Get unparalleled cyber security training from real-world practitioners in Nashville. Save $200 thru 10/30.

Mentor: Bios


Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Scott Anderson is a Technical Leader with Cisco Systems with Learning@Cisco. He has been with Cisco for over 10 years and specialises in Security, Routing and Switching. Prior to joining Cisco Scott has worked in various roles in IT and T industry for with a broad range of experience in Defence, State Goverment and Commercial customers Scott has a Masters Degree in Networking and Systems Administration from Charles Sturt University and currently holds a number of Industry Certifications including CCIE, CISSP, GNFA, GPEN, GCUX and GCIA.

James Arndt is a Cybersecurity Engineer for American Transmission Company in Milwaukee, Wisconsin. He focuses on dissecting whatever malicious email, documents, URLs, and executables come across his way. Besides incident response, he has his hands in endpoint security, vulnerability management, and access management.

James has spoken at various local and national conferences on topics such as incident response and reverse engineering. He has sucessfully taught SEC401 Security Essentials and SEC504 Hacker Tools, Techniques, Exploits, and Incident Handling. You might also find James running after his four kids, playing guitar, or tinkering around in his basement lab.

Joyce M. Baker, Ph.D., PMP, GSLC, CISM has been a leader in training and development for more than 30 years with an emphasis, for much of her career, on cross-cultural communication competence and management communication.  She has led largescale projects in both Training and Development and Software Development. As a lead information security manager for a Fortune 100 Government Contractor, she is responsible for the development of security plans, procedures and processes for government information systems supporting Department of Defense contracts. She leads the transition of an information system from the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) to the Risk Management Framework (RMF), current ongoing compliance with the RMF, and continuous improvements to security for a Department of Defense Organization.  With a doctorate in Intercultural Communication from Arizona State University, has provided training and development services to a wide range of organizations, including colleges and universities, U.S. Government agencies, and private sector businesses across a wide variety of topics. As a fluent, heritage speaker of Japanese, growing up in Hawaii and living in Japan, Dr. Baker has developed a deep understanding of the linguistic and cultural dynamics of Pacific Island and Asian communities.   She is excited by the opportunities to mentor others as they continue to develop their skills in information assurance and management.  As a proponent of lifelong learning, she knows that the best learning comes from applying and teaching what one has learned and sees mentoring others as an opportunity to hone her skills.

Dan Banker currently holds the GCIH, GCIA, GCFE, and GNFA and is a threat hunter/incident responder for Motorola Solutions in Chicago, Illinois. He is also the primary Carbon Black system administrator and has extensively worked on customizing the product for Motorola's environment. This includes extensive scripting with the API to increase detection beyond what is currently capable in the GUI. From his time in the SOC at Dell Secureworks, he developed a love for pcaps and chaining grep/sed/awk to distill logs into useful information. Outside of infosec, he is a career musician and plays guitar for the popular Metallica tribute band Blackened. As a former guitar instructor with 40+ weekly students, he knows that passion for the field is and important part of the teaching process, and he brings his love of information security to the classroom.
Brad is a consultant with SecureWorks doing full time web application penetration testing. He has a masters degree in Information Assurance from Dakota State University. Certifications include GWAPT, GPEN, GCIH, GCED, and CISSP. He is an active member of the local information security community. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.

David Bernal Michelena holds a bachelor's degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since June 2015 he serves as a cyber security researcher in Cyber Security Group in Scitum, a large consultant company in Mexico and Latin America. David's main activities are malware analysis, cyber threat intelligence, digital forensics and writing yara and snort rules to detect those threats and protect customers. David also performs ethical offensive activities and writes custom tools that are used in controlled environments to verify that security products do what they claim to do. 
From July 2013 to June 2015 David was a member of Security Events team at Alstom, a large company in energy and transport solutions protecting the endpoint environment of about 90,000 hosts distributed worldwide. In his time in Alstom his main activities were incident response, malware analysis and remediation, forensic analysis, IPS/IDS and SIEM management.
Formerly he served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitum's customers. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
From August 2009 to July 2011 he worked as a forensic analyst and incident handler in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico. David is GXPN, GASF, GREM, GCFA, GCFE and Access Data certified. He likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to swim and play the piano.

