Mentor: Bios

Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Alderson, Duncan

Duncan is a Manager within PwC Australia's Cyber practice. He has over 12 years experience in Network Design, Network Security Architecture and Penetration Testing. During this time has worked with many house hold names on multi-national projects. Designing and implementing large scale networks in ISP environments and implementing security solutions or secure design for multi-layer networks. He is currently the lead for the Melbourne Threat & Vulnerability Management team and has worked in United Kingdom, Abu Dhabi, Singapore and Australia securing private and public sector clients systems.

Alleyne, Nik

Nik has over 15 years in IT, with the last 6 being more focused on Security. He is currently employed as a Manager, Cyber Security for a Managed Security Services Provider, spending most of his days leading a team responsible for IDS/IPS and SIEM technologies.

His academic credentials include a BSc Computer Science, along with PG Cert (Hons) specialization in VoIP and Wireless Broadband. Current industry certifications such as CISSP, GCIA, GCIH, CCNP Security and R&S, CCMSE +VSX, SFCA, SFCE, SWSE, MCSE, MCITP/EA, BCCPA,IBM Certified Deployment Professional - Security QRadar SIEM V7.1, ITIL, ISO9001 Internal Auditor, etc.

You can also reach out to Nik via his blog at or via linkedin at

Banning, Chadwick

Chadwick Banning started his career in technical support. His technical aptitude saw him move up to Systems and Network Administrator and finally to Technical Director for an educational startup. Currently, Chadwick is a Linux Administrator at the Rimm-Kaufman Group, an online digital marketing firm. Over the course of his career he has garnered experience in everything from desktop support and web development to systems administration and information security. He holds a wide-range of certifications including GCED, CCNA Security, RHCSA, RHCE, MCITP: Server Administrator, LPIC-I, A+, Security+, and Network+ as well as a BA in Mass Communications from Virginia Tech. He is excited about mentoring because he enjoys getting his passion for security rub off on other people.

Barone, Joshua

Joshua Barone has 10 years of experience as a software developer with 5 years specialized in security design and development. Joshua Barone has a core background in Java, .Net, Python, and security development. Joshua specializes in .Net and Java Enterprise technologies, Web Services, Agile Methodologies, Open Source, and Test-Driven Development. He is familiar with a variety of platforms (Windows, Mac OS X, Linux, Unix), databases (PostrgreSQL, MySQL, MSSQL, Oracle), J2EE Application Servers, Software Development Methodologies and Tools. Joshua is also experienced in security vulnerability assessment for platforms and applications. Joshua Barone is a Certified Information System Security Professional (CISSP).

Bernal Michelena, David Eduardo

David Bernal Michelena holds a bachelors degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since July 2013, he is a member of Security Events team at Alstom, a world leader company in energy and transport solutions. Alstom has a huge network, formed by about 80,000 hosts and servers distributed worldwide. He was attracted by the challenge that represents defending such a large network, having the opportunity to use and enhance Alstom cutting edge technologies and applying his forensic abilities to bring value to the team. His main activities are incident response, security patching management, malware analysis and remediation, forensic analysis, IPS/IDS and correlation management and optimization.

He formerly served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitumās clients. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.

In November 2010, David was one of the main instructors in the forensics workshop on LINUX systems at the prestigious local event UNAM security conference. From August 2009 to July 2011 he worked as an incident handler and forensic analyst in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico.

In August 2010, he was one of the winners of Honeynet 5th Forensic Challenge, log mysteries. In 2011 he gave his first SANS 508 Advanced Computer Forensic and Incident Response course in Mexico, in 2013 he gave his second course. He loves teaching, specially InfoSec courses.

David is GCFA, GCFE and Access Data certified. He also likes programming in several languages and is a command line lover in LINUX and Windows as well.

On his free time, he likes to play the piano.

Blake, Greg

Greg Blake is currently an IT Security Specialist with a state-wide college system. He has almost 20 years of experience in IT within education, insurance, and defense. Over the course of his career he has responded to multiple security incidents, helped his employers secure and defend their infrastructures, conducted forensic investigations, and provided expertise regarding PCI compliance. He holds a Masters of Business Administration and a B.A. in Information Technology Management degrees. In his career Greg has held multiple certifications including MCNE, CNA, MCP, and SANS GCIH and GCFA. Greg currently holds CISSP, GPEN, and is a certified PCI Internal Security Assessor. Greg also teaches the ISC2 Safe and Secure Online program to school age children and their parents within his community.

