Mentor: Bios

Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Ali, Ahmed

Ahmed Ali is currently the Head of Technical Department at Contego Solutions where he consults for clients on Information Security, Incident Response and Digital Forensic requirements. Ahmed is certified in different technical qualifications which include MCP, MCSA, MCSE, CCNA, CCNP, ACE, EnCE, GCIH, GCFE, GCFA . Ahmed has over fourteen years of experience in Information Security, Incident Response and Digital Forensic Solutions Design, and Deployment. With his extensive knowledge in Digital Forensics, he has consulted for enterprises, government and law enforcement agencies on designing secure digital forensic labs with the latest digital forensics solutions. Ahmed is specialized in Digital Forensics Laboratories Design, Digital Investigation Systems, Computer Forensics Systems, Mobile Forensics Systems, Network and Media Forensics Systems, Incident Handling and Response. He has also trained commercial and government agencies on IT Security and digital Forensics acquisitions and analysis. Besides consulting and advising clients across the GCC, Ahmed previously worked at First Information Security and Etisalat.

Arndt, James

James Arndt has been to numerous SANS training events and would like to share his knowledge gained with you. With his passion for security and years of classroom experience, you will gain practical knowledge and skills to take back to your company. James is a Security Engineer at the American Transmission Company based in the Milwaukee area. There he focuses on access management, vulnerability management, and reverse engineering whatever malware or malicious document comes his way. You might also find James hanging out with his family, playing guitar, or tinkering around in his basement lab.

Baker, Chris
Chris Baker is a Director in the IT Security Services group at GlaxoSmithKline where he leads the services that deliver the IT controls that protect the company's network, servers, web and mobile applications, and data. He has led many incident response and vulnerability remediation efforts and has been working for over 20 years in the healthcare industry to promote information protection and IT security. Chris is an active member of the information security community and looks for every opportunity to both learn and encourage others to gain a deeper understanding of the fascinating and often intimidating world of information security. He knows that striking the best balance between security and usability depends on having a clear understanding of the risks that vulnerabilities and threats pose to the business and being able to articulate those risks to senior business leaders. Chris regularly takes part in security training, conferences such as Shmoocon and BSides DE, and capture-the-flag challenges to apply and grow his skills and understanding. Chris earned his MBA from Drexel University with concentrations in both Management Information Systems and Corporate Finance and holds several professional and security certifications including GPEN, CISM, and a Six Sigma Black Belt.
Beatty, James

James has been involved in technology since the mid 80s, and has provided security leadership over the past decade in a variety of environments from education to health care and retail, from medium to large enterprise.

Borso, Serge

Serge Borso is the owner and principal consultant of SpyderSec and a SANS Community Instructor. He is an active member in the information security community and has consulted with dozens of organizations to improve their security posture. He has previously developed enterprise vulnerability management programs, created security awareness training solutions and worked to implement a transparent biometric security system for over one million unique online banking users to help combat fraudulent transactions. Currently Serge leads penetration testing engagements and is responsible for the vision, strategy and product/service offerings of SpyderSec.

Serge has lead a number of private training events and presents regularly at public speaking engagements; with the SANS Institute he teaches SEC542: Web Application Penetration Testing and Ethical Hacking. Serge earned his Master's Degree in Computer Systems Security from Colorado Technical University and holds several security certifications including: CISSP, GPEN, GCFA and GWAPT.

Boyles, Tim

Tim Boyles is the Security Administrator for a Dallas based security company. He brings over 19 years of experience in the IT field. He has worked for the U.S. Navy, a network consultancy, and various other industries, always involved in networking and security.

He has been involved in security architecture, regulatory compliance, intrusion detection, penetration testing, vulnerability assessments, web application security assessments, and uses many security tools over the course of his work.

