40+ Courses at SANS Cyber Defense Initiative 2018 in Washington DC! Save up to $400 thru 10/17.

Mentor: Bios


Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Ali Aleali is the founder and lead consultant for True North Information Security Inc. and has been working in the the information technology field for over 15 years, supporting federal government and some of the world?s largest enterprises. He leverages years of hands-on experience in Vulnerability Assessment, Penetration Testing, Incident Response, Security Architecture, as well as Private and Public Cloud Security. Ali holds the CISSP as well as 4 GIAC certifications including GCCC, GWAPT, GCFA and GSEC. 

In addition to working in the cyber security industry, Ali contributes to the community by regularly presenting at security conferences and meet ups. He has a passion to teach the subject to help build the next generation of information security professionals.

James Arndt is a Cybersecurity Engineer for American Transmission Company in Milwaukee, Wisconsin. He focuses on dissecting whatever malicious email, documents, URLs, and executables come across his way. Besides incident response, he has his hands in endpoint security, vulnerability management, and access management.

James has spoken at various local and national conferences on topics such as incident response and reverse engineering. He has sucessfully taught SEC401 Security Essentials and SEC504 Hacker Tools, Techniques, Exploits, and Incident Handling. You might also find James running after his four kids, playing guitar, or tinkering around in his basement lab.

Brad is a consultant with SecureWorks doing full time web application penetration testing. He has a masters degree in Information Assurance from Dakota State University. Certifications include GWAPT, GPEN, GCIH, GCED, and CISSP. He is an active member of the local information security community. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.
Murat is a Security Operation Center Manager located in Turkey. He holds a Bachelor of Science in Mathematics. He has over 20 years experience in offensive, defensive security roles. He has designed and integrated security architecture solutions. He has managed various integration projects, has been in regional and global IT management roles at companies such as Siemens, Nokia and Comodo. He holds the prestigious GIAC Security Expert (GSE) certification as well as the GCIA, GCIH(Gold), GCTI, GPEN, GSEC, and GWAPT certifications. His non-GIAC certifications include CISSP, PMP, OSCP, CPTE (Trainer), CEH, VTSP, MCP, CCNA.
Family, Gadgets, games, aerial photography, great food and craft beer are some of Paul Dumbleton's passions. Hailing from the the United Kingdom via California and now Michigan, Paul completed his Bachelors in Information Technology from the University of Phoenix in 2004 while working for Herman Miller in Zeeland, Michigan. After a recent transition to Perrigo, Inc, he now manages and oversees Global Security Operations and Engineering. Paul's passion for Information Security and Technolgoy has spanned more than 25 years. He continues to be motivated by setting goals that challenge his experience and knowledge, and admits that he continues to learn something new everyday. This translates directly into his success protecting Perrigo from evil (according to his boss) and helping the great people he works with use information resources securely.

Craig Galley is an Information Technology Professional with accomplished work experience in the Security industry since 2001.  He earned a Bachelor of Science degree in Information Science from the University of North Florida.  Early in his career, he was responsible for deployment and management of network prevention controls for a private sector organization.

Craig's career focus shifted exclusively to application development with a desire to lead secure coding best practices while chaired on Information Security Steering committees and managing large development projects and teams.  

Craig's certifications include GSEC, GISP, CISSP and CSSLP.  In his current role as an Information Security Officer, Craig manages and directs an Information Security Program in the public sector.  He is also active in Information Security groups, with volunteer experience as a Vice President.

Matt got his start in the technology field by joining the US Army and serving as a satellite terminal operator for 5 years. Since the Army, he has worked as a firewall technical support technician, network engineer, systems administrator/engineer and a security analyst in the defense contracting world. He currently works as a security researcher doing threat analysis, threat hunting and penetration testing. He is passionate about using technology for good and educating technical and non-technical people about InfoSec issues.

