16 InfoSec Courses, 2 Weeks of Training at SANS Virginia Beach 2017. Save $400 thru June 28.

Mentor: Bios

Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Duncan is a Senior Manager within PwC Australia's Cyber Security and Forensics practice. He has over 17 years experience in Offensive and Defensive Cyber Security roles and is the lead for the National Operational Technology Cyber Security capability and Perth Cyber Security team. He has worked in United Kingdom, Indonesia, Abu Dhabi, Singapore and Australia.

Duncan can truly provide the holistic view of Cyber Security as he has been on both red and blue teams and is the proud holder of the GXPN Exploit Researcher and Advanced Penetration Tester and the GMON Continuous Monitoring and Security Operations.

James Arndt has been to numerous SANS training events and would like to share his knowledge gained with you. With his passion for security and years of classroom experience, you will gain practical knowledge and skills to take back to your company. James is a Security Engineer at the American Transmission Company based in the Milwaukee area. There he focuses on access management, vulnerability management, and reverse engineering whatever malware or malicious document comes his way. You might also find James hanging out with his family, playing guitar, or tinkering around in his basement lab.

Chris is a Director in IT Security at GlaxoSmithKline where he leads the services that deliver the IT controls that protect the company's network, servers, web and mobile applications, and data. He has led many incident response and vulnerability remediation efforts and has been working for over 20 years in the healthcare industry to promote information protection and IT security. He knows that striking the best balance between security and usability depends on having a clear understanding of the risks that vulnerabilities and threats pose to the business and being able to articulate those risks to senior business leaders. Chris earned his MBA from Drexel University with concentrations in both Management Information Systems and Corporate Finance and holds several professional and security certifications including GPEN, CISM, and a Six Sigma Black Belt.

Chris is an active member of the infosec community and looks for every opportunity to both learn and encourage others to gain a deeper understanding of the fascinating and often intimidating world of information security. He regularly takes part in security training, conferences such as Shmoocon and BSides, and capture-the-flag challenges to apply and grow his skills and understanding.

Joey Barkley spent over 15 years in IT and software development before realizing that he was not doing what he truly wanted. A very talented incident response manager took a chance on Joey and he is now a Senior Security Engineer. Joey earned his bachelor's degree in computer science from Freed-Hardeman University by working hard, pulling ethernet cable through insulation covered ceiling tiles, and spending time with like-minded peers who wanted to know more about the inside of a computer than they did the inside of a bar. He has taken multiple SANS courses and earned his GMON to become a better defender. Joey takes any opportunity he can get to help IT professionals become more security minded. He regularly pulls administrators to his computer for individual discussions, and has even been known to throw entire teams into the security rabbit hole. Joey is a true Jack-of-all-trades and is often called the man of a thousand hobbies by his family. He loves imparting any amount of knowledge he may posses to those who will listen, and has learned so much from SEC511 that he cannot keep it inside any longer. There are so many practical lessons to be learned from this course that he truly believes it is the best way to have an impact on companies and organizations that want to become better and defending their digital assets and make the world a better place for all computing citizens.
Brad is a consultant with SecureWorks doing full time web application penetration testing. He has a masters degree in Information Assurance from Dakota State University. Certifications include GWAPT, GPEN, GCIH, GCED, and CISSP. He is an active member of the local information security community. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.

David Bernal Michelena holds a bachelor's degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since June 2015 he serves as a cyber security researcher in Cyber Security Group in Scitum, a large consultant company in Mexico and Latin America. David's main activities are malware analysis, cyber threat intelligence, digital forensics and writing yara and snort rules to detect those threats and protect customers. David also performs ethical offensive activities and writes custom tools that are used in controlled environments to verify that security products do what they claim to do. 
From July 2013 to June 2015 David was a member of Security Events team at Alstom, a large company in energy and transport solutions protecting the endpoint environment of about 90,000 hosts distributed worldwide. In his time in Alstom his main activities were incident response, malware analysis and remediation, forensic analysis, IPS/IDS and SIEM management.
Formerly he served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitum's customers. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
From August 2009 to July 2011 he worked as a forensic analyst and incident handler in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico. David is GXPN, GASF, GREM, GCFA, GCFE and Access Data certified. He likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to swim and play the piano.

Raluca is an experienced Information Security and Privacy specialist, holding a Master Degree in IT Security, and several industry recognized certifications: GSEC, CISSP, CRISC, CISM, CISA, CIPT and PMP. With her employer, Raluca is heavily involved in various cyber security initiatives, leading information risk assessments, supporting the application security program, participating in the development of security architecture patterns for new platforms and technologies. Raluca is also a former Computer Science teacher, with 10+ teaching experience. Raluca is a believer in continuing education, so when she is not studying for a new certification or a new skill, she loves helping others learn and having again the opportunity to teach!