Boller, Martin

Martin Boller is a Principal Information Security Auditor with Danfoss, a privately held global company that is a world-leading supplier of technologies that meet the growing need for food supply, energy efficiency, climate-friendly solutions and modern infrastructure. He also holds the CISA, GPEN and multiple other industry certifications.

Martins tenure in the IT industry spans over twenty-five years at Olivetti, Digital, Compaq, HP and Microsoft where he has held leading roles in IT security architecture, operations and management, where he has been defining and implementing technology and security strategy for clients worldwide. At HP Martin also worked as an instructor at customer and internal events on security and technology topics, as well as a mentor for other colleagues. A Mentor Program is an outstanding way for Information Technology Professionals to gather, learn and develop from the combined experiences and knowledge of each other.

Booker, Elton

Elton Booker is a Forensic Analyst at MIT Lincoln Laboratory where he has been involved in forensic analysis, incident response, and risk assessments for the last 3 years. He began his career in criminal justice working with local and federal Law Enforcement agencies and eventually as an investigator for a local institution, while performing acquisitions and rudimentary forensic analysis. Booker started his career in Information Security as a Compliance Analyst conducting system audits, security/risk assessments and remediation to specific security functions including internal vulnerability assessments, penetration testing and malware infections. Currently he is an active member of Infragard, HTCIA, and the Computer Technology Investigators Network (CTIN). Booker's educational background includes an MS in Criminal Theory from Roger Williams University and a BS in Digital Forensics from Champlain College. He currently holds the GCFE, GCFA, GCIH, EnCE, Security+, Network+, CCE and a professional certificate in Linux Security Administration.

Borso, Serge

Over the course of Sergeās 10+ years as a security professional he has had the opportunity to work for various organizations and clients on all sorts of initiatives, ranging from implementing transparent biometric user authentication in online banking applications to dumpster diving and penetration testing. Serge earned his Bachelorās of Science degree in Electronic Business Management and a Masterās of Science degree in Computer Systems Security prior to earning the CISSP and three SANS certifications: GPEN, GCFA and GWAPT. Prior to his current role, Serge was responsible for application security, fraud prevention, audit compliance, vulnerability assessing, security awareness and the like in an electronic banking environment encompassing hundreds of servers, thousands of websites and over one million unique end users.

Caiado, Marcelo

Marcelo has an extensive and diversified experience within the information technology sector. He has been carrying out computer forensics investigations for over 8 years. Worked with incident response / computer emergency response, being responsible for conducting investigations and responding to networking intrusion attempts. He investigated and handled privacy-related incidents and consumer complaint in liaison with Legal and Human Resources departments. Analyzed and documented, including root cause analysis, information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place, including offering remediation strategies. Investigated and immediately stopped leaks and inadvertent disclosures of confidential information. Developed policies and security awareness programs. Worked with highly sensitive information in a team environment.

Marcelo enforced Firewall, Intrusion Prevention System (IPS), Demilitarized Zone (DMZ), anti-virus and anti-spam configuration and maintenance. He assisted with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements. He analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place. Audited, verified network security and gave recommendations to improve the network security. Executed wireless evaluations and security auditings. Advised organizations with current information about information security technologies and issues and researched and recommended solutions. Wrote user manuals on security softwares and computer, email and Internet user policy. Developed and implemented user security awareness programs, with seminars, conferences, folders, newsletters and helpful suggestions. Designed and reviewed Windows 2000/XP/Vista/Windows 7 and Linux security architecture.

Marcelo has assisted task forces in lawsuits as technical assistant, acting as a expert witness in civil trails. He assisted in computer crimes (cybercrime) investigations and was responsible for establishing a chain of custody for evidence. He performed customer data analysis of data requested from banks and telecommunication companies, as requested by Brazilian Attorneys. He wrote, compiled and edited reports of security activities.

Marcelo has also worked as an associate professor on some colleges training on the following subjects: Law, Investigation and Ethics; Physical Security; Systems Security and Auditing; Networking; Cryptography; Software Engineering; Data Processing Center Administration. He worked as instructor for the Security Fundamentals Course (Presidency of Republic) for over than 10 classes. He was lecturer at the most important Information Security conferences in Brazil.

Finally, Marcelo holds a Masters degree in Computer Science and a Bachelor degree in Information Systems. He also has some certifications, which illustrates his passion to learn: GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH), CISSP (Certified Information Systems Security Professional) and EnCase Certified Examiner (EnCE).