Craig Bowser is an ardent and dedicated infosec professional with 19 years of experience in the field. He began his career in the Air Force as a communications officer where he began as a system administrator, then was assigned as an IT specialist leading teams performing network optimization and troubleshooting. His final assignment was as a network security team lead. After separating, he worked as an Information Security Manager, Security Engineer, Security Analyst and Information System Security Officer with the DOJ, then DOD, and currently is with the Dept of Energy where he is one of the Senior Security Engineers.

He has spoken at various security conferences such as BSidesDC, BSidesCharm, DerbyCon and multiple SANS events such as the SOC and the SIEM Summits. He hold multiple certifications from SANS (GSEC, GCED, GCDA) as well as the CISSP from ISC2.

Craig has an Electrical Engineering degree from Stevens Institute of Technology. He is active with local infosec groups such as NOVA Hackers where he has given multiple presentations and maintains a blog at www.shadowtrackers.net/blog.

He is a Christian, Father, Husband, Geek, and Scout Leader who enjoys woodworking, sci-fi fantasy, home networking, tinkering with electronics, reading, and hiking. And he has a to do list that is longer the time to do slots that are open.

Larry has over 20 years experience in Information Technology. Over that time he has taken on numerous roles including: managing desktops for a global defense ins, servers, networks, people, projects and a variety of cloud platforms. Larry is currently the Information Security Officer for a dynamic fintech company based in the Dallas/Fort Worth metroplex. He is responsible for maintaining all aspects of the security program across a wide range of systems and platforms. Larry has led the planning, design and implementation of secure cloud migrations utilizing IaaS, PaaS, and SaaS solutions based on the individual project's business goals. Larry is passionate about building information security and information technology solutions that provide value to the business while ensuring security of sensitive data. Larry has completed a total of five college degrees including a Master of Science in Cybersecurity and Information Assurance, a Master of Science in Information Systems, and a Master of Business Administration. He has also completed numerous certifications from ISC2, Microsoft, VMware, Cisco, GIAC and others throughout his career. His portfolio of GIAC certifications currently include the GIAC Critical Controls Certification (GCCC), GIAC Strategic Policy, Planning and Leadership (GSTRT), GIAC Secure Software Programmer- .NET (GSSP-.NET). He also has a number of industry certifications including the CISSP, CCSP, CCSK, CEH, CHFI, ITIL V2 and V3, VCP V2-V5, multiple MCSE, and the Azure administrator associate.
LaMar Childs comes from a varied background of experience. He currently works for the Air Force Reserves as a cyber operator defending and securing networks for the Department of Defense as well as a consultant for BMG. He started out working for Xerox and then Motorola doing various operational projects. After approximately four years in corporate he struck out with a small technology consulting firm. Handling products from e-commerce website development to network setup and desktop support and network analysis, he developed a good overall understanding of the technology landscape and it's impact on workers. Tapped to be the translator between frustrated users and technology departments is where he really began to thrive. This work is some of his most rewarding as it allows him to explore and improve human interaction with computer software and systems. His passion is evaluating processes for efficiency, as well as physical and cyber security loop holes. His investigation and research enables him to take those findings and overlay security, process improvements and finally training so that as he says a 12 year old can come in and understand how to effectively use the systems and operate the processes. A 12 year old we questioned? But he insists that often things are made to complicated. Technology he says, can be simple. He states the more simple you make things the easier it is for people to spot anomalies and correct issues. It makes sense. Armed with certifications in Security Plus, GSEC, GCFA and Certified Ethical Hacker training he has leveraged his experience to support organizations such as the UFC, law firms, construction firms and more. His bachelors in Marketing and Management give him a different perspective than other technophiles. He calls himself the user champion; making their lives easier and making it easy for them to raise their level of tech prowess. In his eyes everyone has a bit of technophile in them and the more people we ignite the safer our systems and networks will be.
Mel Drews has been on both attack and defense sides of security throughout the public and private sector for more than 15 years. He's covered numerous roles in organizations large and small, including solutions engineer, analyst, auditor, penetration tester and consultant. His current role is in a global 50 financial services firm assuring software security. When not coding projects or studying for the next big thing, Mel is combing the forest floor for fungus in West Michigan or playing racquetball. He holds the GWEB, GCFE, and GCCC certifications, as well as CISSP, CISA, and CISM.
Leslie Fife has been involved in technology for more than 30 years. He has been a software developer (6 years), a college professor (22 years) and for the past few years has worked as a Security Analyst in the financial services industry and as an Information Security Manager for a large non-profit. His interests are welding, blacksmithing and physical security.