Curtis, Michael

Michael A. Curtis (Mike) has over 20 years of experience in the security field and has held several key leadership positions at Rollins, Virtual IT Experts, and Additionally, Mike is active in the security community having served as a past member of the Symantec Customer Advisory Board, and is an officer in the Atlanta (ISC)2 Chapter. Mike holds a BSEE, cum laude, from Northeastern University, an MBA from Bentley College and a CISSP.

Drews, Melvin

Coming from a long background of designing, implementing and supporting enterprise IT systems, Mel Drews found himself working in information security rather by accident 10 years ago and found a passion there. His security-focused experience includes security curriculum development, penetration testing, vulnerability and risk assessment, program development, audit, and miscellaneous consulting for U.S. and international entities, primarily in government, financial services and energy sectors. Mr. Drews currently works with a global financial services firm with responsibility for software security. He holds the GCFE, CISSP, CISA and Project+ certifications.



Elovitz, Steven

Steve Elovitz is currently a Manager within Mandiant's security consulting team. Mr. Elovitz has a broad range of experience in the industry and has delivered both proactive and reactive services to government and commercial clients. Steve has significant experience in IR, forensics, as well as penetration testing. Steve graduated from Pennsylvania State University with a BS in Information Science and holds multiple certifications including: GREM, EnCE, CEH, and CISSP. Throughout his career, Steve has gained experience as a sysadmin, a developer, and as both a red team and blue team analyst.†

Gorenflo, Jonathan

Jon has worked in Information Technology for over 10 years, and has focused on Information Security for the last 7 years. He is passionate about security, and loves trying to ignite that passion in other people. Jon was a Warrant Officer in the Army Reserve, where he served for over 11 years. He currently maintains the GCIH, CISSP,MCSE: Security and Security+.

Hadder, Allen

Allen Hadder has been in the IT field for over 20 years. Most of his 20 years of experience has been as a consultant for small to enterprise businesses in the financial, retail, and education industries.

Allen currently holds the GIAC GSEC and GCIH certification. In past years he has also earned his MCSE, Cisco CNA, Citrix CEA, and VMware VCP.

He also has a passion for teaching and educating people about information security.

Harris, Mike

Mike Harris is an Information Technology Cyber Security Professional holding certifications as a Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Information Security Professional (GISP), Cisco Certified Network Associate Security (CCNA-Security), Cisco Certified Network Associate (CCNA), Red Hat Certified Technician (RHCT), and Red Hat Certified Systems Administrator (RHCSA). Mike has additional technical certifications which include Digital Forensics Examiner, Network Protocol Analyst, Project+, Linux+, and A+. Mike will soon graduate with a Bachelor of Science in Information Technology Security. Mike is the founder and former board member of TinkerMill, a non-profit organization dedicated to furthering the knowledge of our kids, adults, businesses, and municipalities in the use of high tech with the incorporation of creativity and art. He is also a Red Team Member of the Rocky Mountain Regional Collegiate Cyber Defense Competition. Mike has built a CSIRT from the ground-up, including a secure infrastructure using Linux systems (Red Hat and Ubuntu). Mike has extensive knowledge as a Technology Security Auditor conducting assessments, measuring vulnerabilities, security posture on internal and external networks, and account activities for insider threats and abuse.

Knaffl, Bill
Bill has a Bachelors of Science in Criminal Justice from the University of Alabama Birmingham and a Master's of Science in Technical Management from Embry Riddle Aeronautical University and currently holds CISSP and GISP. Bill began his career in computer technology in the early 1990's while working at the University of Alabama Birmingham. There, he learned many of the widespread platforms and operating systems, employing computer troubleshooting and virus removal skills. He has been employed with Northrop Grumman for 14 years, during which he has performed several roles including desktop support, client engineering, systems engineering, and most recently information security.
Lawton, Timothy

Tim Lawton is an Information Security professional with over twelve years of experience in the IT industry. In those twelve years, his focus has been on network/system security and as worked in both the financial and retail industry. He currently is the Information Security Officer for his organization. He currently holds the GSEC certification and is part of the GSEC Advisory Board. In addition to his GSEC, he holds various √¬Vendor-Specific√¬ certifications as well.