Carneiro, Smita

Smita Carneiro has been working in the IT industry for a long time. After getting an engineering degree, she worked for a company that specialized in Novell LANS. She became certified in Novell and then transitioned to Windows getting her MCSE starting with NT 4.0 and working up to 2003. She became interested in application packaging and SMS and spent more than 10 years with SMS/SCCM. Along the way she obtained GIAC certification. She now works as an Active Directory Systems Engineer for Purdue University and also holds the GCWN certification. She learnt a lot doing both SANS courses and wants to help others get interested in and learn more about security.

Caruso, Robert

As a CISSP, Robert Caruso designed the PKI client authentication portal for the Defense Logistics Agency training site to enable two-factor authentication of 22,000+ personnel located in 24 time zones using unbreakable cryptography. He has mentored high school students in the U.S. Cyber patriot competition and worked with the Boy Scouts of America to develop a new technology merit badge, Programming. Robert has also taught mainframe Cobol programmers to write web applications in J2EE where one student noted, "I had tried to learn Java programming several times, but this was the first time it made sense." An avid inventor and tinkerer, he holds a patent for a fitness entertainment hardware/software device and has developed applications for every platform from mobile apps to cloud servers. Currently, Robert is the Information Security Architect on the Strategy, Policy, and Planning team at Battelle Memorial Institute in Columbus, Ohio, where he researches current and emerging cyber threats to the enterprise. At Battelle, Robert co-authored a paper on Cyber Risk Managanament for Medical Device Design which was published in the AAMI journal in 2014. A graduate of The Ohio State University, College of Engineering in Computer Science, he also holds certifications in CISSP, GMOB, Sun Java, C++/MFC, FISMA/NIST NSTISSI-4011, CNSSI-4012, ISO-27002, and ITIL Fv3. Robert is active in the local security community in the Central Ohio Infragard, is an officer of the ISC2 chapter in Columbus, Ohio, and is on the GIAC/SANS Advisory Board.

Cunningham, Troy

Troy Cunningham has work in IT for a decade now in multiple roles, with a strong focus on system and network administration. He is currently positioned as a Senior Network Administrator with a private sector organization. In addition to working with enterprise level networks with a big focus on SaaS in both classic and Software Distributed Datacenters, Troy also works with smaller businesses to develop their IT infrastructure. With a personal love of learning more about the world, comes a love of teaching. While this may the beginning of a teaching career in Information Technology for Troy, hes often given discourses in other subjects such as philosophy and theology. In this regard he is consistently open to questions and open discussions.

Curtis, Michael

Michael A. Curtis (Mike) has over 20 years of experience in the security field and has held several key leadership positions at Rollins, Virtual IT Experts, and Additionally, Mike is active in the security community having served as a past member of the Symantec Customer Advisory Board, and is an officer in the Atlanta (ISC)2 Chapter. Mike holds a BSEE, cum laude, from Northeastern University, an MBA from Bentley College and a CISSP.

DeLong, Bill

Over twenty years of successful military and civilian experience including extensive knowledge and expertise in researching, coordinating, analyzing, and developing detailed intelligence and security assessments, with a reputation for meeting the most challenging organizational goals and objectives. Graduate degree in Business and Organizational Security Management. Currently employed as a Department of the Army Civilian as a Cyber security Specialist. Numerous DoD Security Courses. Professional IT certifications as CISSP and GSEC. Member of ISC2, ISSA, INFRAGUARD, and ASIS.

My LINKED In profile is

I look forward to being the eternal teacher and therefore become the eternal student.

Deluce, Jason

Jason has been practicing in the technology industry for 10 years. Security has always been a major focus, and his sole focus for 4 years.

Jason has an ardent interest for following trends and identifying new technologies and relevant applications. His devotion to continuous learning and research keeps him ahead of the curve. He currently holds GSLC and GSEC certifications.

Currently employed as a Technology Security and Compliance Manager, he has working knowledge of various security related technologies and vendors. Such technologies include Rapid 7 Nexpose and Metasploit, Logrhythm SIEM, and Palo Alto Networks Next Gen Firewalls. Working specifically in the realms PCI-DSS Compliance, and SOX Compliance, Jason has experience with leading, deploying, and evaluating compliance programs.

Recently, Jason obtained his first SANS Challenge Coin (RMO) during his SEC504 training by being a member of the SEC504 Capture the Flag winning team at SANS Chicago 2013.

Jason has a great ability to communicate technical concepts in a non-technical manner, and welcomes the opportunity to share his knowledge and experience.

