Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.
Rafael is currently employed as a Pentester and Ethical Hacker at Ernst & Young. In the past, he worked as a technical security consultant for various organizations and the local government (CSIRT-CV and GVA) in Spain. In the last 7 years he gained experience doing Penetration Testing, Incident Handling, Intrusion Detection and securing environments. Rafael is also a member of the GIAC Advisory Board (SANS Proctor) and a Mentor teacher by SANS Institute. He has a five-year degree in Computer Science and currently holds the CNAP, CISA, GCIH, GPEN, GAWN, GCIA, GCFE and GCFA certifications.
Derek Armstrong is an 15+ year veteran of the IT world. He started out as a civilian with the Canadian Armed Forces after receiving his Computer Science degree. Over the years he has moved up the ranks, and involved almost every aspect of IT operations and security. Currently he is a senior information security analyst with the Alberta Health Services specializing in cloud and 3rd party security. He holds the G2700, GCIH, GREM, and CISSP security certifications. Along with a mass of other certifications and courses, he has managed to engage almost every sector of information technology. In addition to his work, he is the current maintainer for the Mozilla Firefox security benchmark from CIS (Center for Internet Security). With his system administration and security background, he is thrilled at being able to pass along some of his knowledge and experience with the Hacker Techniques, Exploits & Incident Handling course from SANS.
David Bernal Michelena holds a bachelors degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since July 2013, he is a member of Security Events team at Alstom, a world leader company in energy and transport solutions. Alstom has a huge network, formed by about 80,000 hosts and servers distributed worldwide. He was attracted by the challenge that represents defending such a large network, having the opportunity to use and enhance Alstom cutting edge technologies and applying his forensic abilities to bring value to the team. His main activities are incident response, security patching management, malware analysis and remediation, forensic analysis, IPS/IDS and correlation management and optimization.
He formerly served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitums clients. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
In November 2010, David was one of the main instructors in the forensics workshop on LINUX systems at the prestigious local event UNAM security conference. From August 2009 to July 2011 he worked as an incident handler and forensic analyst in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico.
In August 2010, he was one of the winners of Honeynet 5th Forensic Challenge, log mysteries. In 2011 he gave his first SANS 508 Advanced Computer Forensic and Incident Response course in Mexico, in 2013 he gave his second course. He loves teaching, specially InfoSec courses.
David is GCFA, GCFE and Access Data certified. He also likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to play the piano.
Doc Blackburn, CISSP, has 15 years of professional, and over 30 years personal, experience in system and software design, server and network administration and website programming. His interest in computers started in 1982 when he first started programming in DOS on a Texas Instruments TI-99 4a and continued as a dedicated computer hobbyist until he decided to make information technology a full-time career. He ran a successful IT consulting, hosting and design firm for 12 years until he found his passion was in systems security and compliance. His well-rounded experience includes hardware, software, network design, management, administration, systems security and compliance. He has vast experience at various levels of information technology from support to management. Recently, he has been heavily involved in the technical design and implementation of NIH approved FISMA compliant information systems. He holds ITIL, CISSP, and GIAC GSEC and GSLC certifications along with a Bachelor's degree from the University of Arizona. He is a Masters student at SANS Technology Institute (STI) pursuing a Master of Science Degree in Information Security Management. He is currently the Security Administrator for the Colorado School of Public Health at the University of Colorado.
"In my professional career I have recruited, hired, trained and mentored several highly technical individuals to excel in their professional development and an excited to do the same through the SANS Mentor program. I have a blog at http://docblackburn.blogspot.com explaining cyber-security to non-technical users in language and terms they can understand."
Duane is well-rounded professional with over six years' experience in security, including cryptography, two-factor authentication, U.S. border security planning, threat entity resolution, social engineering, and non-destructive entry. Duane holds an AAS in electronic engineering, a BA in foreign langauges, an MA in linguistics. He is a CISSP and GPEN, and is working toward the GSE and OSCP. He has two patents pending and continues to pursue research professionally and independently. Ever the thrill seeker, Duane spends his free time mountain biking, kayaking, and guiding whitewater rafters. He has lived in China and Mongolia and eaten more types of protien than many people can name. He is very excited to be mentoring SEC 560 as it contains the highest volume of hands-on material of all the SANS courses, and offers something for everyone. He loves technology and teaching, and especially loves combining the two. You can keep up with Duane at FooLionInfoSec.com and @FooLionInfoSec.
Dan Bougere has over ten years of experience in the information technology field. He currently works for ManTech International, Inc. as a Principal Security Engineer in the MCIS division for a customer in Northern Virginia. He has also been a Network Vulnerability Analyst at the NSA and an Intrusion Detection Analyst for Secure Mission Solutions on contract to the High Performance Computer Modernization Office's DREN/SDREN network. Dan holds a B.S. in Software Engineering Technology from the University of Southern Mississippi, an M.S. in Information Assurance from Capitol College, and an M.S. in Technology Studies from Eastern Michigan University. He also holds the CISSP, GCIH, GCIA and multiple other industry certifications. He is also currently pursuing the GSE certification. Dan enjoys being a computer geek, and loves spending hours talking and geeking out with fellow like minded individuals. He has done various informal and formalized training sessions, and takes pride in making sure that he keeps his students/attendees interested and involved in the subject matter. There are aspects of computer security that can be exciting for anyone, and he makes sure that carries over to his training. http://www.linkedin.com/in/dbougere/
Rick has ten years in IT with six of those explicitly dedicated to InfoSec
Rick has an associate degree in Information Technology and a bachelor's in Network Security and Forensics. Rick holds the following certifications; CISSP, GISP, MCSA:Security, CCNA:Security, CompTIA A+, Network+, Security+
Rick's InfoSec experience includes the network security infrastructure for a major health-care system in the Eastern United States, and more recently the security infrastructure for an energy company with operations in refining, logistics, and convenience store retailing.