Tim Boyles is the Security Administrator for a Dallas based security company. He brings over 19 years of experience in the IT field. He has worked for the U.S. Navy, a network consultancy, and various other industries, always involved in networking and security.

He has been involved in security architecture, regulatory compliance, intrusion detection, penetration testing, vulnerability assessments, web application security assessments, and uses many security tools over the course of his work.

Michael A. Curtis (Mike) has over 20 years of experience in the security field and has held several key leadership positions at Rollins, Virtual IT Experts, this.com and BellSouth.net. Additionally, Mike is active in the security community having served as a past member of the Symantec Customer Advisory Board, and is an officer in the Atlanta (ISC)2 Chapter. Mike holds a BSEE, cum laude, from Northeastern University, an MBA from Bentley College and a CISSP.

Cuong Dinh is the Incident Response Lead at CH2M Hill, Inc. His expertise ranges from Vulnerability Management, Intrusion Detection and Analysis, Incident Response, Digital Forensic Analysis and Investigation, Malware Analysis, to Web Application and Network Penetration Testing. Cuong holds multiple GIAC certifications including: GSEC, GCIA, GCIH, GCFA, and GWAPT, along with a Bachelor's degree in Computer Information System from Metro State University of Denver and a Master's degree in Management Information System from University of Colorado Denver. Throughout his career Cuong has had the opportunity to implement many security programs and technologies including Encryption, User Awareness program, Vulnerability Management, IPS/IDS systems, Incident Response program, Malware Sandbox and Analysis, etc. Cuong enjoys sharing knowledge and giving back to the community.

Jeremy Druin works as an internal pen-tester, incident responder, and defect-remediation expert for a multi-national transportation logistics company. Other responsibilities include web vulnerability assessment operations, setting application and database security standards, creating developer training programs, and teaching developers how to architect, design and write secure applications. Additionally Jeremy develops the open-source Mutillidae 2.x training environment and consults on web-application security topics. As the Director of Education for the Kentuckiana ISSA chapter, Jeremy presents on web application pen-testing and remediation along with operating the "webpwnized" YouTube video channel. Jeremy has a Bachelor in Computer Science from Indiana University and is a GIAC-certified Network/Web Application Pen-Tester and Exploit Developer.

Craig Galley is an Information Technology Professional with accomplished work experience in the Security industry since 2001.  He earned a Bachelor of Science degree in Information Science from the University of North Florida.  Early in his career, he was responsible for deployment and management of network prevention controls for a private sector organization.

Craig's career focus shifted exclusively to application development with a desire to lead secure coding best practices while chaired on Information Security Steering committees and managing large development projects and teams.  

Craig's certifications include GSEC, GISP, CISSP and CSSLP.  In his current role as an Information Security Officer, Craig manages and directs an Information Security Program in the public sector.  He is also active in Information Security groups, with volunteer experience as a Vice President.

Matt got his start in the technology field by joining the US Army and serving as a satellite terminal operator for 5 years. Since the Army, he has worked as a firewall technical support technician, network engineer, systems administrator/engineer and a security analyst in the defense contracting world. He currently works as a security researcher doing threat analysis, threat hunting and penetration testing. He is passionate about using technology for good and educating technical and non-technical people about InfoSec issues.

Charles Gifford (Chazz) is a recognized expert within cybersecurity and has been working in the information technology and security field since 1997. Over the course of his career, Chazz has held various technical and leadership positions within the Aerospace and Manufacturing Industry. Chazz currently manages a Global Security and Risk Team for a fortune 500 company that spans everything region. Chazz?s latest scholastic achievement is graduating with honors from the University of Maryland University College in the Masters of Science in Information Technology focused in Information Assurance. Chazz has specialized in mentoring, metrics and measuring effectiveness of security teams throughout the last 7 years of experience.

Edward Hansen has over 19 years of experience in technology and security fields. For the last 5 years Edwards security interests have focused on information security for the US Army, serving as Information Assurance Manager and Systems administrator while in Korea to his most recent assignment as the Network security Manager for the Division. Edward started his technology career in the US Navy training as a Sonar Technician in 1997. While in the Navy he held positions in database management, network administration, curriculum development, and Instructor. Developing test banks, managing the distributed testing environment while instructing. While serving at the Anti-Submarine Warfare Training Center Edward Hansen earned the Navy designation of Master Training Specialist through demonstration of exceptional instructional ability. Edward holds the GIAC GSEC, GCED, GCIH, GPYC, CompTIA Security + and CompTIA Network +, and most recently was awarded ISC2 Associate after passing the CISSP. During his off time he likes to experiment with security onion, and other security tools on his home network, continually seeking to improve his knowledge and skills within the information security field.
Matt Helin has over 10 years experience in the IT and data communications field. He is a former network and systems engineer who has shifted his primary focus to all things information security for the past few years. He holds the CISSP and GCIH certifications and currently works in the information security department for a high profile e-commerce company. Matt is excited to mentor SEC 504 because it is generally a person's first exposure to common hacking tools. Witnessing first hand how systems are breached can be amazing, alarming, and eye opening.