Dorsey, Schuyler

Schuyler have several years of hands on security experience. His I.T. career started as helpdesk but with a security emphasis as he knew from the beginning that security was his goal. Fast forward several years, he is working a security consultant. He has gained several professional certifications and completed his Master's of Science in Information Security. Due to his background of being on the blue team while performing red team assessments, he is able to accurately perform security assessments and speak to the remediation and assists many companies in the hands on mitigation approaches.

Drews, Melvin

Coming from a long background of designing, implementing and supporting enterprise IT systems, Mel Drews found himself working in information security rather by accident 10 years ago and found a passion there. His security-focused experience includes security curriculum development, penetration testing, vulnerability and risk assessment, program development, audit, and miscellaneous consulting for U.S. and international entities, primarily in government, financial services and energy sectors. Mr. Drews currently works with a global financial services firm with responsibility for software security. He holds the GCFE, CISSP, CISA and Project+ certifications.



Elliott, Mark

Mark Elliott has served as an information security professional since 1999 and an information technology professional since taking his first class in computer programming in 1988. He is a retired Army Warrant Officer, having served over 34 years in the Army and the Army National Guard. He has conducted numerous red-team and blue-team assessments and is currently the lead security engineer on a government contract. He holds the CISSP, GPEN, GCIH, and GCED. You can connect with Mark at

Fernandez, Jesse

Jesse Fernandez currently works as a Senior IS Audit Specialist in the insurance industry. In his role, Fernandez conducts complex information security audits. During 2012, Fernandez worked with the PCI Security Standards Council to develop guidance around conducting a PCI DSS risk assessment in the role of Content-Coordinator to ensure document consistency, technical soundness, and assist in the development of the table of contents. Fernandez holds the GSLC, GSEC, GCED, GCIH, CISSP, and CISA certifications, has over ten years of industry experience, and has been a guest speaker for SANS, ISACA, and the ISSA.

Fitzpatrick, Montez

Montez has worked in the industry since 2004. However, Montez has a passion for technology that reaches much farther back than that. A personal philosophy of "never leave an interesting problem or question to wonderment." Montez currently works as a Senior Information Security Engineer and a Senior Security Consultant, with experience that spans the gamut of information security domains, He has mastery of both soft and hard technical skills.

Frates, Jarrod

Jarrod started on computers in elementary school on a TRS-80, and moved through the years to the Apple II, the Macintosh, and eventually the PC. After working for a couple of years as the unofficial "computer guy" in his department, he transitioned into a full-time IT role in the mid-1990s, eventually working on projects involving wireless networking and PKI cryptography. Since then has held a strong interest in the cat-and-mouse games between attacker and defender. He's worked in a variety of industries, including medical manufacturing, financial, energy, and local government, learning that while every environment is different, no environment is truly unique. For the last few years, he's been involved in security operations at an ACS, Inc., contract at the County of Orange, overseeing a wireless networking deployment and taking a strong role in re-engineering the County's security infrastructure, among many other projects. He holds a GAWN and GCIH, and has no plans to stop with those.

Gorenflo, Jonathan

Jon has worked in Information Technology for over 10 years, and has focused on Information Security for the last 7 years. He is passionate about security, and loves trying to ignite that passion in other people. Jon was a Warrant Officer in the Army Reserve, where he served for over 11 years. He currently maintains the GCIH, CISSP,MCSE: Security and Security+.

Gorup, Tom

Tom was an Infantry squad leader in the US Army serving in Iraq and Afghanistan where he earned the Purple Heart. After the Army, Tom joined Rook as a security analyst and quickly progressed to his current position of SOC Manager. In this role, Tom oversees the monitoring, scanning, and incident response for hundreds of enterprise-level companies. Additionally, Tom has spearheaded the transition into 24x7 operations and incorporating ITIL best practices. Tom also worked on the development of multiple proprietary threat intelligence tools. Tom has successfully obtained a Security+ and GCIA certifications. Toms excitement to become a SANS mentor is spawned from the need to give back to a community which has provided him so much throughout his journey into information security. Being able to pass his knowledge forward and give people the same opportunities that were afforded him would be thrilling.

Greene, Charles

After serving the country in the United States Navy for 8 years, Charles (Chip) Greene began his career in Information Technology. Over the next 18 years, Chip has held positions in Support, Design, Research and Development, Education, Disaster Recovery, and most recently in Information Security. As a Senior Information Security Analyst, Chip leads the Identity and Access Management Team at Virginia Commonwealth University Health Systems. Chip has received a Bachelor's Degree in Information Systems from Virginia Commonwealth University, and a Master's Degree in Disaster Sciences from the University of Richmond. He currently holds a GIAC Security Leadership Certification and previously held the Cisco Certified Security Professional certification. Mr. Greene was also honored with an Outstanding Educational Performance Award from the University of Richmond upon graduation from his Masters program. Education and training are extremely important to ones career and Chip believes that it is important for everyone to take advantage of the opportunities presented to them. The SANS Mentor Program is an outstanding way for Information Technology Professionals to gather, learn and develop from each others experiences and knowledge.