Rick has also taught information security courses for two technical colleges in the Knoxville, TN area, one of which is an NSA National Center of Academic Excellence in Information Assurance Education. Rick is a member of InfraGard and the ISSA.
Rick is excited to mentor this course because he loves the information security field and enjoys teaching. "I love to learn and enjoy passing on that knowledge" "I like the feeling of helping someone along their career path"
Not only has Mr. Corll worked in many different environments, but he has worked in many roles, both internal and external. He has been the auditor who validates processes and ensures compliance as well as being the internal security engineer who implements policies and makes changes necessary for that compliance.
Recently Mr. Corll was able to participate in the information security group at a Fortune 500 company and own (5) processes that were required for ISO 27001 certification. Thanks to his dedication in working with the auditing and compliance group, and his work with the external auditors, his company was awarded that certification.
To validate knowledge Mr. Corll has also obtained multiple security related IT certifications. These include: CISSP, SANS GCFA, and GSNA. Former certifications range from: Solaris SCSA, CheckPoint CCSE, Cisco CCNA, and MCSE+I). By having multiple SANS certifications Mr. Corll is able to reference the differing classes and make recommendations on the students attending the other courses if they want in-depth training in that area.
Chris is currently a Chief Information Security Officer at Sharecat Solutions, administering the security challenges of a medium sized, multi country business. Along with a lot of security expertise, Chris also has a background in system development and application management. His vast amount of experience within the many different areas of IT has worked as an excellent precursor for his security enthusiasm.
Chris is an open, sharing, and fun person to be around. He is enthusiastic and motivating as well as positive and optimistic. A fun day for Chris is when he is penetration testing, problem solving or discussing program code or network protocols. He is passionate about security, both IT and physical security and his favorite part is web application security.
Inspired by people like Ed Skoudis, Chris is an aspiring security professional. He is driven by mottos like "Magic is just science we don't understand yet" and "Think bad, do good". Chris looks forward to teaching and sharing his experience with his students. You can learn more about Chris via:
Wayne has been in the IT and information security industry for 14 years building networks and developing security programs. He has worked for a number of banks, a credit union, a national laboratory and a major lender in his home state. These positions have ranged from him being the IT department to working in an organization of 12,000. He has seen the wide range of needs, budget, and attitudes that IT must work with each day. This experience in the financial and defense industries makes him no stranger to regulation and solving problems in very creative ways. His broad range of knowledge and experience has earned him the CISSP, GIAC GCFW, MCITP:Server Administrator, Network+, and A+ certifications. He looks forward to mentoring because he enjoys learning himself and sharing his knowledge and experience with others.
Jason has been practicing in the technology industry for 10 years. Security has always been a major focus, and his sole focus for 4 years.
Jason has an ardent interest for following trends and identifying new technologies and relevant applications. His devotion to continuous learning and research keeps him ahead of the curve. He currently holds GSLC and GSEC certifications.
Currently employed as a Technology Security and Compliance Manager, he has working knowledge of various security related technologies and vendors. Such technologies include Rapid 7 Nexpose and Metasploit, Logrhythm SIEM, and Palo Alto Networks Next Gen Firewalls. Working specifically in the realms PCI-DSS Compliance, and SOX Compliance, Jason has experience with leading, deploying, and evaluating compliance programs.
Recently, Jason obtained his first SANS Challenge Coin (RMO) during his SEC504 training by being a member of the SEC504 Capture the Flag winning team at SANS Chicago 2013.
Jason has a great ability to communicate technical concepts in a non-technical manner, and welcomes the opportunity to share his knowledge and experience.
Sandra (Sandy) Dunn has over 20 years in the software and hardware industry. Initially starting out in Software and hardware sales she worked with NASA, JPL, Secret Service, IRS, and other Federal Agencies to determine their Server, PC, and Notebook sales. At HP she has worked as a Digital Sending & Security Analyst for HP MFP printers on the Competitive Intelligence team, an ACT Engineer for the Accreditation team for HP that certifies partner solutions with her focus being on security & regulatory, a Security Engineer on the Inkjet PSO team and has just joined the HP Cyber Security team as a Cyber Security Engagement Manager. She has a CISSP, Security +, ISTQB, SANS GSEC, GWAPT, GCPM and is a SANS Mentor. She has two children, a wonderful husband, too many horses and lives outside of Boise Idaho.
Linkedin Profile www.linkedin.com/pub/sandra-dunn-cissp/10/974/472/
Mark Elliott has served as an information security professional since 1999 and an information technology professional since taking his first class in computer programming in 1988. He is a retired Army Warrant Officer, having served over 34 years in the Army and the Army National Guard. He has conducted numerous red-team and blue-team assessments and is currently the lead security engineer on a government contract. He holds the CISSP, GCIH, and GCED.