McKell 'Mick' Gomm is an avid cybersecurity researcher and currently manages cloud and application security initiatives for Cognizant Technology Solutions, a Fortune 200 company. Security automation is his favorite and he currently leads DevSecOps efforts for cross-industry, agile development teams.

Mick enjoys technical research and regularly contributes to various projects and at security conferences. His favorite presentations have been 'The Art of (HTTP) Web Defense' at SAINTCON and 'HackerMode' (an Alexa skill) at the BlackHat USA Arsenal.

Mick holds a B.S. in Business Management and an M.S. in Information Systems. In addition, he is certified in various disciplines (CISSP, GWAPT, GWEB, CISA, PMP) and is always pursuing useful cyber knowledge. You can connect with him on Twitter (@7YR43L) and LinkedIn for great articles and intel!

Stanley got his start with computing and security at an early age. Having received a computer at age four, his curiosity with all things technology was cultivated by his parents. By age 13 he was trolling IRC channels and Usenet forums, running a small dialup BBS, and teaching himself computer networking, scripting, brute forcing, and password cracking. For his college career at Georgia Institute of Technology, he switched gears to pursue knowledge of electrical and computer engineering as he felt a degree in computer science would not be challenging enough. Through his education he discovered the microcosm of transistors and bits, gaining deep insight into how computers operate at the chip level. He used that knowledge as an intern at Texas Instruments to develop firmware for their DSP line of microprocessors in one summer session and to optimize testing routines on production semiconductor wafer batches in a second session. Another pivot led Stanley to a research position while pursuing a Masters degree at University of South Florida under the tutelage of Dr. Rich Gitlin of Bell Labs fame. There he developed software defined radio test platforms using FPGA systems in VHDL to assist PhD candidates to obtain data on novel wireless modulation schemes for use in medical applications such as in-vivo wireless networks. Ultimately, he chose a career in information security, which has revealed itself to be his true calling. He is extremely passionate in the field and his greatest motivators are the pursuit of knowledge, uncovering truth, and solving complex problems. Stanley is currently employed by Deloitte in its Managed Threat Services division, a MSSP SOC offering continuous monitoring service to commercial and public sector entities. His role is a multifaceted combination of senior security analyst, security engineer, and analyst manager. He has significant experience using all the major SIEM technologies in the pursuit of evil by running digital investigations to identify malware, insider threats, weak configuration, and other anomalies that reside on enterprise level networks. He has also been actively performing engineering development, correlation content, and maintenance of several SIEM deployments. He frequently gets called in to assist with incident investigations as a technical asset providing analysis on log activity, network capture data, and an occasional forensic image. His repertoire of GIAC certifications by SANS are in the areas of incident handling (GCIH), digital forensics (GCFA), and network forensics (GCNA).