Michael Hennick is currently CISO and Senior Network Security Architect for Solipsys Corporation, a wholly owned subsidiary of the Raytheon Company, where he is responsible for overseeing cyber operations for the company, including secure network architecture and design, incident response and forensics, vulnerability management, proactive threat assessments and penetration testing. He also teaches as an adjunct faculty for the University of Maryland, Baltimore County (UMBC) Cybersecurity Masters Program, and for the network security Associates Degree program at Howard Community College (HCC). Additionally he independently consults with small businesses to assist in their cybersecurity needs. With over 20 years of experience in the IT industry, Michael has held roles and gained first hand experience in positions ranging from software development, technical support, system, database, and network administration, network design and architecture, penetration testing, and incident response. Michael has a Masters of Professional Studies in Cybersecurity from the University of Maryland, Baltimore County (UMBC). He also maintains numerous industry certifications including CISSP, CASP, CEH, CHFI, as well as multiple GIAC certifications, and vendor specific certifications. He is also a member of the Baltimore chapters of FBIs Infragard, NCMS, and the Information Systems Security Association (ISSA).
From his work in rural non-profits to a billion dollar fintech company, Benjamin's has spent his career making technology meet people where they are at rather than the other way around. In addition to blowing circuit breakers on three continents, he graduated from Grinnell College with a B.A. in Mathematics and Economics and is a GCIH. You can follow his latest security tinkering at https://benjamin-hering.com
Derek Hill has over 25 years of experience in IT and Information Security. He currently manages an Application Security Team and an Infrastructure Security Team (Blue Team) at HP Inc. in Vancouver, WA. His teams are responsible for ensuring that HPs internally developed applications are secure as well as the AWS infrastructure that is hosting these applications. Prior to his current position, Derek held IT management and technical roles at both large and small companies. In each role, he has focused on delivering excellent services, uptime and security for all the projects/staff he managed. Derek holds an MBA from Willamette University and an undergraduate degree in Management Information Systems from Oregon State University. He has various security credentials including a CISSP and multiple GIAC certifications. Derek also served in the US Army, mastering jump school and being promoted to sergeant (E-5) in less than 2 years, working in power generation and equipment repair. Derek is a very technically savvy engineer with heavy focus on security, integration and service delivery. His education and experience bring an understanding of how technology can affect the business, both positively and negatively. He is an excellent leader and problem solver and prides himself on being able to help the business achieve their goals with the assistance of technology. In his current role, Derek works with about 30 different internal customers as well as senior management to ensure service offerings and deliverables align with the corporate mission and risk tolerance. Security is a very dynamic and fast-moving field. He stays current on new threats, trends and technologies through networking, research, training classes and conferences. Derek is an active member of ISSA and OWASP security organizations. Maintaining awareness and skill level allows him to better plan and prioritize future work inside a company. Derek is very driven and goal oriented and brings a wealth of experience, knowledge and interpersonal skills to a new opportunity.

Dale Hobbs is a veteran of IT with over 18 years of experience starting out as a Junior Systems Administrator to his current role, Security Manager.

His background includes server and network administration, network architecture, network security, security policy development, adoption and direction setting in accordance with regulatory compliance and industry standards and currently holds the certifications of GSEC, GCIH, GPEN

Dale is excited about all areas of technology but most specifically network security. He is enthusiastic about sharing his knowledge and experiences with the next generation to help others achieve their IT related educational goals and embraces the opportunity to continuously learn and develop in his own career path.

James currently works as a Cyber Operation Technician for the Maryland National Guard.  His main function is to work with local defenders to make their networks more secure.  James has served in the Military for 21 years.  He has served in various positions with in a Windows environment, with his last assignment being a Systems Administrator for a small organization.  He also had additional duties of being the alternate Information Assurance Manager and Network Administrator.  James enjoys scripting and PowerShell so much that he became the admin that created the automation tools for the Sysadmin team.

James has a bachelor's degree in Management in Information Systems and is currently in the process of completing his MBA with an emphasis in Information Technology Management.  He is a graduate of the Army's 255-S school and hold the CISSP, 7 SANs Certifications (GSNA, GPEN, GCIA, GCWN, GCIH, GCFA, GSEC) and C|EH.

James enjoys giving back to the community by volunteering at schools and presenting the ISC2 Safe and Secure Online presentation to school aged children.