Jesse Fernandez currently works as a Senior IS Audit Specialist in the insurance industry. In his role, Fernandez conducts complex information security audits. During 2012, Fernandez worked with the PCI Security Standards Council to develop guidance around conducting a PCI DSS risk assessment in the role of Content-Coordinator to ensure document consistency, technical soundness, and assist in the development of the table of contents. Fernandez holds the GSLC, GSEC, GCED, GCIH, CISSP, and CISA certifications, has over ten years of industry experience, and has been a guest speaker for SANS, ISACA, and the ISSA.
Matt Foreman is the Lead Security Consultant and a Managing Partner at Shield 7 Consulting. A Security Consulting Firm based in Maryland with customers ranging from Hospitals to Energy Companies and Fortune 1000 clients. Matt is the lead of the Penetration Testing team, and Security Architecture Team. He also is a co-founder of the Primal Security Podcast and Blog; which focuses on CTF's, Malware Analysis, Penetration Testing, and Security Research. Mr Foreman has been in the Security Industry for over ten years, and has held positions ranging from Firewall Administrator, Penetration Tester, and developing a Managed Security Practice.
Rob Freeman has been in the Information Technology field for over 15 years and has worked in many different areas of IT with a goal of moving solely to a Security focus. For the last few years Rob has focused his career solely on the field of Information Security and works diligently to learn how to mitigate and protect against the latest threats. When not learning new technologies Rob can be found writing bad classic Rock music, creating animated movies, or failing in his attempts to get his pet dog to sit. Rob currently holds the GSEC certification.
After serving the country in the United States Navy for 8 years, Charles (Chip) Greene began his career in Information Technology. Over the next 18 years, Chip has held positions in Support, Design, Research and Development, Education, Disaster Recovery, and most recently in Information Security. As a Senior Information Security Analyst, Chip leads the Identity and Access Management Team at Virginia Commonwealth University Health Systems. Chip has received a Bachelor's Degree in Information Systems from Virginia Commonwealth University, and a Master's Degree in Disaster Sciences from the University of Richmond. He currently holds a GIAC Security Leadership Certification and previously held the Cisco Certified Security Professional certification. Mr. Greene was also honored with an Outstanding Educational Performance Award from the University of Richmond upon graduation from his Masters program. Education and training are extremely important to ones career and Chip believes that it is important for everyone to take advantage of the opportunities presented to them. The SANS Mentor Program is an outstanding way for Information Technology Professionals to gather, learn and develop from each others experiences and knowledge.
Matthew J. Harmon brings two decades of security industry knowledge, international standards development experience, penetration testing and incident response and a deep understanding of underlying technologies to his sessions. Having consulted for many fortune, government, and not-for-profit organizations, Matthew is familiar with the day-to-day challenges of businesses today. Mr. Harmon is the owner, security researcher and consultant for IT Risk Limited based out of Minneapolis, Minnesota and frequently presents at conferences and for security associations.
Dave Harris is a Senior Principal Systems Engineer at General Dynamics-Advanced Information Systems. He has spent 25+ years in Information Technology including software and database design and development (Oracle, Java, C/C++), systems engineering, enterprise data modeling and architecture (DoDAF). He currently works on a research and development program investigating the use of Big Data technologies and analytics in network defense operations.
Dave has also been involved in the development of cyber event indicator systems and automated malware analysis systems for the Dept. of Homeland Security. In addition to the PMI-ACP (PMI Agile Certified Practitioner) and CompTIA Network+ certifications, Dave holds the (ISC)2 CISSP, (ISC)2 CSSLP (Certified Software Security Lifecycle Professional) and GIAC Reverse Engineering Malware (GREM) certifications.
Dave enjoys going on malware analysis and pen-testing adventures with the malware analysis lab in his man cave and networking with like-minded folks. His desire is to provide hands-on, example-oriented experiences with students and looks forward to what he will learn from students in the process of mentoring and teaching.
James Harris got his first job in information security at the age of 15, as the administrator of a BTI-4000 mainframe for his high school in Durham, NC, and at age 16 added a second part-time job assembling and testing computers at a small PC integrator called Dramen Computers.
After earning his degree in Physics from North Carolina State University in 1994, Jim went to work at IBM as a hardware engineer for the PC Company, specializing in the design of computer graphics and video systems. Jim was one of the founders of the Digital Display Working Group, and helped author the DVI specification. In 2000, Jims work on DVI led to a job as a Senior Field Applications Engineer with Silicon Image in, a semiconductor company specializing in high speed serial digital interface chips, where he worked helping to design Silicon Image parts into digital video and high-speed storage systems.
After the tragic events of 9/11, Jim decided to go to work as an FBI Special Agent. His first field office assignment was in the Sacramento, CA field office, where he worked mostly cybercrime matters, specializing in Internet Crimes Against Children. Jim worked heavily in Computer Forensics as a member of the FBI CART team, earning his Encase Certified Examiner status in 2007. In 2009, Jim became the supervisor of the Cyber Squad in Sacramento, as well as the Commander of the Federal Cyber Crime Task Force there. Jim earned his ISC^2 CISSP certification that same year. In 2010, Jim was selected to a supervisory position at FBI Headquarters Cyber Division, and served in a number of positions, including as the Senior Liaison Officer to the United States Computer Emergency Readiness Team (US-CERT). In 2012, Jim earned his GSEC certification, and later that same year became the Assistant Section Chief of the FBI's Counterterrorism Internet Operations Section.