Mike Harris is an Information Technology Cyber Security Professional holding certifications as a Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Information Security Professional (GISP), Cisco Certified Network Associate Security (CCNA-Security), Cisco Certified Network Associate (CCNA), Red Hat Certified Technician (RHCT), and Red Hat Certified Systems Administrator (RHCSA). Mike has additional technical certifications which include Digital Forensics Examiner, Network Protocol Analyst, Project+, Linux+, and A+. Mike will soon graduate with a Bachelor of Science in Information Technology Security. Mike is the founder and former board member of TinkerMill, a non-profit organization dedicated to furthering the knowledge of our kids, adults, businesses, and municipalities in the use of high tech with the incorporation of creativity and art. He is also a Red Team Member of the Rocky Mountain Regional Collegiate Cyber Defense Competition. Mike has built a CSIRT from the ground-up, including a secure infrastructure using Linux systems (Red Hat and Ubuntu). Mike has extensive knowledge as a Technology Security Auditor conducting assessments, measuring vulnerabilities, security posture on internal and external networks, and account activities for insider threats and abuse.
 

Michael Hennick is currently CISO and Senior Network Security Architect for Solipsys Corporation, a wholly owned subsidiary of the Raytheon Company, where he is responsible for overseeing cyber operations for the company, including secure network architecture and design, incident response and forensics, vulnerability management, proactive threat assessments and penetration testing. He also teaches as an adjunct faculty for the University of Maryland, Baltimore County (UMBC) Cybersecurity Masters Program, and for the network security Associates Degree program at Howard Community College (HCC). Additionally he independently consults with small businesses to assist in their cybersecurity needs. With over 20 years of experience in the IT industry, Michael has held roles and gained first hand experience in positions ranging from software development, technical support, system, database, and network administration, network design and architecture, penetration testing, and incident response. Michael has a Masters of Professional Studies in Cybersecurity from the University of Maryland, Baltimore County (UMBC). He also maintains numerous industry certifications including CISSP, CASP, CEH, CHFI, as well as multiple GIAC certifications, and vendor specific certifications. He is also a member of the Baltimore chapters of FBIs Infragard, NCMS, and the Information Systems Security Association (ISSA).

After 20 years of military service, he proudly continues to serve as a Cyber Operations Technician with duties ranging from Auditing/surveying, Incident Response, Forensics, Red Team, consulting and training.  His main role is serving as the Microsoft Windows and PowerShell Expert.  He spent his previous 14 years working in a Windows and VMWare environment.  He became the PowerShell Expert and automated most of the Sysadmin?s routine tasks.  He also served as the alternate Information Assurance Manager.  His main duties include patch management, RMF implementation, and tracking user security awareness training.
 
His credentials include the CISSP, VMWare Certification, C|EH, 9 GIAC Certifications (GPYC, GMON, GCWN, GPEN, GCIA, GCIH, GCFA, GSEC, GSNA), Company Grade Officer of the Year, Army 255S (Information Protection Warrant Officer Advance Course) Graduate, and holds a Bachelor of Science in Management in Information Systems.
 
He enjoys giving back to the community in various ways.  He serves as a Cyber Patriot Mentor and is an active member of his local ISSA Chapter.  He enjoys presenting at community events, like BsidesCharm, and ISSA.    

Bryan Koch first became involved in cybersecurity as a member of the cyber defense team at the United States Coast Guard Academy. After four years of participating in the annual NSA Inter-service Academy Cyber Defense Exercise, Bryan attended his first SANS course, SEC 401. After 2 years of sea duty, Bryan entered into the Electronics and IT support field in the Coast Guard. At this assignment, Bryan served as the project officer for the Coast Guards IT Seabag Project, which was programmatic attempt to implement hardware authorization and management across the entire Coast Guard. He also returned to help cadets with the CDX and attended four more SANS courses at various venues. Bryan completed an MBA in 2015, focusing in Operations and Supply Chain Management. Shortly after, Bryan was temporarily assigned to Coast Guard Cyber Command to assist with the DoD Cybersecurity Implementation Plan following the OPM Data Breach. Bryan helped implement Coast Guard wide system health audits and was able to establish a 30-member Cyber Analytics team to augment traditional FISMA Audit efforts. Bryan graduated from Northeastern University in 2017 with an MS in Cybersecurity. At Northeastern, Bryan was President of the ISSA Student Chapter. Bryans thesis is currently being reviewed for publishing for the 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). His paper and presentation on Detection and Mitigation of Malicious Modifications on the Minnowboard Turbot won the 2017 Northeastern Research, Innovation, and Scholarship Expo (RISE) for Computer Science graduate level. Bryan is currently assigned as the Enterprise Operations Center Manager at Coast Guard Cyber Command and oversees a 75 member workforce maintaining Service Operations and Defense Cyberspace Operations for the U.S. Coast Guard.