Ryan Irving has over 10 years of Information Technology experience working in the public sector. Ryan currently works for Hillsborough County Board of County Commissioners as the Information and Cyber Security Manager performing vulnerability management, forensics and incident response and other security operations. Ryan earned his Bachelor's degree from St. Petersburg College in Technology Management, with the focus in Information Security Assurance. Ryan then earned his Masters of Science in Digital Forensics from the University of Central Florida. Ryan has earned CompTIA's A+, Security+, ISC2 CISSP, and GIAC's GCIH, GNFA, GCFA, and GPEN. Ryan is excited to be your mentor for this course, and excited to share his experiences, and learn from others experiences during the course.
Duane Isaacs is an IT veteran with over 23 years of experience who began his career as a Computer Repair Technician at a local computer store and evolved into his current role as a Web Application Security Analyst for one of the top corporations specializing in Software as a Service (SaaS). His background includes over 10 years of development and implementing complex infrastructures and technical solutions for industry leaders, IT Management, server and network administration, network architecture, network security, security policy development, adoption and direction setting in accordance with regulatory compliance and industry standards. He currently holds the GWAPT certification. Duane is enthusiastic about all areas of information technology, with focus on automation and information security. He is excited to share his knowledge and experience with the next generation to help others achieve their IT-related educational goals and expand his mastery into new security arenas.
Jonathan Karchmer has over 15 years of experience in managing digital forensics and investigations. His background includes network administration, information security and electronic discovery project management. Jonathan frequently works on matters concerning trade secret theft. Jonathan has offered sworn testimony at deposition, hearing, and trial. Jonathan currently holds GCFA, GCFE, and GCIH certifications. He is excited about the opportunity to mentor FOR500 and share his enthusiasm for digital forensics with others.

Jason Kinder has over 20+ years of experience in the IT and InfoSec industry working in the private sector as a network administrator, network engineer, and then moving to manage a distributed IT group before making the jump over to InfoSec.  The jump over to InfoSec has put him in a position to manage InfoSec Operations for a multi-billion dollar defense contractor battling some of today's shared adversaries.

Through the course of his career his has gained the MCSE and CNE certs back in the day and worked hard to achieve the CISSP certification and more recently his GCIH & GMON.  Backed by a breadth of technical skill and knowledge, it also takes some keen business sense and acumen to properly navigate today's corporate environment.  While working in IT, Jason earned a Bachelor's of Science Degree from Wright State University in Dayton, OH in 2001 followed by an MBA with a concentration in Management, Change and Innovation also at Wright State University in 2009.  The technical and business skills he has amassed over his career are key to being successful and properly understanding today's security landscape and how it impacts the business.

Jason is very excited about the opportunity to Mentor SEC504 as a way to give back to the community, broaden people's minds, and train the InfoSec staff of tomorrow.  The challenge is here and now with adversaries evolving and regularly knocking on our doors.  Jason will help students be better prepared to identify and deal with these challenges on a regular basis.

Bill has a Bachelor's of Science in Criminal Justice from the University of Alabama Birmingham and a Master's of Science in Technical Management from Embry Riddle Aeronautical University.  Currently he is working on his Masters of Science in Information Security Engineering through SANS Technical Institute and has numerous certifications through SANS.  Bill began his career in computer technology in the early 1990's while working at the University of Alabama Birmingham. There, he learned many of the widespread platforms and operating systems, employing computer troubleshooting and virus removal skills.

After a brief stint with professional baseball, Bill moved back to computers and started working for a DoD Contractor.  During the last 20 years, he has worked in various departments; Desktop Support, R&D, Client Engineering, IT Systems Engineering and Cyber Security.  The last ten years, Bill has worked within Information Security managing projects and working with various programs across multiple areas of Information Security.  He started working with SANS Instruction in 2012. 