Jim left the FBI in 2013 to go to work for Obsidian Analysis, A Washington, DC-based professional services firm providing analytical and policy consulting for homeland security, national security, and intelligence decision makers. As the Senior Specialist for Cybersecurity, Jim advises clients on policy and preparedness in Cybersecurity. Jim's enjoys hearing himself speak, and can't wait to teach others!
David Hazar is a seasoned IT security professional with a broad technical background that includes experience in both network and application penetration testing, software analysis, design, and development, database development and administration, network/server analysis, design, and administration, data center design and implementation, technical support, and telecommunications. He holds both a Bachelor of Science, Informaiton Systems and a Master of Information Systems Management from Brigham Young University. He is currently employed by Aetna as an Information Security Architect. He holds the CISSP, GCIA, GCIH, Certified FAIR Risk Analyst, MCDBA, and ITIL v3 Foundation certifications and has previously held both the CCNA and CCNP certifications from Cisco.
Justin Henderson is a passionate and dedicated Information Technology professional. He has been in the Information Technology field since 2005. Justin has a proven desire and ability to achieve comprehensive industry training and uses his knowledge and experience to mentor others. Justin has a high proficiency in technical platforms including operating systems, networking, security, storage, and virtualization but has also applied himself in governance, project management, as well as service management. Currently, Justin holds a Bachelors of Science in Network Design and Administration from Western Governors University and has over 40 certifications some of which are below: Networking - Cisco Certified Network Associate Virtualization - VMware Certified Professional 5 and VMware Certified Professional 5: Desktop Database - MySQL 5 Database Administrator Governance/Service/Project Management - Project Management Professional, ITIL Continual Service Improvement, Certified in Risk and Information Systems Control, Certified Information Security Manager Microsoft - Microsoft Certified Information Technology Professional: Enterprise Administrator and Microsoft Certified Security Engineer 2003: Security Security - GIAC Penetration Tester, GIAC Windows Security Administrator Certification, Licensed Penetration Tester, Certified Ethical Hacker v5, Computer Hacking Forensics Investigator, EC-Council Certified Security Analyst, Tenable Certified Nessus Auditor, Certified Sonicwall Security Administrator, Certified Information Systems Security Professional, Security+ Justin has also taught Network Security at Lake Land College. Some of his other achievements include mentoring individuals in the Information Technology field as well as developing the virtual dojo, a fully automated Cloud Computing solution showcase environment.
Nathan has 12 years of experience as a sysadmin and has always focused on security as a driving factor in designing systems. He was also a nominee for the Los Angeles Business Journal 2013 CIO of the year awards. He is excited to mentor a course to give back to the community that he has learned so much from.
Mike has eighteen years experience in the control system industry, in system design and delivery. Mike earned his Bachelor of Science in Electrical Engineering from Case Western Reserve University in Cleveland OH. Mike has earned his GSEC and GCIH certifications and considers information security to be an exciting area to grow in.
Cliff's professional career started 18+ years ago as a help desk analyst supporting mainframes and dial-up internet. He progressed through desktop support, desktop management and server administration and joined the security team in late 2008. The wide diversity of topics in security has Cliff thirsting for knowledge like he was a teenager again.
Cliff currently holds CISSP, GPEN, GWAPT, OSCP, MCSA 2000/2003 and Security+ certifications.
Occasionally (read rarely), Cliff will add something mildly informative to infosecandotherstuff.blogspot.com.
Ben S. Knowles, BBST, CISSP, GSEC, GCIH, GCIA, LPIC-1 (adric) is a technologist and researcher in the Atlanta, Georgia, USA area. In high school, he competed at the national level in Constitutional Law. He has been a professional computer security consultant, technical trainer, and system integrator and is currently certified as a black box software tester, internet security professional, incident handler and analyst, and Linux system administrator.
Ben has lectured lower division Mass Communications, Political Science, and Computer Technology classes on Digital Media and Intellectual Property Law and has taught basic computer repair, networking, and information security classes. Currently he is a security system administrator on the incident response team at the Atlanta office of a global IT services firm.
Sundar is SANS-GISF and GSEC certified and a senior software development leader with IMS Appature in Seattle. He earned the title of "Professor Sundar" from his previous team at Microsoft for teaching skills and has trained multiple teams on different aspects of software development. To make you think about information security the same way you think about physical security for yourself and your family is the holy grail. He is @sundarnut on Twitter for the latest #infosec topics, trends and incidents. Sundar aims to be a mentor so he can inculcate security as a fundamental technical trait and make it the best lecture you've ever taken!
Troy is an accomplished IT Professional with extensive experience on military and commercial networks alike. His expertise at the local and enterprise levels, for both the defense and operations silos, makes him uniquely suited to address a wide range of issues that can affect systems and critical infrastructure applications.
He has spent most of his career supporting the Department of Defense, first as a Marine, then as a contractor, and finally as Civilian, although he has spent time in the private sector as a IT consultant as well. He is currently pursuing a MS in Information Systems Computer Security Management degree, has earned a BS in Computer Networking degree, and holds certifications in multiple disciplines.