Harmon, Matthew J.

Matthew J. Harmon, a Principal Consultant at Rendition InfoSec, has over 20 years of experience in incident analysis and response, secure architecture development, security auditing, penetration testing, tactical risk assessments, international standards development.

Mr. Harmon presents frequently for groups such as the Cyber Security Summit, Saint Paul College ACM Cyber Security Workshop, Metropolitan State University's Masters in Computer Forensics Capstone, and (ISC)2 Twin Cities MN on topics such as Cyber War, DDoS Survival, Java Exploits Offense and Defense, Incident Handling and Hacking Techniques, and Evidence Based Risk Assessments. He has also served on various security organization and conference advisory boards, organized the Security B-Sides MSP 2014 Conference and the Security B- Sides MSP Crypto Party and Hacker Showcase at the 2014 Cyber Security Summit.

Harper, Daniel

Daniel Harper has been working in IT for the past 11 years, 7 of which have been with an emphasis on security. He has a Bachelor's in IT Networking and Security from Utah Valley University. When his schedule permits, Dan writes on his blog at In Dan's spare time he likes to tinker with projects such as the WiFi Pineapple, USB Rubber Ducky, and the RaspberryPi and play games with his friends and family.

Hayes, Kirk

Kirk Hayes is an Information Systems Security Manager for Innovative Defense Technologies. Kirk competed in the Cyber Aces challenge and was invited to be part of the inaugural cohort for the NJ Cyber Aces Academy at Brookdale. During his time at the cohort, Kirk completed SEC401, SEC504, SEC560, and SEC575 along with the certifications of GSEC, GCIH, GPEN, and GMOB. Kirk also holds other certifications such as Security+, Network+, A+, & MCP. Kirk has a passion for learning and all things pertaining to security. In his spare time, Kirk can be found hacking away at his test lab, including mobile devices, and playing with his children.

Hodges, Robert

Bob has a varied 29 year professional history from component level electronic design and repair of analog, digital, and RF electronics, a sound engineer, disc jockey, a network and technical analyst, a senior engineer, a department manager, to presently a corporate Information Security Officer.

Bob holds the GSEC Certification, the GCIH Certification, the GSLC certificate, and the CISSP(R) Certification. Bob told us his goal in serving as a mentor: "I would like to build information security to the same industry awareness level as network engineering. I believe that SANS and GIAC together provide and excellent program to achieve my goals. I would like to pay it back to the industry, to Sans (Stephen Northcutt, Eric Cole, Mentor Don Murdoch, et. al), and pay it forward to help others to attain there IS Security goals.

Huber, Michael

Michael Huber has been working within the IT industry since 1989 and during that time has assisted the companies he has worked for to use security as an enabler of business by focusing on a seamless nature of security to increase the effectiveness and productivity of the business.

Johnson, Diane

Diane has been a Technologist for over 20 years focusing on security since 9/11. She has worked in roles such as Help Desk, Pen Tester, Sys Admin, Network Engineer, Privacy Manager, Security Analytics, and Enterprise Security Architect. Her industry experience includes Retail, Healthcare, Technology, Utility, and Local Government. These roles and industry experience have garnered a deep understanding of security architecture and the underlying technologies and business processes. When not analyzing logs, hacker techniques, or packet captures; Diane is found with family, traveling, creating crafty things or playing games on and off the net. Mentoring Sec504 is exciting to Diane because it is one of the SANS courses that delves into the mindset of the attacker and often the student will leave the class with a new perspective.

Kaiserman, Christina

Christina Kaiserman is a Security Analyst at Asante Health System, with four years in systems support and information security. She is a graduate of Southern Oregon University majoring in computer security and information assurance. Christina has the GCFE and is an associate of (ISC)2. She also volunteers with the Southern Oregon High Tech Crimes Task force.

Lawrence, Jason

Jason works for one of the big four accounting firms as the Cyber Defense Response Center Lead focusing on internal incident response and digital forensics. He has developed processes and procedures to reduce incident impact and cost, as well as early identification of incidents.

Jason also serves as the immediate past President of the Atlanta chapter of the HTCIA and served on the board for directors of the Atlanta chapter of the ISSA.