Tim Larkin is a Senior Cyber Security Engineer at Spinvi Consulting, LLC supporting US Navy projects.  In 2013, as the US Army was working to create its Cyber Workforce, Tim graduated first in his class at the pilot course of Fort Gordon's 25D Cyber Network Defender program becoming the first National Guard Cyber Network Defender in the world. In 2018, he mobilized with his unit to support US CYBERCOM and the NSA.  He holds an MBA from Webster University and is projected to graduate from the SANS Technology Institute's MSISE program in 2020. Tim holds the following industry certifications: GIAC GSE #216, GXPN, GSEC, GMOB, GCCC, GSNA, GCED, GCFE, GCIH, GCIA, GMON, GCPM, CISSP-ISSEP, CRISC, CompTIA Security, CompTIA Network and CompTIA A.  Tim lives in Charleston with his wife, Janet, stepson, Justin and their dog, Rey.

Fredric Lauzier has been in the IT business since 2000. He was an IT consultant for two years and then enrolled in the Canadian Armed Forces as a Signals officer. He is still serving after 17 years and manages IT, Cyber, Radios, Satcom, among others, both in a deployed field environment and in a static strategic one. Over the year he acquired the ITIL Expert certification. He has also earned a Masters in IT from Universit de Sherbrooke and a Masters in Defence Studies from the Royal Military College of Canada.

He attended his first SANS course in Fall of 2018 and since always wanted to share his knowledge to other SANS learners.

Jason works for one of the largest financial institutions in the country as the Director of Cyber Security Operations Center focusing on internal security monitoring and response.  He has developed processes and procedures to reduce incident impact and cost, as well as early identification of incidents.  He has led teams responding and investigating numerous large scale incidents and APT attacks.

Jason also served as the President of the Atlanta chapter of the HTCIA and served on the board for directors of the Atlanta chapter of the ISSA.

On his off hours Jason enjoys teaching SANS Forensics curriculum as part of the SANS Mentor program.  He holds a Masters of Science in Information Security and Assurance (MSISA), and numerous security certifications such as: GCFA, GNFA, GCIH, GREM, GCCC, G2700, CISSP, CHFI, CEH and CISA.

Jason firmly believes that the only way to truly be secure is by educating others, and he lives by this principle. Furthermore, if you take the time and listen, you can learn from anyone, mostly from your students."

Bryan McAninch is an information security professional with over twenty years experience in various disciplines including digital forensics, penetration testing, and security architecture. He holds a Bachelor of Science in Business Administration from the University of Texas at Dallas and a Master of Science in Information Assurance from the University of Dallas. Bryan is passionate about information security and giving back to the community. He is an organizer of the North Texas Cyber Security Group and owner of Prevade Cybersecurity.

William has been passionate about computers and their security since being introduced to them as a young teen. Early on he knew that he wanted to be working in information security. He began his education as network engineer at a vocational technology school while still in high school. After graduation he started an Information Assurance and Forensics Bachelor's degree at an NSA Center of Academic Excellence.

