Last Day to Save $300 on Cyber Security Training at SANS Seattle Spring 2020! 7 Courses Available.

Mentor: Bios

Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Scott Anderson is a Technical Leader with Cisco Systems with Learning@Cisco. He has been with Cisco for over 10 years and specialises in Security, Routing and Switching. Prior to joining Cisco Scott has worked in various roles in IT and T industry for with a broad range of experience in Defence, State Goverment and Commercial customers Scott has a Masters Degree in Networking and Systems Administration from Charles Sturt University and currently holds a number of Industry Certifications including CCIE, CISSP, GNFA, GPEN, GCUX and GCIA.

James Arndt is a Cybersecurity Engineer for American Transmission Company in Milwaukee, Wisconsin. He focuses on dissecting whatever malicious email, documents, URLs, and executables come across his way. Besides incident response, he has his hands in endpoint security, vulnerability management, and access management.

James has spoken at various local and national conferences on topics such as incident response and reverse engineering. He has sucessfully taught SEC401 Security Essentials and SEC504 Hacker Tools, Techniques, Exploits, and Incident Handling. You might also find James running after his four kids, playing guitar, or tinkering around in his basement lab.

Dan Banker currently holds the GCIH, GCIA, GCFE, and GNFA and is a threat hunter/incident responder for Motorola Solutions in Chicago, Illinois. He is also the primary Carbon Black system administrator and has extensively worked on customizing the product for Motorola's environment. This includes extensive scripting with the API to increase detection beyond what is currently capable in the GUI. From his time in the SOC at Dell Secureworks, he developed a love for pcaps and chaining grep/sed/awk to distill logs into useful information. Outside of infosec, he is a career musician and plays guitar for the popular Metallica tribute band Blackened. As a former guitar instructor with 40+ weekly students, he knows that passion for the field is and important part of the teaching process, and he brings his love of information security to the classroom.

David Bernal Michelena holds a bachelor's degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since June 2015 he serves as a cyber security researcher in Cyber Security Group in Scitum, a large consultant company in Mexico and Latin America. David's main activities are malware analysis, cyber threat intelligence, digital forensics and writing yara and snort rules to detect those threats and protect customers. David also performs ethical offensive activities and writes custom tools that are used in controlled environments to verify that security products do what they claim to do. 
From July 2013 to June 2015 David was a member of Security Events team at Alstom, a large company in energy and transport solutions protecting the endpoint environment of about 90,000 hosts distributed worldwide. In his time in Alstom his main activities were incident response, malware analysis and remediation, forensic analysis, IPS/IDS and SIEM management.
Formerly he served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitum's customers. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
From August 2009 to July 2011 he worked as a forensic analyst and incident handler in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico. David is GXPN, GASF, GREM, GCFA, GCFE and Access Data certified. He likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to swim and play the piano.

Craig Bowser is an ardent and dedicated infosec professional with 19 years of experience in the field. He began his career in the Air Force as a communications officer where he began as a system administrator, then was assigned as an IT specialist leading teams performing network optimization and troubleshooting. His final assignment was as a network security team lead. After separating, he worked as an Information Security Manager, Security Engineer, Security Analyst and Information System Security Officer with the DOJ, then DOD, and currently is with the Dept of Energy where he is one of the Senior Security Engineers.

He has spoken at various security conferences such as BSidesDC, BSidesCharm, DerbyCon and multiple SANS events such as the SOC and the SIEM Summits. He hold multiple certifications from SANS (GSEC, GCED, GCDA) as well as the CISSP from ISC2.

Craig has an Electrical Engineering degree from Stevens Institute of Technology. He is active with local infosec groups such as NOVA Hackers where he has given multiple presentations and maintains a blog at

He is a Christian, Father, Husband, Geek, and Scout Leader who enjoys woodworking, sci-fi fantasy, home networking, tinkering with electronics, reading, and hiking. And he has a to do list that is longer the time to do slots that are open.