Anthony Lai who has hybrid experience in application development, code security, penetration test, threat analysis and audit areas for 13 years. He has done vulnerability assessment, penetration, IT audit and training for government and various corporates. He is now a lead consultant and guest threat advisory of several MNCs

Anthony should be the first Hong Konger publishing GREM gold paper and speaking in Blackhat USA 2010, DEFCON 18, DEFCON 19 as well as Hack-In-Taiwan and has set up a security research group called VXRL (www.vxrl.org) in HK, which connects various hackers and security researchers in the planet and co-found Xecure Lab (www.xecure-lab.com) on APT research and detection service. Frankie and Anthony as well as another VX fellow, DDL, has published a case studies paper about APT case studies accepted by IEEE Malware 2011 conference.

He is the chairman of OWASP (HK Chapter), program committee of PISA, extended committee member in HTCIA (Asia Pacific Chapter) and actively provided various technical seminar sessions to the practitioners in Hong Kong.

Other certified as GREM (Gold), he is also GCFA and GWAPT holder.

Christopher Linton has been working in IT for almost 20 years. He has a Bachelor of Science in Computer Science from the University of Colorado Boulder and has obtained GCIH & GWAPT certifications.

Christopher began working as a developer for marketing & fulfillment companies in Denver before going to work for Jeffco Public School's IT department. There he developed custom web applications and managed databases. A series of incidents with "David Lightman"-like students eventually led Christopher to Jeffco's Information Security team.

Christopher has presented at CSIS, SplunkLive, and other educational events. Christopher taught CompTIA Security+ at Metro State University of Denver. He is a big fan of coffee, the Denver Broncos, the Colorado Rockies, and climbing mountains. He also enjoys anagrams like "SETEC Astronomy" and has a binary clock on his desk at work.

Mike Lombardi is the founder and president of Vertigrate, a boutique consulting firm which conducts digital forensic investigations of all types for law firms and their clients around the country. Mike performs incident response, as well as proactive vulnerability assessments, security architecture, and information policy reviews.

Mike has served on the GIAC Advisory Board since earning his first GIAC certification, the GCFE, in 2011.  He is active in the local Phoenix security community and holds elected positions in the Arizona chapter of the High Technology Crimes Investigation Association (HTCIA) and the Phoenix ISSA chapter.

Mike has spoken at both local and national conferences regarding various digital forensics and incident response topics, including at the SANS SIEM & Tactical Analytics and SANS Blue Team Summits.  He has presented alongside the FBI and holds the GCFE, GREM, GCIH, GPEN, CISSP, CISM and CCME.

Mike fell into his career as a paralegal with an aptitude for information systems.  Early in his career, spearheaded the implementation of core Microsoft technologies like Active Directory, Exchange and SQL, and remote connectivity solutions like MPLS and VPN.  When Mike wasn?t helping the law firm open new offices, he was in the hot seat as a trial presentation tech assisting attorneys on lengthy multimillion-dollar litigation cases.

As a digital forensics practitioner, Mike has worked a broad range of cases from basic employee data theft to the identification and remediation of advanced persistent threat campaigns across hundreds of machines.  In the latter case, Mike quickly identified six actively compromised machines and nearly 200 affected machines out of a population of 900 using the PowerShell collector he wrote and later presented at the SANS Blue Team Summit. 

Mike is happiest when diving into the bits of a case; whether it be mobile, memory, live response, dead box, network or malware.  Each case presents its own set of new challenges; including communicating his findings to clients. 

?If there is anything that being a courtroom consultant taught me is that everyone brings their own filters and experiences when consuming new information.  You can?t make assumptions.  Establishing a common ground is key to building a proper understanding, especially when it comes to something as complex as digital forensics.?

Roy Luongo is a cyber professional with over 20 years experience. As a CNO operator, Roy has performed offensive cyber operations and adversary emulation for the federal government for many years. He served as a technical director for interactive operations and the Chief, NSA Red Team. As a SME for the United States Army and the Department of Defense(DOD) he has developed thousands of cyber professionals through direct training and workforce design used throughout the DOD and other Federal organizations. Including leading Operations, Cyber Security for the Sergeant at Arms, United States Senate, consisting of the SOC, Cyber Threat Intel team, and System integrations.

Mr. Luongo holds two Masters Degrees in Information Management and Cyber Security, he holds CISSP, GCIH, GPEN, GAWN, and GMOB certifications. Mr. Luongo has also served as a member of the Center of Academic Excellence, Cyber for the Department of Defense, working with Universities and Colleges to expend curriculums and degree programs in Cyber Security and Cyber Defense.