His certifications include: CISM, CISSP, GPEN, CEH, MCITP: Server Administrator, MCSA on Windows Server 2008, MCSE/MCSA: Security on Windows 2003/2000, ITIL v3 Foundation, Security+, Network+, and A+.
Currently, he is part of a team that architects, implements, supports and manages a wide variety of network security solutions while also working with other groups on a range of other activities such as incident response and electronic investigation.
Stephen says, "I have had the good fortune to see the IT and security worlds from a variety of perspectives. I have experienced the challenges of security practice on both a very small and very large scale. I very much enjoy technology and love getting my fingers into everything. Mentoring the material will help to keep it fresh in my mind and I expect that I will be able to learn some things from students as well." He looks forward to the personal networking that will also occur within this class.
He currently holds several GIAC certifications
William's career in information technology started early when he earned his Cisco Certified Network Associate (CCNA) certification just out of high school. In pursuit of a career where he could put this knowledge to good use, he shortly thereafter began work for Symantec, supporting a majority of their enterprise-class security software. While working at Symantec, William had an opportunity to support a plethora of different security technologies, including endpoint protection, perimeter protection and content filtering. He even spent time on the virus removal team where he expunged countless Nimda, Blaster, and Klez infections.
The majority of William's time at Symantec was spent on the intrusion detection, compliance and event management team, where he supported Symantec Network Security, Symantec Security Information Manager, Symantec Enterprise Security Manager, and others. For seven years, William worked for SELCO Community Credit Union as their Information Security Administrator, seeing numerous security-related projects through to completion. William now leads a team as their Information Technology Manager.
William is a holder of the CISSP certification and numerous GIAC certifications, including the little-known but prestigious GIAC Security Expert certification. Moving forward, William is focusing his energy on networking, collaborating and sharing knowledge with others. He is excited to share passion for the field with his peers in the classroom.
Timothy McKenzie has more than 15 years of IT and Information Security experience working in financial, government, defense contractor, and service related markets. Timothy has been trained in malware research and exploit development, expert penetration, and forensics work. He uses these skills professionally throughout his daily work, as well as placing within the top 5 in many CTF events. Timothy loves sharing the vast knowledge he has acquired to give back to the Information Security community.
Philip McNamara is an Information Technology veteran with 20 years experience. He started back when PC networks were new, Token Ring was something special, and PIX Firewalls booted from a floppy disk. Over the years Mr. McNamara has transitioned from Network Engineering, through Enterprise Operations to his current role in Enterprise Network Security. Though his efforts have primarily been in the Health Care market, security and incident response have always been a responsibility. As a SANs mentor, Philip would like to build on that experience and be able to share it with others.
Andrew is a security geek who enjoys learning about all things security. By day Andrew works as a DoD contractor for Secure Mission Solutions providing an array of security consulting services. By night he is researching, coding, or "geeking out" with the members of Primal Security Podcast.
Andrew holds numerous qualifications in the security industry, including, but not limited to GIAC (GPEN, GCFA, GCIA, GCIH, GREM, GSEC), OSWP, and CISSP. He plans to continue his quest for knowledge by pursuing the GIAC Security Expert (GSE) certification. Andrew looks forward to helping as many as he can on his way to GSE.
Paul has a passion for teaching and training new cyberwarriors in the never ending arms race against malicious network intrusions.
Paul currently holds the following industry certifications:
On learning hacking techniques to better know how to defend against them;
Know thy self, know thy enemy. A thousand battles, a thousand victories. Sun Tzu
Jose Manuel Mendez is at present a security consultant for Unisys Corporation. He has been working for more than 11 years in security policies and architectures definition and implementation and deployment of them in big local and top worldwide companies as well as local government. He also has a deep knowledge and experience in the SIEM field where he has been involved in the last 4 years in SIEM projects for big telecom companies and banks. He currently holds the CISSP, GCIH, GPEN, and GSEC certifications as well as several product certifications like Cisco CCNP Security, CCSP, ArcSight ACIA, ArcSight ACSA, CheckPoint CCSE NG.
Thomas (CISSP,GCIH) has been working in the information technology field since 1996 where he has worked in field IT service positions. Thomas worked as a Field Support technician for the faculty and staff at Santa Clara University in Northern California with a focus on malware remediation and leveraging Linux solutions to complex security and networking issues. As of May 2008, Thomas has worked as a computer forensics and incident response analyst in the Western United States. He also spent 12 months on a combat-tour deployment in Southwest Asia in a Computer Network Defense (CND) role and served as a vulnerability assessment analyst for the US Army. Thomas attended Forensics Response training at Carnegie Mellon University (CMU) and was asked to deliver and teach this course to military audiences. Thomas is currently serving as a US Army Warrant Officer for the Army Reserve Information Operations Command (ARIOC) delivering support to the National Security Agency (NSA) in their yearly service academy exercises; performs training with and supports the US Army Regional Computer Emergency Response Team-Continental United States (RCERT-CONUS); when he was deployed to the Middle East, Thomas served with the US Army Regional Computer Emergency Response Team-Southwest Asia (RCERT-SWA) and was posted all over Afghanistan and Iraq. Thomas is currently holding the certifications for the EC Councils Certified Ethical Hacker (CEH), Guidance Softwares EnCase Certified Examiner (EnCE), Comptia Security+, and SANS GIAC Reverse Engineering Malware (GREM) and Certified Incident Handler (GCIH), and the (ISC)^2 Certified Information Systems Security Professional (CISSP) certifications. n addition Thomas is currently qualified for the US Department of Defense as a Digital Media Collector as a result in training the Defense Cyber Investigations Training Academy (DCITA).