Larry has over 20 years experience in Information Technology. Over that time he has taken on numerous roles including: managing desktops for a global defense ins, servers, networks, people, projects and a variety of cloud platforms. Larry is currently the Information Security Officer for a dynamic fintech company based in the Dallas/Fort Worth metroplex. He is responsible for maintaining all aspects of the security program across a wide range of systems and platforms. Larry has led the planning, design and implementation of secure cloud migrations utilizing IaaS, PaaS, and SaaS solutions based on the individual project's business goals. Larry is passionate about building information security and information technology solutions that provide value to the business while ensuring security of sensitive data. Larry has completed a total of five college degrees including a Master of Science in Cybersecurity and Information Assurance, a Master of Science in Information Systems, and a Master of Business Administration. He has also completed numerous certifications from ISC2, Microsoft, VMware, Cisco, GIAC and others throughout his career. His portfolio of GIAC certifications currently include the GIAC Critical Controls Certification (GCCC), GIAC Strategic Policy, Planning and Leadership (GSTRT), GIAC Secure Software Programmer- .NET (GSSP-.NET). He also has a number of industry certifications including the CISSP, CCSP, CCSK, CEH, CHFI, ITIL V2 and V3, VCP V2-V5, multiple MCSE, and the Azure administrator associate.

Marcelo has been working with information security and carrying out computer forensics investigations for over 20 years. He worked with incident response / computer emergency response, was responsible for conducting investigations, responding to networking intrusion attempts, investigated and handled privacy-related incidents and consumer complaint in liaison with Legal and Human Resources departments, analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place, including offering remediation strategies, investigated and immediately worked to stop leaks and inadvertent disclosures of confidential information and developed policies and security awareness programs, working with highly sensitive information in a team environment.

He analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place. Audited, verified network security and gave recommendations to improve network security. Executed wireless evaluations and security auditings. Advised organizations with current information about information security technologies and issues and researched and recommended solutions. Wrote user manuals on security software and computer, email and Internet use policy. Developed and implemented user security awareness programs, with seminars, conferences, folders, newsletters and helpful suggestions. Designed and reviewed Windows and Linux security architecture.

Marcelo has assisted task forces in lawsuits as a technical assistant, acting as an expert witness in civil and criminal trials. He assisted in computer crimes (cybercrime) investigations and was responsible for establishing many procedures at the Federal Prosecution Service, such as evidence's chain of custody. He performed customer data analysis of data requested from banks and telecommunication companies, as requested by Brazilian Attorneys. He wrote, compiled and edited reports of security activities. He has also worked as an associate professor at some universities and lectured at the most important Information Security conferences in Brazil. He maintains a webpage dedicated to Digital Forensics and Incident Response (in Portuguese):

Finally, he holds a Masters degree in Computer Science, a Master in Bussiness Administration (Public Administration) and a Bachelor degree in Information Systems. He also has some certifications, which illustrates his passion to learn: GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH), CISSP (Certified Information Systems Security Professional), CHFI (Computer Hacking Forensic Investigator) and EnCase Certified Examiner (EnCE).

Mel Drews has been on both attack and defense sides of security throughout the public and private sector for more than 15 years. He's covered numerous roles in organizations large and small, including solutions engineer, analyst, auditor, penetration tester and consultant. His current role is in a global 50 financial services firm assuring software security. When not coding projects or studying for the next big thing, Mel is combing the forest floor for fungus in West Michigan or playing racquetball. He holds the GWEB, GCFE, and GCCC certifications, as well as CISSP, CISA, and CISM.

Mike Harris is an Information Technology Cyber Security Professional holding certifications as a Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Information Security Professional (GISP), Cisco Certified Network Associate Security (CCNA-Security), Cisco Certified Network Associate (CCNA), Red Hat Certified Technician (RHCT), and Red Hat Certified Systems Administrator (RHCSA). Mike has additional technical certifications which include Digital Forensics Examiner, Network Protocol Analyst, Project+, Linux+, and A+. Mike will soon graduate with a Bachelor of Science in Information Technology Security. Mike is the founder and former board member of TinkerMill, a non-profit organization dedicated to furthering the knowledge of our kids, adults, businesses, and municipalities in the use of high tech with the incorporation of creativity and art. He is also a Red Team Member of the Rocky Mountain Regional Collegiate Cyber Defense Competition. Mike has built a CSIRT from the ground-up, including a secure infrastructure using Linux systems (Red Hat and Ubuntu). Mike has extensive knowledge as a Technology Security Auditor conducting assessments, measuring vulnerabilities, security posture on internal and external networks, and account activities for insider threats and abuse.