William has a decade and a half of experience within the field of information security. He has supported a fortune 5 company as a security engineer, supported many government and commercial customers in various roles within a Security Operations Center (including Incident Response analyst, DMA Lead and SOC Manager) and now is a Principal Security Researcher in a malware analysis role. He has taken the initiative to mentor and train new team members and has led many community events within the companies he has worked for. These events include quarterly mini conferences, Capture The Flag (CTF), LAN Parties, and other events to build the community and share knowledge. He is a frequent conference attendee and has participated in and won a number of IoT Village CTFs, including winning a Black Badge at BSidesDC for placing First in the competition. While the majority of his career has been supporting the blue team, he's always had a passion for the red team and has been honing his skills in penetration testing and exploit development. William currently holds the GCIH, GPEN, GREM, GCTI, and GXPN GIAC certifications. In addition to those GIAC certifications, he holds the OSCP and CISSP. 

Outside of information security, William is a general class Amateur Radio operator (KE5HDY), 3D printing enthusiast, and is working to become a member of the 501st legion (a Star Wars costuming organization that participates in costumed charity and volunteer work). His blog can be found at haxel.io

Captain Milan is the Assistant Flight Commander for the Cyber Flight for Air Force Special Operations Command. He has spent two years operationally testing cyber equipment for use by AFSOC and USSOCOM. Equipment ranges from mobile devices, 1553 aircraft buses, to traditional routers and switches. He has begun obtaining civilian certifications as they hold more weight than military cyber schools do. Captain Milan is certified GSEC, Sec+, and CEH. He has taken GPEN at Sans West 2019 and will take the certification exam in the coming weeks. He is also enrolled in Offensive Security Certified Professional (OSCP), and will take the certification exam in June. CISSP bootcamp has been completed, test is in line after the two penetrations tests. Captain Milan received his Electrical Engineering bachelor's degree from Tennessee Technological University, and his master's degree in Investing and Financial Analysis from Creighton University. Captain Milan would like to continue taking SANS courses to improve his skills, and one way that he learns is by teaching others.

Christian was formerly the service line lead and one of the core content developers for the KPMG Pentesting and Threat Intelligence service lines. After leaving KPMG, Christian joined Foundstone for a period in order to help build the practice back up and establish himself in a more technical consulting role again, currently Christian is working as the Lead Cyber Partner and part owner of his own consulting firm Indelible LLC.
Christian has presented and been a participant at Blackhat, Defcon, MPOWER, RSA, Pacific Hackers Conference, Anycon, and was offered a position to keynote at RFUN; a threat intelligence conference run by Recorded Future. Christian has also presented on behalf of himself and KPMG at a variety of schools and charity events to help promote cybersecurity and protect against cyberbullying. Currently Christian holds 5 GIAC certifications with the goal of earning his GSE in the near future. He is also an active member of the SANS community assisting in question writing and course audits for the SANS OnDemand courses for the last few years, as well as an active member in the Security community, participating and assisting in the running and organization of many of the popular Security Conferences and events.

Ryan OGrady has worked in information technology and security for over 14 years. In 2012, he joined Soar Technology as a senior software engineer in the Intelligent Training division, where he designed and lead the implementation of large training systems for Department of Defense (DoD) customers. In 2016 he helped stand up the Cyber Operations division, taking the role of portfolio lead for workforce development. He served as the principal investigator for an Air Force Research Labs (AFRL) project to develop an intelligent training system for cyberspace operators that provided individualized, personalized training in realistic environments. Mr. OGrady also served as the technical lead on a related project to create autonomous cyber attackers for training, testing, and evaluation purposes. Prior to Soar Technology, he worked as a software architect for U.S. Army TACOM, where he oversaw the migration and security of a production enclave, and as a research engineer for Cybernet Systems, where he performed R&D for a variety of DoD customers. Mr. O'Grady earned his B.S.E. in Computer Science from the University of Michigan in 2004 and is pursing a M.S. in Information Security Engineering from the SANS Technology Institute. Certifications: GCPM, GSEC, GCIH, GCIA, CPTE, Security+

Recently retired, Mark, in his 28 years of service with the Kansas City Missouri Police Department, has served in many capacities, including Patrol, Internal Affairs and conducting digital forensic investigations. In 2011 Mark was assigned as a task force officer at the FBI?s Heart of America Regional Computer Forensics Laboratory (HARCFL).