Roy enjoys working with like-minded individuals and mentoring/training for the SANS Institute, allows him to experience the growth of cyber in a small group collaborative setting. Mentorship/training allows him to give back to a community that has given him so much."

Arden served on active duty in the USAF as a Cyber Warfare Operator before retiring in 2016. He was hand selected in the initial cadre of the Network Warfare Operations career field and tasked to develop the first Cyber Functional Training Unit where over the next three years he taught thousands of students everything from vulnerabilities in LMR/ICS/SS7 to basic computer programming to advanced exploitation & covert exfiltration. In addition to his military experience, Arden ran the Security Operations Team for a major US-based payment processor before returning to university in pursuit of a PhD in Computer Engineering concentrating on Information Security. He also currently leads his local chapter of The Open Organisation Of Lockpickers, teaching physical security and regularly contributes to his local City Security organization on IT security topics.

Jake Miller is an information security professional, primarily focused in offensive security. Jake is currently a penetration tester, but also has previous experience as a security controls assessor, SOC analyst, and system administrator.

Jake is a lifelong student, holding a variety of IT and cyber related certifications including GXPN, GCFA, GCIA, CISSP, and AWS Solutions Architect Associate, among others.

He blogs about security and coding at laconicwolf.com, and is passionate about sharing knowledge in the community.

Christian is a motivated individual who first made his debut via the inaugural CyberAces cohort. After studying under Ed Skoudis for a year, Christian applied his self taught skills from previous jobs and hobbies, as well as the new skills learned while mentoring under Ed, to progress through the ranks at KPMG. Christian started as an associate in the cyber practice, and within two years of joining KPMG, was the service line lead and one of the core content developers for the KPMG Pentesting and Threat Intelligence service lines. After leaving KPMG, Christian joined Foundstone in order to help build the practice back up and establish himself in a more technical consulting role again. Christian has presented and been a participant at Blackhat, Defcon, MPOWER, and was offered a position to keynote at RFUN a threat intelligence conference run by Recorded Future. Christian has also presented on behalf of himself and KPMG at a variety of schools and charity events to help promote cybersecurity and protect against cyberbullying. Currently Christian holds 5 GIAC certifications with the goal of earning his GSE in the next year. He is also an active member of the SANS community assisting in question writing and course audits for the SANS OnDemand courses for the last few years. Christian is excited to become a mentor as it will help him to achieve his goal of becoming a SANS instructor and course author, as well as give back to the community and help to raise a new generation of cyber warriors.

Brandon C. Poole is SOC analyst for an electric & gas utility company in the southeastern US. He brings with him 10 years of IT experience in system administration, network administration, disaster recovery, and information security. During this time Brandon has helped various employers setup & run vulnerability assessment/management, business continuity, security assessments, and change management programs across nonprofit, government & private sector organizations.
In addition to the above experience he also maintains numerous professional creditable such as GSEC, GCWN, GCIH, GCCC, CEH, CompTIA Security +, CompTIA Network + and IBM QRadar SIEM Analyst as well as being a member of ISSA, InfraGard, and the GIAC Advisory Board. 
When Brandon isn't at work he can be found further sharpening his skills in his homelab, writing Python or PowerShell scripts to automate security workflows, tweeting on Twitter (@bcpoole_sc), working on his new blog bitsbybrandon.com, or mentoring others in their IT and/or Infosec career.

Shyaam is currently a Chief Architect in the MDR space with years of experience in cyber security, information security and intelligence studies. He has worked on multiple technical and leadership roles including Director, SOC Manager, Principal/Senior Consultant, Researcher, Information Assurance Engineer, and Analyst/Engineer.