On his off hours Jason en-joys teaching SANS Forensics curriculum as part of the SANS Mentor program. He holds a Masters of Science in Information Security and Assurance (MSISA), and numerous security certifications such as: GCFA, GCIH, G2700, CISSP, CHFI, CEH and CISA.

Jason firmly believes that the only way to truly be secure is by educating others, and he lives by this principle. Furthermore, if you take the time and listen, you can learn from anyone, mostly from your students.

Mashburn, David

David Mashburn is currently the IT Security Manager for a global non-profit organization in the Washington, D.C. area. He also has experience working as an IT security professional for several civilian Federal agencies, and over 15 years of experience in IT. He holds a Masters Degree in Computer Science from John Hopkins University, and earned a B.S. from the University of Maryland at College Park. David holds multiple security-related certifications, including CISSP, GPEN, GCIH, GCIA, and CEH. He is also a member of the SANS / GIAC advisory board, and teaches courses in the Cybersecurity curriculum at the University of Maryland - University College.

McKenzie, Timothy

Timothy McKenzie has more than 15 years of IT and Information Security experience working in financial, government, defense contractor, and service related markets. Timothy has been trained in malware research and exploit development, expert penetration, and forensics work. He uses these skills professionally throughout his daily work, as well as placing within the top 5 in many CTF events. Timothy loves sharing the vast knowledge he has acquired to give back to the Information Security community.

Neely, Lee

Lee Neely is a senior IT and security professional at Lawrence Livermore National Laboratory (LLNL) with over 25 years of experience. He has been involved in many aspects of IT from system integration and quality testing to system and security architecture since 1986. He has had extensive experience with a wide variety of technology and applications from point implementations to enterprise solutions. Lee has worked with securing information systems since he installed his first firewall in 1989. As part of his employers Cyber Security Program (CSP) he leads their new technology group, working with programs to develop secure implementations of new technology. Lee was instrumental in developing their secure configurations, risk assessments and policy updates required for iOS, Android, BlackBerry and Windows Mobile Devices. He has worked to evolve solutions for both corporate and BYOD requirements. Lee worked with the SANS SCORE project to develop the iOS Step-by-Step configuration guide as well as the Mobile Device Configuration Checklist which is included in the SEC 575 course. He teaches cyber security courses, including the new manager cyber security training, and Information System Security Officer training. Lee has a Bachelors in Computer Science from Cal State Hayward and holds several security certifications including GMOB, CISSP, CISA, CISM and CRISC. He is also the Technology Director for the ISC2 EastBay Chapter.

You can keep up with Lee @lelandneely

Overbaugh, John

John is passionate about security. He holds the CISSP, GWAPT, GSLC and GCIH certifications and is managing director for security services at Caliber Security Partners, a firm dedicated to helping clients achieve higher levels of security. Prior to joining Caliber, he was Director of Security and Compliance for Healthagen, Aetna's emerging businesses division. From 1999 to 2006, he led application security for multiple teams in Microsoft's product groups. John has 19 years of experience in information technology and software, and 15 years of experience in IT security. His security and compliance back-ground is in healthcare and secure development. John is married and enjoys time spent with his lovely wife and their six children.

Perryman, Kevin

Kevin Perryman started working with computers when he was 11 years old. Over the years Kevin has developed programs in 30+ computer languages, built personal computers from scratch and repaired computer hardware. Kevin has spent time reverse engineered software and data structures when the developing companies no longer supported their products. Long before it was called Forensic Data Recovery, Kevin developed his data recovery skills working for previous employers when hardware would fail. Using commercial applications, and when needed writing his own programs, to extract critical data elements from failed hard drives, floppy disk, zip drives and CD media. Kevin has developed skills in remote technical computing, data recovery, data analysis and email tracing. Kevin currently is self-employed providing IT Support to small business while also working as a Private Investigator.

Ross, Jonathon

Jonathon Ross took his first IT job on a help desk 23 years ago and has since worked as a systems administrator, netowrk engineer, and most recently as a systems engineer. Jon's journey into information security was initially a trial by fire when he suffered DDoS attacks in 1996 and later received a deeper understanding of BSD Unix from an attacker who repeatedly breached his systems. Jon has spent the last 15 years working for networking equipment vendors focusing on security products helping private companies and government agencies deploy controls, analyze security intelligence, and recover from attacks. He holds a B.S. in Computer Science, M.S. in Information Assurance as well as CISSP and GPEN certifications.