Rick is a Staff Cyber Security Analyst for Northrop Grumman and has over 20 years of experience in various professional roles and fields.
Rick started his career as far from InfoSec as possible: as an Aircraft Armament Systems Specialist in the USAF. He had the opportunity to cross-train into a field that allowed him to perform client support and Information Assurance duties, which then enabled him to take a position with the Department of Defense (DoD). While with the DoD, Rick performed network and endpoint analysis, adversary emulation, and conducted cyber operations as an interactive operator as part of a Red Team. Rick has had the privilege of experiencing a broad range of technical fields, including network analysis, intrusion detection, penetration testing, malware analysis, reverse engineering, and digital forensics. 
Rick is passionate about educating and mentoring future InfoSec professionals. He has volunteered as a Red Team member for the CyberPatriot National Finals for the past 4 years, and also volunteers for the Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) Red Team. Rick was also an adjunct professor for a local community college, where he helped coached a cyber competition team and taught computer science courses. He is still active in cyber competitions, and takes the opportunity mentor and help other students grow in the field. Rick also performs independent consulting services and is a security researcher/bug bounty hunter with the SynAck Red Team. He has also taught short workshops at Unallocated Space, a local hackerspace, and presented at BSides Boise.
Rick holds his Bachelors in Cybersecurity from UMUC, and is currently pursuing his Masters in Cybersecurity from Excelsior College. He also holds a number of professional certifications, including GCIH, GAWN, GCFA, GCIA, GPEN, GXPN, and CISSP.

After 20 years of military service, he proudly continues to serve as a Cyber Operations Technician with duties ranging from Auditing/surveying, Incident Response, Forensics, Red Team, consulting and training.  His main role is serving as the Microsoft Windows and PowerShell Expert.  He spent his previous 14 years working in a Windows and VMWare environment.  He became the PowerShell Expert and automated most of the Sysadmin?s routine tasks.  He also served as the alternate Information Assurance Manager.  His main duties include patch management, RMF implementation, and tracking user security awareness training.
His credentials include the CISSP, VMWare Certification, C|EH, 9 GIAC Certifications (GPYC, GMON, GCWN, GPEN, GCIA, GCIH, GCFA, GSEC, GSNA), Company Grade Officer of the Year, Army 255S (Information Protection Warrant Officer Advance Course) Graduate, and holds a Bachelor of Science in Management in Information Systems.
He enjoys giving back to the community in various ways.  He serves as a Cyber Patriot Mentor and is an active member of his local ISSA Chapter.  He enjoys presenting at community events, like BsidesCharm, and ISSA.    

Tim Larkin is a Senior Cyber Security Engineer at Spinvi Consulting, LLC supporting US Navy projects.  In 2013, as the US Army was working to create its Cyber Workforce, Tim graduated first in his class at the pilot course of Fort Gordon's 25D Cyber Network Defender program becoming the first National Guard Cyber Network Defender in the world. In 2018, he mobilized with his unit to support US CYBERCOM and the NSA.  He holds an MBA from Webster University and is projected to graduate from the SANS Technology Institute's MSISE program in 2020. Tim holds the following industry certifications: GIAC GSE #216, GXPN, GSEC, GMOB, GCCC, GSNA, GCED, GCFE, GCIH, GCIA, GMON, GCPM, CISSP-ISSEP, CRISC, CompTIA Security, CompTIA Network and CompTIA A.  Tim lives in Charleston with his wife, Janet, stepson, Justin and their dog, Rey.

Frederic Lauzier has been in the IT business since 2000. He was an IT consultant for two years and then enrolled in the Canadian Armed Forces as a Signals officer. He is still serving after 18 years and manages IT, Cyber, Radios, Satcom and Infrared communications systems, among others, both in a deployed field environment and in a static strategic one. 
Frederic has been deployed in Afghanistan with the Canadian Army and employed within the NATO Regional Command (South) Headquarter as a signals officer.
Over the years he acquired the ITIL v3 Expert certification. He has also earned a Masters in IT from University of Sherbrooke and a Masters in Defense Studies from the Royal Military College of Canada.
He attended his first SANS course in Fall of 2018 and since then, found a passion in sharing his knowledge with other SANS learners.
Frederic hold the following SANS certifications: 

Jason works for one of the largest financial institutions in the country as the Director of Cyber Security Operations Center focusing on internal security monitoring and response.  He has developed processes and procedures to reduce incident impact and cost, as well as early identification of incidents.  He has led teams responding and investigating numerous large scale incidents and APT attacks.

Jason also served as the President of the Atlanta chapter of the HTCIA and served on the board for directors of the Atlanta chapter of the ISSA.

On his off hours Jason enjoys teaching SANS Forensics curriculum as part of the SANS Mentor program.  He holds a Masters of Science in Information Security and Assurance (MSISA), and numerous security certifications such as: GCFA, GNFA, GCIH, GREM, GCCC, G2700, CISSP, CHFI, CEH and CISA.

Jason firmly believes that the only way to truly be secure is by educating others, and he lives by this principle. Furthermore, if you take the time and listen, you can learn from anyone, mostly from your students."