While working as an FBI CART-certified forensic examiner he conducted examinations on a number of state/local and federal cases involving child exploitation, homicide, network intrusions and terrorism. He has also provided court testimony on numerous cases regarding general crimes and digital investigations.

Mark was a mentor and training officer at the HARCFL and he worked a number of cases while appointed to the lab. He was sought out for his knowledge of forensics, electronics and Python programming. He also used his programming background to create scripts which are used in the lab to streamline various functions. 

Mark has experience in HTML, Linux, Apple devices and cell phones. He held the FBI certification of FE (Forensic Examiner), and still maintains the SANS certifications GCFE and GPEN, CompTIA certifications A+, Net+, SEC+ and he has an Associate's Degree in Computer and Electronics Engineering Technology?. This most likely explains his fascination with Frankenstein electronic projects with lots of little blinking lights - at least his wife would like to think so.

Mark is excited to share his knowledge of electronics and digital forensics with people who have similar interests, and employ problem-solving techniques to assist them when needed.

In the early 2000's Andrew Rozema worked as a systems and network administrator for a major media company whose claim to fame was getting Lincoln elected, but that happened a long while before he started working there. After a couple of virus outbreaks including Sasser and CodeRed the company decided somebody should know something about information security, and sent him to his first SANS GSEC class. After which he immediately went back to the office and changed ALL the passwords. That class sparked a passion for information security that's been with him ever since. Since then in addition to roles in that media company involving IT administration, management and security; he worked his way through both a baccalaureate degree and Masters degree in information security and discovered a passion for not only learning about information security, but teaching it as well. After teaching a couple of night classes at the local community college, he was hooked, and when a full-time faculty position opened up, he made the switch. Now Prof. Rozema is the head of the department of Computer Information Systems at Grand Rapids Community College, as well as an Assistant Professor, still responsible for teaching information security as well as classes in Linux, shell scripting, JavaScript, Secure Mobile Application Development and some very exciting classes in penetration testing. As department head his focus is now to bring the program in line with both the CNSS and NICE framework for national accreditation. Prof. Rozema still accepts select consulting engagements and advanced teaching opportunities to make sure he stays on the cutting edge in technology and grounded in what IT looks like in the real world.

Joe Sullivan has 20 years of experience in information security. Joe is the principal security strategist for Crossroads Information Security, the Chief Information Security Officer for a bank, and the owner and lead investigator of 1 to1 Risk Control & Investigations.

Joe got his start in information security in 1999 working for a web hosting company during the .com boom. In 2001, Joe started one of the first outsourced technical support companies for web hosting server support specializing in administration of LAMP servers and incident response.

After selling his company he went to work as the network security manager for a consumer electronics distributor and remained there for nearly 10 years. In 2014, Joe was recruited by Oklahoma based RCB Bank to guide their network security program. At RCB Joe is the Chief Information Security Officer.

Joe and his wife, Cathy, also operate Crossroads Information Security, which provides services to businesses that do not have the expertise or resources for network security. These services include penetration testing, gap analysis, policy, procedures, and training.