Russell, Kevin

Kevin Russell grew up a stones throw from Disneyland, but can now be found in the Midwest saving the world, one information security crisis at a time. Ok. Sometimes two. Kevins career of 30+ years in the computer industry has given him an in-depth view of companies security needs from perspectives ranging from mainframe systems programmer to security and data recovery administrator to Senior Vice President and Information Security Officer for a billion dollar company. Today Kevin serves as a security architect and consultant for a national systems integration firm. Clients rely on Kevins expertise to assess their current security posture, optimize security programs, and deliver secure IT services. Kevin has worked with clients in a variety of industries healthcare, financial services, insurance, manufacturing, and retail addressing a variety of IT long-range planning, design, security, regulatory response, availability, recoverability, IT service deployment, and IT service governance challenges. Kevin has achieved a masters degree in cyber security, attended a number of SANs courses, and obtained certifications including CISSP, CRISC, and most recently a GSLC. Kevin also has a variety of additional industry certifications including NSA IEM and IAM, IBM Security Top Gun, and ITIL Foundation. Kevin is excited to mentor this course, as he has made it his mission to spread the word about security, help the next generation of security professionals expand, and help grow the field. After being plied with too many lunches from friends asking advice on Internet safety for their families, Kevin launched a personal security crusade, spending the last 12 years delivering workshops to parents, teens, church groups, scout troops, school assemblies, and others about how to protect their families on the Internet. In 2012 his book on keeping families safe on the Internet was published, to be followed by his book on senior citizen internet safety scheduled for the end of 2014. You may view Kevins blogs at

Scheidel, Greg

Greg Scheidel has over 20 years of hands-on experience in IT including desktop and server support, network design and implementation, application development and programming, IT service management, IT security, and information assurance. He currently leads the security branch of a large program responsible for providing security engineering, Assessment and Authorization (A&A) support and assessment activities, and general information assurance and security advice and recommendations. Greg excels at communicating with technical and non-technical stakeholders, firmly believes IT and security must serve business needs rather than exist for their own sake, and is passionate about teaching others while reinforcing and honing his own knowledge.

Skora, Joseph

Mr. Skora holds a M.S. degree in Information Systems and a B.S. in Computer and Information Science and has over 25 years of experience developing, deploying, integrating, and maintaining enterprise scale systems that combine hardware, software, database, and infrastructure components to solve problems in public and private sectors. He is a Sun Certified Java Programmer and Developer and passed IBM's InfoSphere Streams Technical Mastery Exam. As a result of what he learned in the SANS SEC560 Network Penetration Testing and Ethical Hacking class, Joe scored 95% on the GIAC Penetration Tester certification exam and looks forward to helping other's do the same.

Squire, Jonathan

Jonathan Squire is a founding member of the Information Security Group of a well known publishing and media company. Jonathans expertise covers a wide range of skills including security architecture, incident response, hacker attack and defense techniques, reverse engineering, and extreme curiosity in how everything works. While working at his day job, Jonathan is credited with accomplishments that include developing an Information Security model for the enterprise, architecting a secure, centralized credit card processing solution, and guiding the design of the security infrastructure deployed throughout many customer facing properties. Mr. Squire is also responsible for providing direction in governance and industry best practices. Jonathan regularly scopes and leads penetration testing and security assessment initiatives, as well as providing guidance for corrective actions and performing debriefings across all levels of the organization. In his spare time, Jonathan is known to enjoy disassembling any piece of technology that cost more than $20 just to find out what else it can do. This propensity for abusing technology is easily witnessed by viewing the buckets of broken parts strewn throughout his basement as well as the creations that rise from the rubble. Jonathan has presented on many of these creations and the flaws that allowed the security to be bypassed on these systems at conferences including BlackHat and Hack in the Box. Jonathan is very passionate about information security and always strives to challenge the status quo and to improve everything he can. Jonathan shares that passion with his student in his teaching style and his genuine willingness to share and engage students in all topics related to information security.

Sternstein, Jon

Jon Sternstein has years of experience in the security industry and has been a lead contributor to securing a wide variety of environments from the education to financial and healthcare. Jon is the co-chair of the Technology Resources Workgroup at the North Carolina Healthcare Information and Communications Alliance (NCHICA). Jon has worked on both the offensive and defensive sides of the security industry. He graduated with a B.A. in Computer Science, minor in Business Studies, and holds GPEN, CISSP, CCNA, Certified Ethical Hacker (CEH), and many other security certifications. He has presented at DerbyCon and Raleigh Security B-Sides conferences and is one of the organizers of the Raleigh B-Sides conference.

