leads the security branch of a large program responsible for providing security engineering, Assessment and Authorization (A&A) support and assessment activities, and general information assurance and security advice and recommendations. Greg excels at communicating with technical and non-technical stakeholders, firmly believes IT and security must serve business needs rather than exist for their own sake, and is passionate about teaching others while reinforcing and honing his own knowledge.
Mr. Skora holds a M.S. degree in Information Systems and a B.S. in Computer and Information Science and has over 25 years of experience developing, deploying, integrating, and maintaining enterprise scale systems that combine hardware, software, database, and infrastructure components to solve problems in public and private sectors. He is a Sun Certified Java Programmer and Developer and passed IBM's InfoSphere Streams Technical Mastery Exam. As a result of what he learned in the SANS SEC560 Network Penetration Testing and Ethical Hacking class, Joe scored 95% on the GIAC Penetration Tester certification exam and looks forward to helping other's do the same.
Jonathan Squire is a founding member of the Information Security Group of a well known publishing and media company. Jonathans expertise covers a wide range of skills including security architecture, incident response, hacker attack and defense techniques, reverse engineering, and extreme curiosity in how everything works. While working at his day job, Jonathan is credited with accomplishments that include developing an Information Security model for the enterprise, architecting a secure, centralized credit card processing solution, and guiding the design of the security infrastructure deployed throughout many customer facing properties. Mr. Squire is also responsible for providing direction in governance and industry best practices. Jonathan regularly scopes and leads penetration testing and security assessment initiatives, as well as providing guidance for corrective actions and performing debriefings across all levels of the organization. In his spare time, Jonathan is known to enjoy disassembling any piece of technology that cost more than $20 just to find out what else it can do. This propensity for abusing technology is easily witnessed by viewing the buckets of broken parts strewn throughout his basement as well as the creations that rise from the rubble. Jonathan has presented on many of these creations and the flaws that allowed the security to be bypassed on these systems at conferences including BlackHat and Hack in the Box. Jonathan is very passionate about information security and always strives to challenge the status quo and to improve everything he can. Jonathan shares that passion with his student in his teaching style and his genuine willingness to share and engage students in all topics related to information security.
David was about 10-years old when he got his first computer, a 486DX2. One of the first games he played was Sim City, but he was pretty bad at it, always ending up with a bankrupted city after 10-15 minutes. For some reason it was a lot easier for him to open the binaries of his saved games with a hex editor and overwrite the amount of money he had. Since then, David keeps on bending and twisting stuff to see what else can be done with things in addition to their original purpose.
Ron has been working in the information security field for the past 15 years. He worked as a consultant for ten years, gaining experience in many areas. For the past five years he has been working as an engineer for Cisco Systems in RTP. His focus is on evaluating the security of Cisco products and working with the development teams to implement high security standards. Ron is a subject matter expert in DISA STIGās and web application penetration testing. He also holds many industry certifications including GPEN, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP and MCSE.
Sean Thomas has over 15 years of Information Technology experience in Higher Education. He has worked in various roles over the years including desktop support, networking, academic systems administration, Windows and Unix/Linux server administration, and is currently focused on IT Security. Sean has a Bachelor of Business Administration in E-Business Technology and has held MCP and RHCT certifications. Sean has experience with IDS/IPS, firewalls, packet analysis, vulnerability scanning, forensic analysis, and security assessments. He was an integral part of the development of the Security Services team at the University where he is currently employed. As part of this team, he has led initiatives in support of academic research, student services, and policy development. Sean currently holds the GCED and GCFA certifications.
Colin van Niekerk is an avid technology enthusiast and Information Security Specialist who broke his first computer at age 8. By age 12, he had coded his first game, which included a simple, home baked Artificial Intelligence engine and at 15 he was sneaking out of bed at night to read his fathers BSc Computer Science textbooks.
In more recent years, he has attained the GCFE and GCFA certifications and joined the SANS/GIAC DFIR Advisory Board. Honours and awards include winning a Netwars tournament and a Lethal Forensicator Coin.
Colin is currently a Security Specialist within a large health insurance and financial services company where he spends his days either on Linux servers, buried in his digital forensics lab or consulting to the business on security related matters.
Colin tweets sporadically (@colinvanniekerk) and his LinkedIn profile is available here: https://za.linkedin.com/in/colinvanniekerk
Tom has been working with Industrial Control System for the past 20 years in numerous industries. He was been responsible for the design, configuration and maintenance of such systems. Tom is also currently serving part-time in the Air National Guard in a Network Warfare Squadron in the Cyberspace Defense Operations career field. Tom has several certifications to include CISSP, Sec + and a Certified Control Systems Technician (CCST) through The International Society of Automation (ISA).
James Waite is the founder of Assuagent Ltd. He is an experienced professional with over 25 years in the IT industry. His experiences include SIEM systems design and setup, incident handling, intrusion analysis, network and perimeter security, desktop and server security. James Waite also is experienced with developing information security policies / standards / procedures. He is experienced in mid-range and mainframe operations, application development, network server operations, hierarchical storage management and LAN/WAN network design and implementation. Mr. Waites diverse experience provides a valuable understanding of the interactions of software and hardware in a heterogeneous computing and how this affects information security environments. Mr. Waites education and training includes: GIAC Certified Intrusion Analyst GCIA GIAC Certified Incident Handler GCIH GIAC Security Essentials GSEC CompTIA Security+
Ed started off his humble beginnings as a tinkerer, fighting boot sector viruses then fell in love with Security.
He has worked on projects both from a technical and a managerial perspective spanning several industries and countries. Currently holding a CISSP, GPEN, GCIH, GCWN amongst others, he is working towards obtaining his GSE.
Ed enjoys socialising with like minded people, thrives on technical, social, managerial challenges and is always ready to assist with worthy challenges.