From load FILENAME,8,1...to the Start button... to touch interfaces, technology has been a constant companion (and sometimes obsession) for Cliff.

Cliff's professional career started 18+ years ago as a help desk analyst supporting mainframes and dial-up internet. He progressed through desktop support, desktop management and server administration and joined the security team in late 2008. The wide diversity of topics in security has Cliff thirsting for knowledge like he was a teenager again.

Cliff currently holds CISSP, CISM, GPEN, GCIH, GWAPT, GXPN, OSCP, MCSA and Security+ certifications. 

Occasionally (read rarely), Cliff will add something mildly informative to somethingsomethingsecurity.com.

Mark has been in IT for almost 20 years. He started in Security in 2000 when a UNIX box cost $250 grand. He currently manages a team of Security Analysts as he builds a SOC at a Financial Services company. He is excited to bring his energetic teaching style to SANS students. Check out his 2016 BSides Cincinnati talk on You Tube! He's worked for a CPU manufacturer where he helped launch a motherboard, a physical security company, and a Fortune 50. He helped a bank achieve their first PCI compliance. He's helped secure a research foundation. Hal gets embarrassed every time Mark reminds him that his first SANS class was Track 6 at Network Security in New Orleans before Katrina moved it to Las Vegas. He holds 3 SANS challenge coins. SANS history: Track 6 & 8, Business Law & Computer Security, SEC503, SEC504, SEC505, SEC508, SEC558, FOR508. He's held GMON, GCIH, and GCFA certifications.
Shawn has over 17 years in the field of IT and 10 specifically in an Information Security role. Currently Shawn has taken a position as the Information Security Officer at the University of California School of Medicine. In this role Shawn is responsible for building a robust security program to meet the needs of both educational and healthcare requirements. His responsibility is to implement the policies, standards and procedures to build the framework for this security program. Once the framework is in place his responsibilities also deal with building a security team and implementing technologies and best practices to support this security program. Throughout his career Shawn has had the opportunity to implement many security programs and technologies including encryption, next generation firewalls, IPS/IDS systems, vulnerability management and data loss prevention. Shawn holds many industry certifications including the well known CISSP, GSEC and GCCC. Shawn is always continuing his education and will be taking many more SANS and other security courses. Shawn is excited to have the opportunity to get more in touch with the individuals that are in the security industry near him. He looks forward to being able to pass along some of his experiences and lend a helping hand to the next generation of security professionals.

As an information security professional, Azeem has accrued years of experience in security engineering, incident response, digital forensics and vulnerability management. A firm believer in ongoing education, he works hard to keep his base of knowledge current and up to date. Although he holds accreditations from such industry leaders as GIAC, ISC2 and Access Data already, he is constantly looking for ways to learn more and to gain a better understanding of his field, attending and volunteering at conferences such as Shmoocon and Blackhat.

Azeem is a natural people person who connects easily with people from all backgrounds. He enjoys working with and mentoring people who are motivated to the same extent that he is, and he takes real pleasure in discussing the security field. A strong advocate for continued progress in the security field, he speaks eloquently and listens closely, knowing that there is always something for him to learn and share.

Azeem looks forward to serving as a mentor as a way to provide value to the community that has become so much like home to him over the years.

Kory started his career as a controls engineer developing custom control logic and HMI interfaces for a machine automation company from 2001 to 2008. All machines were designed, manufactured and commissioned in house for the customers specific and unique needs. This also included basic networking, operating system configuration and deployment, and database design (but the world was much simpler then or was it with no Plug and Play functionality?). In 2008, Kory transitioned to the power industry working as a project engineer in controls for a period, working on DCS, PLC, HMI and SCADA systems for small to medium sized projects. Following that, moved into the reliability engineering department ensuring the uptime and reliability of the plant equipment and executing enhancement of the cyber security systems for NERC compliance. He transitioned after that to the Manager of Industrial Controls position, which is currently held today, leading the group of engineers and other professionals in all aspects of the industrial controls systems for the fleet of assets. Following events such as Stuxnet, BlackEnergy and others, cyber security of the controls systems have become paramount and forms the bulk of day to day activities.

Vincent LeVeque is a Business Information Security Officer for American International Group (AIG), a global financial services company. Vincent teaches information security classes for UCLA Extension. He is the author of the book, Information Security: A Strategic Approach, published by IEEE/Wiley. Vincent received his Masters of Science degree in computer science specializing in information security from James Madison University, one of the first programs certified as an NSA Center of Academic Excellence in information security.