Bryan McAninch is an information security professional with over twenty years experience in various disciplines including digital forensics, penetration testing, and security architecture. He holds a Bachelor of Science in Business Administration from the University of Texas at Dallas and a Master of Science in Information Assurance from the University of Dallas. Bryan is passionate about information security and giving back to the community. He is an organizer of the North Texas Cyber Security Group and owner of Prevade Cybersecurity.

William has been passionate about computers and their security since being introduced to them as a young teen. Early on he knew that he wanted to be working in information security. He began his education as network engineer at a vocational technology school while still in high school. After graduation he started an Information Assurance and Forensics Bachelor's degree at an NSA Center of Academic Excellence.

William has a decade and a half of experience within the field of information security. He has supported a fortune 5 company as a security engineer, supported many government and commercial customers in various roles within a Security Operations Center (including Incident Response analyst, DMA Lead and SOC Manager) and now is a Principal Security Researcher in a malware analysis role. He has taken the initiative to mentor and train new team members and has led many community events within the companies he has worked for. These events include quarterly mini conferences, Capture The Flag (CTF), LAN Parties, and other events to build the community and share knowledge. He is a frequent conference attendee and has participated in and won a number of IoT Village CTFs, including winning a Black Badge at BSidesDC for placing First in the competition. While the majority of his career has been supporting the blue team, he's always had a passion for the red team and has been honing his skills in penetration testing and exploit development. William currently holds the GCIA, GCIH, GPEN, GREM, GCTI, and GXPN GIAC certifications. In addition to those GIAC certifications, he holds the OSCP and CISSP. 

Outside of information security, William is a general class Amateur Radio operator (KE5HDY), 3D printing enthusiast, and is working to become a member of the 501st legion (a Star Wars costuming organization that participates in costumed charity and volunteer work). His blog can be found at

Ryan O'Grady has worked in information technology and security for over 15 years. He has had the opportunity to work with NASA, DHS, and several DoD agencies, including ARL, AFRL, ONR, and DARPA, in domains ranging from automation and autonomy to adaptive training. He helped stand up the Cyber Operations division at Soar Technology, taking the role of portfolio lead for workforce development. He was also the principal investigator for an Air Force Research Labs (AFRL) project to develop an intelligent training system for cyberspace operators to provide individualized, personalized training in realistic environments. Ryan was the technical lead on a related project to create autonomous cyber attackers for training, testing, and evaluation purposes.

Ryan works for the SANS Institute to implement a new approach to curriculum software development. In his spare time, he is the technical advisor for the Team5 startup, which is creating automated job candidate assessment capabilities for recruiters. Mr. O'Grady earned his B.S.E. in Computer Science from the University of Michigan in 2004 and is pursing a M.S. in Information Security Engineering from the SANS Technology Institute. Certifications: GCIH, GCIA, GWAPT, GCPM, GSEC

Roger OFarril is an Information Security Manager is the banking industry. He has been in IT for over 20 years, focusing for the last six on cybersecurity issues. His career started on the endpoint side and quickly moved towards servers and networking. His main areas of expertise include cloud security, incident response, forensics, insider threat, and security analytics. 

He serves as a subject matter expert for CompTIAs Cybersecurity Analyst as well as ISC(2) Certified Cloud Security Professional. He is also a member of the GIAC Advisory Board. He holds multiple security certifications such as CISSP, CCSP, CISM, GCIH, GCFE, GCED, among others. In addition, he enjoys shaping future InfoSec professionals by serving as an adjunct professor teaching courses such as Cisco networking and Introduction to Cloud Computing. 

Recently retired, Mark, in his 28 years of service with the Kansas City Missouri Police Department, has served in many capacities, including Patrol, Internal Affairs and conducting digital forensic investigations. In 2011 Mark was assigned as a task force officer at the FBI?s Heart of America Regional Computer Forensics Laboratory (HARCFL).

While working as an FBI CART-certified forensic examiner he conducted examinations on a number of state/local and federal cases involving child exploitation, homicide, network intrusions and terrorism. He has also provided court testimony on numerous cases regarding general crimes and digital investigations.

Mark was a mentor and training officer at the HARCFL and he worked a number of cases while appointed to the lab. He was sought out for his knowledge of forensics, electronics and Python programming. He also used his programming background to create scripts which are used in the lab to streamline various functions. 

Mark has experience in HTML, Linux, Apple devices and cell phones. He held the FBI certification of FE (Forensic Examiner), and still maintains the SANS certifications GCFE and GPEN, CompTIA certifications A+, Net+, SEC+ and he has an Associate's Degree in Computer and Electronics Engineering Technology?. This most likely explains his fascination with Frankenstein electronic projects with lots of little blinking lights - at least his wife would like to think so.