Aaron Moss has over 10 years in Information Technology, working in positions ranging from Helpdesk to IT Manager. He is very passionate about IT, especially InfoSec. He currently holds the GIAC GSEC certification, a Bachelor's in Information Systems Security from ITT Technical Institute, and is working towards completing other non-GIAC certs, such as Cisco's CCNA and VMware's VCP. Aaron is very excited to be helping people achieve their goals, and learn something new everyday. He loved taking the GSEC course and exam and wants to help someone else accomplish their dreams too.
Joel Offenberg works for Vantage Systems, Inc. as a Senior Security Engineer for the Joint Polar Satellite System at NASA's Goddard Space Flight Center. He is also Vantage Systems' Chief Information Security Officer and is a member of the business development team. His current job focus is IT security planning, continuous monitoring and security critical operational systems. Joel has worked as a contractor at NASA's Goddard Space Flight Center since 1991.
Joel holds a B.A. in Physics, an M.S. in Computer Science and CISSP, PMP, GSNA and GSEC certifications. He is a founding member of Information Assurance @ Goddard seminar series, where he is also an occasional speaker.
Joel always enjoys participating in SANS as a learner and is excited to be have the opportunity to share his experience.
In his spare time, Patrick enjoys amateur radio (he holds an amateur extra class license), electronics, bowling, sailing, and photography. He is also a Debian Developer with the Debian Project.
Patrick earned a B.S. degree in Physics from the University of Toledo, and has pursued graduate studies in Astronomy and Theology.
Patrick is excited to be mentoring for SANS because mentoring provides an opportunity develop a one on one relationship with the students as they learn the material and how it applies to their environment.
John is passionate about software security. He holds the CISSP, GWAPT, GSLC and GCIH certfications, and is a masters candidate in the SANS Technology Institute's Information Security Management program. Prior to joining Caliber Security Partners, he was Director of Security and Compliance for Healthagen, Aetna's emerging businesses division. John has 19 years of experience in information technology and software, and 15 years of experience in IT security. His security and compliance background is in healthcare and secure development. He is a graduate of Brigham Young University. John is a "life hacker" and enjoys programming Arduino and Raspberry Pi devices. When he's not playing geek, John is a triathlete, avid outdoorsman, photographer, and licensed amateur radio operator (K7JTO). John resides in Salt Lake City with his wife and their six children.
Miguel Pabon is a recognized Information Assurance (IA) subject matter expert with over twenty years of experience. He is currently a Manager within the Corporate IT Security Organization, where he is responsible for the security integration of all company acquisitions. Prior to his current position, Mr. Pabon was Manager of IT Security Special Technologies & Analysis Team (forensics, eDiscovery, malware analysis, reverse engineering, cyber security R&D). His over20 years of combined defense and commercial experience in the fields of cyber security, information assurance, embedded systems, kernel mode and driver development, software engineering, Service Oriented Architecture (SOA), vulnerability assessments / penetration testing provide him with a unique perspective of both the defensive and offensive sides of cyber security. In 2010, Mr. Pabon was the recipient of the Raytheon IT Front Line Leadership Award, which recognizes an individual's contributions to the development of an organization and its advanced capabilities. Mr. Pabon has earned the following industry certifications: Certified Information Systems Security Professional (CISSP), GIAC Reverse Engineering Malware (GREM), Certified Forensic Analyst (GCFA), Certified Intrusion Analyst (GCIA), Security+, LAW PreDiscovery Electronic Data Discovery (EDD), ITIL V3, Six Sigma Specialist. As part of his continued educational endeavors, Mr. Pabon has earned a Bachelors Degree in Computer Engineering from the University of Puerto Rico at Mayagez, as well as being a graduate of the MIT Sloan School of Management, Management & Leadership Program.
Mike is the Comptroller for Black Hills Information Security as well as former Executive Producer of the PaulDotCom Security Weekly podcast. Trained as a Civil Engineer, he found that he was more interested in the underlying operating system of the Engineering tools than the tools themselves. He has worked in QA for Dassault Systemes, Technical Support for RSA Security, as a firewall analyst for Verisign & Dell SecureWorks as well as a Network Security Analyst in the financial services realm. He holds the GSEC, GCIA, GCIH, GCFE, GCFW, and GPEN certifications from SANS and a BSCE from Northeastern University.
Experience: Vice president of Infosec and forensics at AVM Technology, LLC Cyber Operations with U.S. Marine Corps Attorney specialized in Internet Law and president of the Rivera Law Group Accomplishments and Certs: GPEN, GCIH, GSLC CCE Admitted to the Virginia State Bar Websites: www.infosecusa.com www.forensicsvirginia.com www.cyberinternetlawyer.com I would be excited to to mentor the course as it would be a great opportunity to apply my knowledge and skills in order to assist others and improve the profession while improving myself.
Erich has been involved in starting and running security user groups, and enjoys the challenges that come from such situations, and see's the SANS courses as a great way for people and learn and is committed to helping with that.
Valter Santos is a security analyst at Portugal Telecom. He has 13 years of experience in forensic analysis, incident response, intrusion analysis and penetration testing. Valter likes to attack live malware in the morning, kill it and autopsy it by noon. He holds the GCFA, GCIA, GCIH and GSEC certifications.