Joe holds the following information security related certifications:

GIAC Strategic Planning, Policy, and Leadership (GSTRT)
GIAC Certified Forensic Examiner (GCFE)
GIAC Certified Incident Handler (GCIH)
Certified Information Systems Security Professional (CISSP)
CNSSI 4012 Senior Systems Manager
CNSSI 4013 System Administration in Information Systems Security
CNSSI 4014 Information System Security Officer
NSTISSI 4011 Information Systems Security Professional
NSTISSI 4015 Systems Certifier

Joe is active in the Oklahoma City information security community and is the chapter leader of the Oklahoma City Open Web Application Security Project (OWASP) chapter, is an instructor for the SANS Institute and teaches the following classes:

SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
MGT514: Security Strategic Planning, Policy, and Leadership

You can find Joe Sullivan's blogs online at:

https://www.1to1riskcontrol.com/news/ 
https://www.crossroadsinfosec.com/blog/
LinkedIn: https://www.linkedin.com/in/infosec-investigator

Sean Thomas has over 20 years of Information Technology experience, with more than eight years in cybersecurity/information security. He has been involved in many aspects of IT throughout his career including desktop support and academic systems administration, networking, and Windows & Unix/Linux server administration before finding his way to cybersecurity. 

Sean has been an instrumental part of the formation and evolution of the IT Security Services program at Embry-Riddle Aeronautical University. He currently serves as the Senior Information Security Analyst on the team, with over six years of experience working Incident Response, Digital Forensics, and Policy Management. In addition to his duties with the team, he is regularly asked to guest lecture on cybersecurity topics at the University, primarily for many first-year student classes.

Sean performs several functions with SANS Online Training as part of the OnDemand QC team to improve content delivery for dozens of courses, assisting with course review, and as a virtual TA for Simulcast.  Sean holds a Bachelor of Business Administration in E-Business Technology from Stetson University and holds multiple GIAC certifications, including GCED, GCFA, GCIH, GMON, GCWN, and GCDA.

Chris Traynor is a Sr. SecDevOps Engineer within Equifax's Global Security division. His background in information systems spans the Federal (VA), DoD (Marine Corp & Navy), and private sectors working within large international conglomerates and startup consulting shops alike. He has expertise in web apps, databases, APIs, scripting/automation, and project management. Chris holds a bachelor's degree in CIS from Anderson University, as well as GSEC, GCIH, GWAPT, and IAT Level III security certifications. He is a member of the GIAC Advisory Board, and has been a SANS course facilitator for SEC401 and SEC504. Chris lives in Charleston, SC with his wife, 2 dogs, and a cat. Twitter: @_christraynor_
With more than 20 years in the industry, Kendrick has served in many areas of the IT industry including networking (LAN/WAN troubleshooting, engineering and structured wiring), Web design, EndPoint administration, System administration, Programming and now Information Security. Kendrick currently serves as a member of his companys Information Security team and president of InfraGards Birmingham chapter which works with the FBI, Homeland Security and the U.S. Attourneys office to protect the 16 U.S. critical infrastructures from terrorist attacks. At night he manages 2 successful YouTube channels and his company which works directly with gaming companies around the world and has its own professional eSports team.

Tom Webb has over 15 years of experience in a dedicated security role. Tom has worked for state law enforcement and in the education sector.  He is currently employed by the University of South Carolina as the director of security operations. His current role includes leading a team that performs: incident response and forensics investigations. Tom's previous roles included: network security engineer, security architect, incident response, and penetration testing.

Tom has a B.S. in Information Management from the University of South Carolina. He holds various certifications including, CISSP, GXPN, and GSE. Tom also volunteers for the SANS Internet Storm Center. You can follow him on twitter @twsecblog, irhowto.wordpress.com or https://isc.sans.edu/handler_list.html#tom-webb.

Michael Weeks is currently working as the SOC and Incident Response Lead at Fair Isaac Corporation. He leads a highly technical team of Analyst, Developers, and Incident Handlers in the daily monitoring of cyber security events for FICO. A graduate of the SANS Technology Institute Master of Science in Information Security Engineering Program and certified GIAC Security Expert, as well as a host of other SANS Certifications and the CISSP from ISC2. Michael is also a Chief Master Sergeant with the United States Air Force Reserve working in the 960th Cyber Operations Group as a Cyber Warfare Operator. The greatest privilege is the ability to mentor the future cyber warfare operators in hopes that they can help solve the many problems in cyber security.