Jon has a strong passion for security and experimenting with new technology. He has always been a supporter of teaching and knowledge sharing. Outside of security, Jon enjoys traveling the world, great music, and playing guitar.

Szili, David

David was about 10-years old when he got his first computer, a 486DX2. One of the first games he played was Sim City, but he was pretty bad at it, always ending up with a bankrupted city after 10-15 minutes. For some reason it was a lot easier for him to open the binaries of his saved games with a hex editor and overwrite the amount of money he had. Since then, David keeps on bending and twisting stuff to see what else can be done with things in addition to their original purpose.

Taylor, Ron

Ron has been working in the information security field for the past 15 years. He worked as a consultant for ten years, gaining experience in many areas. For the past five years he has been working as an engineer for Cisco Systems in RTP. His focus is on evaluating the security of Cisco products and working with the development teams to implement high security standards. Ron is a subject matter expert in DISA STIGās and web application penetration testing. He also holds many industry certifications including GPEN, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP and MCSE.

Thomas, Sean

Sean Thomas has over 15 years of Information Technology experience in Higher Education. He has worked in various roles over the years including desktop support, networking, academic systems administration, Windows and Unix/Linux server administration, and is currently focused on IT Security. Sean has a Bachelor of Business Administration in E-Business Technology and has held MCP and RHCT certifications. Sean has experience with IDS/IPS, firewalls, packet analysis, vulnerability scanning, forensic analysis, and security assessments. He was an integral part of the development of the Security Services team at the University where he is currently employed. As part of this team, he has led initiatives in support of academic research, student services, and policy development. Sean currently holds the GCED and GCFA certifications.

van Niekerk, Colin

Colin van Niekerk is an avid technology enthusiast and Information Security Specialist who broke his first computer at age 8. By age 12, he had coded his first game, which included a simple, home baked Artificial Intelligence engine and at 15 he was sneaking out of bed at night to read his fathers BSc Computer Science textbooks.

In more recent years, he has attained the GCFE and GCFA certifications and joined the SANS/GIAC DFIR Advisory Board. Honours and awards include winning a Netwars tournament and a Lethal Forensicator Coin.

Colin is currently a Security Specialist within a large health insurance and financial services company where he spends his days either on Linux servers, buried in his digital forensics lab or consulting to the business on security related matters.

Colin tweets sporadically (@colinvanniekerk) and his LinkedIn profile is available here:

ventura, brian

Brian has 20+ years in Information Technology, ranging from systems administration to project management and information security. He is an Information Security Architect at the City of Portland. Brian obtained the CISSP certification earlier this year and has previously been certified with Linux and Solaris. Brian has always been eager to promote others learning and sharing solutions with the community.

Villanti, Jon

Jon Villanti is an IT Security Manager with a Fortune 50 financial services company in Houston, TX. He has 22 years of IT experience; 12 years focused in IT security.

Prior to his current role, Jon has worked as an IT Security consultant, VP of Operations, CIO / VP and CEO. Jonās private sector experience is augmented by over 20 years of Air Force experience, ranging from Intelligence Operations, Fighter Pilot, and Cyberspace Operations.

As a SANS mentor Jon enjoys working with students to realize their own āEurekaā moments, mastering relevant curriculum in support of personal and professional goals.

Jon holds several IT Security certifications including CISSP, GPEN, GCIH and GSEC. His LinkedIn profile is You can follow @houston_jon on Twitter.

Waite, James

James Waite is the founder of Assuagent Ltd. He is an experienced professional with over 25 years in the IT industry. His experiences include SIEM systems design and setup, incident handling, intrusion analysis, network and perimeter security, desktop and server security. James Waite also is experienced with developing information security policies / standards / procedures. He is experienced in mid-range and mainframe operations, application development, network server operations, hierarchical storage management and LAN/WAN network design and implementation. Mr. Waites diverse experience provides a valuable understanding of the interactions of software and hardware in a heterogeneous computing and how this affects information security environments. Mr. Waites education and training includes: GIAC Certified Intrusion Analyst GCIA GIAC Certified Incident Handler GCIH GIAC Security Essentials GSEC CompTIA Security+

Yuwono, Edward

Ed started off his humble beginnings as a tinkerer, fighting boot sector viruses then fell in love with Security.

He has worked on projects both from a technical and a managerial perspective spanning several industries and countries. Currently holding a CISSP, GPEN, GCIH, GCWN amongst others, he is working towards obtaining his GSE.

Ed enjoys socialising with like minded people, thrives on technical, social, managerial challenges and is always ready to assist with worthy challenges.