Lemon, Joshua

Josh Lemon is the Cyber Security Incident Response Team Manager for the Commonwealth Bank of Australia and manages one of the largest dedicated incident response teams in the commercial sector in Australia. Josh has over 10 years of experience in the cyber security industry and has previously worked as a managing consult for BAE Systems Applied Intelligence where he managed all technical cyber security services for the Asia Pacific region and oversaw large and complex incident response engagements.
Josh has provided incident response, digital forensics and penetration testing services to Government, Law Enforcement, and the Commercial sector. He is also one of the co-organisers for SecTalks in Sydney, a monthly information security community event dedicated to presenting and teaching technical information security skills to others.
Josh has a varied background in the cyber security industry ranging from; Project Management, Lead Incident Responder, Forensics Analysis, Reverse Engineer, Penetration Testing, Secure Network Design, and Software Development. He currently holds a GCFA, GNFA, GCHI, GPEN and CCNA certification and also guest lectures on Digital Forensics at Universities in Sydney, Australia.


Little, Iain
12 months as a Cyber Security Analyst / Team Lead with the ADF CIRT. 14 years as a systems/network administrator and team leader in the ADF.
Martin, Matthew

Matthew is currently the

manager of Infrastructure Vulnerability Identification at a Fortune 100 financial services institution. In his role, his team is responsible for rating and scanning for vulnerabilities. In previous roles, Mr. Martin has been responsible for building and running a security metrics program, leading a standards and policy redesign, served as a liaison to internal audit, and was a data in motion and data in use subject matter expert.

Matthew has an MS in International Economics from Valparaiso University and attended MBA school at UNC-Charlotte; as well as completed a certificate course at Harvard University in Leadership Communications. He currently holds the GSLC certification. Find Matthew on LinkedIn at and follow him on Twitter @MattMartinGFT and also at

Nicholson, Ryan

Ryan Nicholson has over 14 years of technical experience with 11 of those years in the cybersecurity field. Starting as a DoD intern fiddling with Solaris and Cisco networking, he worked his way up to a team lead position auditing various networks for security compliance of known and emerging threat vectors. Now, as a cybersecurity instructor and technical lead, his focus and passion is on spreading his wealth of knowledge to the community to better posture them for their major roles in cybersecurity. Ryan has obtained the GSLC and has attended several SANS and vendor conference to increase his knowledge in his field of expertise.

Panico, Agostino

Agostino is an IT SEC enthusiast,†always looking to learn more, and putting†into practice what he learns. He has been†enjoying IT since 1991 when he was 5 years old, with his first love: Commodore 64. Agostino has been pentesting professionally since 2007. He†holds†a Master Degree in Computer Science, and he is a candidate for a†PhD in Incident Handling and Penetration Testing. Agostino is excited to be mentoring for SANS because it provides an opportunity develop a one-on-one relationship with the students as they learn the material and how it applies to their environment.

Peterson, Lisa

Lisa Peterson CISA, CRISC, CISSP has worked in Information Security for 20 years, and is a Security Analyst for Progressive Insurance. Her current focus is in governance, risk and compliance. She is a part-time instructor at Cleveland State University and also speaks on security topics. She serves on the board for the Information Security Summit, the Northeast Ohio chapter of ISACA, and the Northeast Ohio chapter of CSA.

Petsche, Don

Don has worked in information technology for over 20 years holding certifications including CNE and MCSE. He is GSEC and GCIH†certified and anxious to assist anyone looking to further their knowledge of security essentials. Don has worked in the fInancial industry, followed by a brief period in retail, then spent a little over a year working with the founders of a very well known Independent Consultants Exchange. While independently contracting, Don has worked in multiple states on government identity and health related projects. Don now works as a technology specialist leading a small team of government infrastructure specialists. He holds the title of Chief Information Security Officer at a state health department among other duties as assigned. In addition to his work at the state department, Don works part time with a team of dedicated enterprise security professionals managing SIEM deployment.