Shyaam graduated from Master of Science (MS) degree in Computer Science, majoring in Information Security at the George Washington University. He also holds Master?s Certificate in Computer Security and Information Assurance from GWU, Graduate certificate in Computer Security from Stanford, Data Science from MIT, Leading with Finance, Disruptive Strategy and Negotiations from Harvard. He continues to hold professional memberships at InfraGard, ACM, ACFE, ISACA, IACSP, HTCN, ATAB and various other associations, where he has been actively participating in the cyber security community. He has held professional certs such as, GCIH, GCIA, GREM, GCFA, GPCI, GCDS, GLDR, SSP-CNSA, SSP-MPA, SSP-GHD, GHTQ, GWAS, CISA, CEH and GIPS. He was a board member at IARIA research group where he has participated as TPC, Chair and Co-Chair of IEEE conferences related to Security and has been an advisor for several small and mid-sized organizations.

Don Reilly is a Senior Cyber Threat Developer at ERCOT, the controller of the Texas power grid. Starting initially in the Financial sector as first a Systems Administrator, and then a developer, he transitioned to the Energy Sector three years ago to perform Dev Ops and Cyber Security roles. At GridSecCon 2017 he won the inaugural ICS NetWars tournament, and continues to strive for excellence all he does. He is excited to mentor this course, because he is extremely enthusiastic about the value this course has for all organizations.
Dmitriy Sokolovskiy entered the Information Technology field in 1999 and throughout the years gained experience in multiple fields, including Windows and Unix server administration, NOC and SOC operations, large scale security projects and live incident response and remediation for some of the largest breaches in US history. He is a Certified Information System Security Professional and a GIAC Certified Enterprise Defender. Dmitriy had a first hand experience with the incredible lack of knowledgeable and experienced information security professionals in the IT and wanted to utilize his skills and experience to help close this gap.

Joe Sullivan got his start in information security in 1999 working for a web hosting company during the .com boom.  In 2001 Joe started one of the first outsourced technical support companies for web hosting server support.  After selling his company he went to work as the network security manager for a consumer electronics distributor and remained there for nearly 10 years.

 In 2014, Joe was recruited by Oklahoma based RCB Bank to guide their network security program. At RCB Joe is the Chief Information Security Officer. Joe also owns 1 to 1 Risk Control & Investigations, a private investigation agency in Edmond, Oklahoma.

Currently, Joe and his wife, Cathy, also operate Crossroads Information Security, which provides several services to small local businesses that do not have the expertise or resources for network security. Joe is also the leader of the Oklahoma City OWASP Chapter.

You can find Joe Sullivan's blogs online at:
https://www.1to1riskcontrol.com/news/
https://www.crossroadsinfosec.com/blog/LinkedIn: https://www.linkedin.com/in/infosec-investigator

Eric is an accomplished governance, risk and compliance specialist and author set to publish his first book titled: Building a HIPAA Compliant Cybersecurity Program in late 2017 or early 2018.

In his GRC role as the Director of Compliance at Blue Health Intelligence (BHI), Eric leads efforts to increase cyber security maturity in several domains including governance, policy and controls, risk management, cyber security strategy and business alignment. He established the risk management function which includes assessment, analysis and treatment of risks, threat and vulnerability management strategy and due diligence requirements for assessing third-party risk.  Eric also assesses cybersecurity technology capabilities recommending enhancements to current solutions and new capabilities required to meet risk reduction requirements.  

Prior to BHI, Eric spent seven years at Ernst & Young (EY) in the Advisory practice where he specialized in helping healthcare organizations (providers, payers and business associates) solve problems related to information security, risk management and compliance.  Eric lead HITRUST Common Security Framework (CSF), cybersecurity program management and third-party risk management assessments. 

Nick Wiebelhaus has a diverse background in both offense and defense in the security industry. Nick currently works as a security professional with a diverse business at an enterprise level that engages in loan origination, loan servicing, payment processor, internet service provider, collaboration spaces, software development, and banking. Nick is a subject matter expert in the areas of penetration testing, incident response management, system administration, and security operations center (SOC) management. He has developed enterprise penetration testing methodologies, SOC processes, and incident response processes.

Nick is an active member of the information security community in and around the Denver Colorado area. He teaches information security at the Community College of Aurora and frequently attends conferences and other community events. Nick earned his BS in Information Security from Colorado Technical University and currently holds several certifications including GPEN, GWAPT, GCIH, and Security +.