Felix has more than 20 years of experience in IT and IT security. He held positions as IT systems engineer and IT advisory manager at a big four company. He has experience in IS management, IS auditing, IS consulting, attack & penetration testing, and IT forensics. He holds a BSc (hons) in science of computing (University of Derby) and a postgraduate certificate in business administration (Open University). His certifications include among others CISA, CISM, CISSP, GCUX, and EnCE. He was a key contributor to the OSSTMM.
He enjoys sharing his knowledge and learning from peers. He is looking forward to active discussions in class.
Selvan has been in IT for over 23 years, specializing in Unix/Linux Systems Administration. He has previously worked at the IBM and the US Air Force (focusing on parallel processing and Distributed Security and File Systems). As an IT Manager at Progressive Insurance, he has led teams from IT Operations to Enterprise Architecture. His current focus is IT Security Engineering and Architecture. He is also a Adjunct Professor at Cleveland State University teaching Java and Unix/Linux Systems Programming. His current efforts include an active proposal with the CIS Department to establish a DOH (Department of Homeland Security) accredited Information Security track at CSU.
Ron has been working in the information security field for the past 15 years. He worked as a consultant for ten years, gaining experience in many areas. For the past five years he has been working as an engineer for Cisco Systems in RTP. His focus is on evaluating the security of Cisco products and working with the development teams to implement high security standards. Ron is a subject matter expert in DISA STIGs and web application penetration testing. He also holds many industry certifications including GPEN, GCIH, GWAPT, RHCE, CCSP, CCNA, CISSP and MCSE.
Nick Thomas has 27 years of experience in the IT field. He has a Master degree in Public Management, and multiple certifications including the Certified Information Systems Security Professional (CISSP), Secruity+, Network+, GIAC Certified Incident Handler (GCIH) and GIAC Security Leadership (GSLC). Three disolved startups covered his first 16 years of employment. The LISP (for "List Processing Language") programming language, the term "artificial intelligence", 300 baud modems, dumb terminals and thin-net were the training ground. After three layoffs, Mr. Thomas obtained a master degree mixing business and computer courses. In the process, volunteering for the CMU Robotics Institute Red Racing Team and Tartan Racing team. They entered computer controlled vehicles in the DARPA Grand Challenge races in 2005 and 2006. Mr. Thomas finds cutting edge technology quite exciting. If you have read this far, he would like to suggest that you, your associates and high school children (yours, your neighbors and church youth group) should view "The Last Lecture", "Really Achieving Your Childhood Dreams" by Randy Pausch. It was presented to the CMU student body September 18, 2007 at Carnegie Mellon University. The lecture can be viewed on line or you can purchase a DVD. Randy Pausch Really Achieving Your Childhood Dreamswasnt about dying. It was about the importance of overcoming obstacles, of enabling the dreams of others, of seizing every moment (because time is all you have...and you may find one day that you have less than you think). http://www.cmu.edu/randyslecture/ http://www.thelastlecture.com/ http://bookstore.web.cmu.edu/GeneralBookDetails.aspx?type=6&BookID=822942 Also: Save the earth. It's the only planet with chocolate Currently Mr. Thomas works for the federal government in Baltimore. Hobbies include sailing, hiking, gardening, antique cars, photography and exercise.
Sterling has worked in the IT Security field since 2006. Working on the Security Operations desk for a nationwide telecommunications project with the FAA, he quickly gained experience in a multitude of technologies which provided him with the foundational knowledge that has served him well in his career since. As a Unix/Linux Systems Administrator for the largest, privately owned wireless telecommunications provider in the U.S., Sterling was involved in a number of PCI compliance driven projects and served on the PCI Compliance team. Currently, Sterling serves as a Security Consultant performing general security audits, penetration testing (network, web application, wireless, and social engineering), specialized training, intrusion investigation, etc. Sterling holds a M.Sc. from Mississippi State University in Information Systems and a Bachelor's degree from Millsaps College in Anthropology/Sociology. He holds a number of industry certifications including GSEC, GCIH, GWAPT, GCUX, RHCE, eCPPT, SCSecA, Security+, and Network+. http://lnkd.in/yhkyEx
Shawna has been doing software for 15+ years, often in the security space, working with and for many large names such as McAfee, Business Objects, SAP, Microsoft, Tripwire and Nike. She's achieved certifications in Pragmatic Marketing, Project Management Professional, is a Certified Scrum Master, a CISSP holder and has worked in all aspects of software creation. She's super excited to help tomorrow's leaders shape our security future.
Andres Velazquez, President and Digital Investigations Director of MaTTica; the first computer forensics private Lab dedicated to the investigation of cybercrime in Latin America.
He has more than 30 international certifications in the area including: Certified Information Systems Security Professional (CISSP), GIAC Certified Forensics Analyst (GCFA), GIAC Certified Forensics Examiner (GCFE), AccessData Certified Examiner (ACE) and NSA INFOSEC Evaluation Methodology (IEM) by the NSA in the US.
He trains and gives advice to different law enforcement agencies in Latin America including INTERPOL and UN.