Robinson, Christopher

Chris Robinson graduated from the United States Naval Academy with a B.S. in Computer Science and served over 6 years in the United States Navy. †He then began his IT security career as a consultant for Booz Allen Hamilton.† Chris then attended graduate school full time at San Diego State University earning a M.S. in Computer Science.† Following graduation, Chris worked as Computer Scientist for the Navy and was an Adjunct Professor at San Diego?s Mesa Community College.

Chris then transitioned into ICS security and is currently a Senior Security Consultant for Cimation in Houston, TX where he regularly works on ICS cybersecurity projects in the Oil and Gas Industry.† Chris has learned first-hand the unique requirements and operational constraints for securing ICS environments.† Chris has obtained the CISSP and GICSP certifications and attended several SANS and industry conferences, although the SANS conferences are always the best.

LinkedIn Profile:

Seiler, Heather
Heather was fortunate enough to enter IT at a time when the only prerequisite for a job was the ability to turn on a PC. Starting on a helpdesk, she worked her way up through systems and network administration, finally stumbling into information security after being told her job responsibilities suddenly included firewall log review. In 2006, Heather received her Masters in Information Assurance from Norwich University and has since earned several SANS certificates and her CISSP. Heather currently works as an information security architect for an international tire distributor after experiencing such diverse industries as insurance, accounting, real estate, banking, and healthcare. She loves helping people learn and is excited to have the opportunity to teach!
Thomas, Sean

Sean Thomas has over 20 years of Information Technology experience in Higher Education during which he has been involved in various aspects of IT including desktop support, networking, academic systems administration, and Windows & Unix/Linux server administration.† For the past several years, Sean has been focused on IT Security and is currently a Senior Information Security Analyst with the world's largest, fully accredited university specializing in aviation and aerospace. He was an integral part of the development of the Security Services team at the University.† As part of this team, he has led initiatives in support of academic research, student services, and policy development.† He has experience with IDS/IPS, firewalls, packet analysis, vulnerability scanning, forensic analysis, and security assessments.† Sean is also part of the SANS OnDemand QC team.† Sean has a Bachelor of Business Administration in E-Business Technology, has held MCP and RHCT certifications, and currently holds several GIAC certifications including GCED, GCFA, and GCIH.

Vedaa, Charles

Charlie Vedaa has more than a decade of security operations and engineering experience. He holds several GIAC certifications, including the prestigious GSE. Charlie has a background in network engineering and has been a CCIE since 2001. He's also presented at top security conferences, including DEF CON, Summercon, and HOPE.

Vest, Joe

Joe Vest has worked in the information technology industry for over 17 years with a focus on red teaming, penetration testing and application security.† As a former technical lead for a DoD red team, he has extensive knowledge of cyber threats and their tools, tactics and techniques, including threat emulation and threat detection.† Joe is the co-founder of the security consulting company MINIS LLC, providing innovative solutions for the mitigation against an ever-changing cyber threat.† As a leading security professional, he has achieved numerous security certifications: OSCP, CISSP-ISSMP, CISA, GPEN, GCIH, GWAPT, CEH, Security+

Voorhees, James

Jim Voorhees was named MSISM Program Director of SANS Technology Institute (STI) in November 2011. A graduate of STI, Dr. Voorhees has had a varied career in government and private industry. He earned his Ph.D from the Johns Hopkins School for Advanced International Studies after earning degrees in International Affairs from the George Washington University and working on the editorial staff of the International Food Policy Research Institute. After writing a book for the Kettering Foundation (Dialogue Sustained) and experience with Kettering, the Congressional Research Service, and IREX, Dr. Voorhees entered the IT industry as a technical writer, he quickly moved on to systems administration, then IT security and SANS. He has worked on security at several government agencies, including the FBI and the IRS, and currently works for Sage Management as a Network Security Engineer on a DOD contract.