Mark is excited to share his knowledge of electronics and digital forensics with people who have similar interests, and employ problem-solving techniques to assist them when needed.

Adam has been an Information Security professional in the financial services industry since 2009. He has taken on various roles in his career with experience in incident response, controls auditing, malware analysis, digital forensics, identity and access management, password management, security event monitoring, web vulnerability scanning, security awareness training, and penetration testing. Adam received his GSEC certification in 2009 and has completed classes with SANS in malware analysis and digital forensics. Additionally, Adam received the OSCP certification from Offensive Security in 2016 and has taken on a more focused role in penetration testing over the past year. Adam is excited to be a mentor to provide a solid foundation of training to new professionals in the Information Security field.
Anthony Switzer is a Senior Consultant working in Attack and Penetration. His career has evolved from working for small business, the government, and Fortune 500 companies, all which have led into cybersecurity. He has over 22 years of expertise spanning network and information security and administration, IT operations management, red teaming for both the financial industry and government organizations as well as threat hunting and security engineering. Anthony has a history of working the Project Management side of the industry as well, making him knowledgeable on the many facets of implementing security changes within a company. Anthony has a B.Sc. in Computer and Information Science w/ Concentration in Cyber and Network Security. He also currently holds: GIAC Mobile Device Security Analyst (GMOB), GIAC Web Application Penetration Tester (GWAPT), GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), GIAC Critical Controls Certification (GCCC), GIAC Certified Detection Analyst (GCDA), GIAC Security Essentials (GSEC), GIAC Certified Project Manager (GCPM), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), ITIL Foundation, ITIL Intermediate and Continual Service Improvement (CSI), Lean Six Sigma Greenbelt Training, and Microsoft Certified System Engineer (MCSE) 2003 certifications.

Sean Thomas has over 20 years of Information Technology experience, with more than eight years in cybersecurity/information security. He has been involved in many aspects of IT throughout his career including desktop support and academic systems administration, networking, and Windows & Unix/Linux server administration before finding his way to cybersecurity. 

Sean has been an instrumental part of the formation and evolution of the IT Security Services program at Embry-Riddle Aeronautical University. He currently serves as the Senior Information Security Analyst on the team, with over six years of experience working Incident Response, Digital Forensics, and Policy Management. In addition to his duties with the team, he is regularly asked to guest lecture on cybersecurity topics at the University, primarily for many first-year student classes.

Sean performs several functions with SANS Online Training as part of the OnDemand QC team to improve content delivery for dozens of courses, assisting with course review, and as a virtual TA for Simulcast.  Sean holds a Bachelor of Business Administration in E-Business Technology from Stetson University and holds multiple GIAC certifications, including GCED, GCFA, GCIH, GMON, GCWN, and GCDA.

Ryan Thompson is currently working as a Senior Security Analyst at Alert Logic.  His primary functions include IDS tuning, log-based investigations, and netflow analysis but also acts as a mentor and instructor for the SOC. Ryan's previous roles involved solution migrations (on-prem to cloud), administering procurement systems, and data analysis. He currently holds the GCIA, GNFA, and several AWS certifications.

Chris Traynor is a Sr. SecDevOps Engineer within Equifax's Global Security division. His background in information systems spans the Federal (VA), DoD (Marine Corp & Navy), and private sectors working within large international conglomerates and startup consulting shops alike. He has expertise in web apps, databases, APIs, scripting/automation, and project management. Chris holds a bachelor's degree in CIS from Anderson University, as well as GSEC, GCIH, GPEN, and GWAPT security certifications. He is a member of the GIAC Advisory Board, and has been a SANS course facilitator for SEC401, SEC504, and SEC560. Chris lives in Charleston, SC with his wife, 2 dogs, and a cat. 

Michael Weeks is currently working as the SOC and Incident Response Lead at Fair Isaac Corporation. He leads a highly technical team of Analyst, Developers, and Incident Handlers in the daily monitoring of cyber security events for FICO. A graduate of the SANS Technology Institute Master of Science in Information Security Engineering Program and certified GIAC Security Expert, as well as a host of other SANS Certifications and the CISSP from ISC2. Michael is also a Chief Master Sergeant with the United States Air Force Reserve working in the 960th Cyber Operations Group as a Cyber Warfare Operator. The greatest privilege is the ability to mentor the future cyber warfare operators in hopes that they can help solve the many problems in cyber security.