Member of the High Technology International Association (HTCIA) , Latin American Fraud and Financial Crimes Investigation Association (ALIFC), Internet Society (Mexico Chapter) and the Latin American Information Security Professionals Association (ALAPSI) where he has part of the board from 2005 to 2007. He also was a member of the Cybercrime Combat Group part of the Federal Police in Mexico and member of the Network Information Center (NIC) Mexico Consulting Committee.
He has done all kind of training in Universities, Law Enforcement Units and Organizations.
Jon Villanti is an IT Security Manager with a Fortune 50 financial services company in Houston, TX. He has 22 years of IT experience; 12 years focused in IT security.
Prior to his current role, Jon has worked as an IT Security consultant, VP of Operations, CIO / VP and CEO. Jons private sector experience is augmented by over 20 years of Air Force experience, ranging from Intelligence Operations, Fighter Pilot, and Cyberspace Operations.
As a SANS mentor Jon enjoys working with students to realize their own Eureka moments, mastering relevant curriculum in support of personal and professional goals.
Jon holds several IT Security certifications including CISSP, GPEN, GCIH and GSEC. His LinkedIn profile is http://www.linkedin.com/pub/jon-villanti/20/a51/282. You can follow @houston_jon on Twitter.
Alan Waggoner has 15 years experience working with computers systems and networks. He has a wide range of experience, including firewall management, VOIP, Novell Netware, Windows Servers, MS SQL, Exchange, Citrix XenApp, virtualization technologies, IP cameras, and policy writing. Over the years he has earned certifications from Novell, Microsoft, Citrix, and GIAC.
Sol Warnock has worked in the IT Security field for the past 18 years. He has a broad range of experience with intrusion detection technologies, wireless security, and incident response methodologies. Sol has performed network security configuration and analysis for Government and private industries. He currently serves as an instructor/course writer at the US Army Cyber Leader College. Sol holds many commercial certifications including CISSP, CWNA, MCSE, GCIA, GCIH, GPEN, GCFA, GSNA, GCWN, and GSEC.
Jarred White has more than a decade of security consulting and engineering experience, and has occupied senior consultant and lead engineer roles at recognizable companies such as Dell SecureWorks and The Home Depot Corporation. In his current role with payment security and compliance solution provider ControlScan, White leads the Security Engineering Services team and he also serves as the companys subject matter expert for security engineering and risk-based consulting engagements. He brings considerable experience to ControlScan in the areas of penetration testing, risk analysis, social engineering and security engineering. He has consulted with companies ranked in Fortunes top 50 and top 100 companies, including financial institutions, public entities and not-for-profits. White is also an accomplished public speaker, having created and delivered presentations and engaging discussions on subjects ranging from emerging trends and best practices in information security to social networking and IT risk management. He has delivered global Web presentations on risk analysis and mitigation, and his commentary has been published in a variety of online forums. White is currently a Certified Information Systems Security Professional (CISSP) and a GIAC Web Application Penetration Tester (GWAPT).
Rodger has over 14 years of experience in the computer security arena as an Incident Handler and Forensic Analyst. Rodger began his career as a Signals Intelligence Analyst in the US Army conducting Cyber Threat Intelligence. After serving in the Army, Rodger continued support to the Army as a Defense Contractor with the Army Computer Emergency Response Team (ACERT) working as an Incident Handler. Rodger then moved on to a Senior Incident Handler role leading a team of incident handlers for the Regional Computer Emergency Response Team CONUS (RCERT-CONUS) where he responded to security incident involving computer infections and intrusions. Rodger is currently the Federal lead for the Research and Forensics team within the US Department of Health and Human Services Computer Security Incident Response Center (CSIRC) where he is responsible for leading network, memory and disk based forensics, malware analysis and incident response activities. Rodger holds CISSP, DoD CDFE, GCIH and GCFE certifications with goals of completing the EnCE, GCFA and GREM certifications in the near future. He is also pursuing a Masters of Science in Digital Foreniscs at the University of Central Florida. Rodger is excited to mentor his peers in DFIR and Incident Response while learning from their experiences.
Sam began his career in IT in 2001 while he was obtaining his Masters in Information Technology. He worked his way up from help desk support to becoming a Sales Engineer and Trainer in his early career. The next few years were spent doing Systems Administration and Application Support at various Fortune companies in the Pharmaceutical/BioTech and Oil & Gas industries. After obtaining his Certified Computer Examiner and GIAC Certified Incident Handler certifications he brought his expertise to the eDiscovery and Forensics industry supporting Corporate investigations. He is knowledgeable about collecting, processing, and producing ESI. In addition he is well versed in Forensic procedures and proper evidence handling. As a Consultant for a Forensic Vendor he obtained his EnCase Certified Examiner (EnCE) certification and worked on Corporate Forensic, Incident Response, and eDiscovery cases. In addition, he was the Project Leader on a team of 15 consultants for a very large Fortune customer. He also obtained the Certified Ethical Hacker (C|EH) and GIAC Certified Forensic Examiner (GCFE) certifications after joining a Security Vendor. Being a System Engineer on the front lines, he is able to work with Security Teams in top Fortune organizations. As a result, he is able to see many malware attack vectors & trends and work with researchers on piecing together the infection life cycle and changing trends.
Yuemo has more than 15 year working experiences in information technology services. His various works range from network and system administration to desktop management, from web development to programing. The invariable is his integrating the security practice in every days practice. He loves to share his experiences and help others enhance their security skills.