Nathan Lock graduated with M.S. in Instructional Design and spent several years creating online college courses, designing lectures and curriculum, consulting law enforcement instructors, and creating computer based training modules. Then he decided to enter into computer security. Nathan developed a highly technical foundation from serving in the Air Force as an Integrated Avionics Technician. In order to enter into the field of computer security, he attended night classes and was self-taught enough to acquire Security+. From there he began working as a technical writer for Blue Canopy and excelled by establishing incident handling procedures in accordance with NIST SP 800-61 R2. During this time, he completed self-paced learning to achieve a CEH. Soon after, Nathan attending a GSEC bootcamp taught by Paul Henry. The experience changed Nathan's perspective on IT security and he pursued more training and SANS certifications. Attending a local GIAC Incident Handler training and then a GIAC Intrusion Analyst bootcamp, Nathan looks forward to acquiring these certifications and continuing onward.

Roy Luongo is a cyber professional with over 15 years experience. As a CNO operator, Roy has performed offensive cyber operations and adversary emulation for the federal government for many years. He served as a technical director for interactive operations and the Chief, NSA Red Team. As a SME for the United States Army and the Department of Defense(DOD) he has developed thousands of cyber professionals through direct training and workforce design used throughout the DOD and other Federal organizations. Mr. Luongo holds two Masters Degrees in Information Management and Cyber Security Additionally, he holds CISSP, GCIH, GPEN, GXPN, GAWN, and GMOB certifications. He has worked with local high schools to mentor teams to the final rounds of both the Cyber Patriot and Maryland Cyber Competitions and is an avid promoter of cyber skills in middle and high school curriculums. Mr. Luongo has also served as a member of the Center of Academic Excellence, Cyber for the Department of Defense, working with Universities and Colleges to expend curriculums and degree programs in Cyber Security and Cyber Defense. Roy enjoys working with like-minded individuals and mentoring for the SANS Institute, allows him to experience the growth of cyber in a small group collaborative setting. Mentorship allows him to give back to a community that has given him so much.

Ken May is the CEO and co-owner of Swift Chip, a full service IT firm servicing all of Southern California. Hes been a resident of Ventura since 1999, is married to his wife Debbie, and has 3 daughters and a son. He has a Masters Degree from SBCOM, a Bachelors in Liberal Arts from Thomas Aquinas College and has written 3 books and numerous articles. He has been Voted Top Channel Influencer of the SMBnation 150, and carries numerous certifications from HP, Microsoft, Cisco, Symantec, Dell and more. Recently, he was chosen by his peers to be elected to the CompTIA Managed IT Services Community Executive Council, where he will directly influence the education and guidance of their international IT community. Ken is also a Commissioner for the City of Ventura, CA, where he works to help promote the Arts in his community. He enjoys music, martial arts, movies and SCUBA diving. Mr. May strongly believes that it is important to be actively involved in the community, and that one should always try to keep the Big Picture and long term goals in mind when solving immediate-need issues, whether it be in business, community or ones personal life.
Bryan McAninch is an information security professional with over twenty years experience in various disciplines including digital forensics, penetration testing, and security architecture. He holds a Bachelor of Science in Business Administration from the University of Texas at Dallas and a Master of Science in Information Assurance from the University of Dallas. Bryan is passionate about information security and giving back to the community. He is an organizer of the North Texas Cyber Security Group and owner of Prevade Cybersecurity.
Jason is passionate about security and is thrilled to have the opportunity to enable others with a similar passion. A thorough techno-nerd with experience as a developer, sales engineer, and security professional, Jason has a wide-ranging skill set which enables creative approaches to red-team challenges. Jason holds Security+, Network+, Certified Ethical Hacker, and GPEN certifications.

Lisa Peterson CISA, CRISC, CISSP has worked in Information Security for 20 years, and is a Security Analyst for Progressive Insurance. Her current focus is in governance, risk and compliance. She is a part-time instructor at Cleveland State University and also speaks on security topics. She serves on the board for the Information Security Summit, the Northeast Ohio chapter of ISACA, and the Northeast Ohio chapter of CSA.

Yas Richardson is an active duty service member with over 15 years of IT experience. He currently serves in the Army's Cyber Branch and specializes in incident handling, intrusion analysis, windows security and network auditing. He has spent the past 4 years assessing and defending IT Security for Army research and development projects and directorates. Yas earned a Masters of Science in Information Assurance and Security and the following GIAC Certifications GSEC, GCIH, GCIA, GCFA, GCWN, GPEN and GSNA certifications, as well as CISSP and other IT certifications.

Steven Romero is a 20-year technical professional with experience in IT operations, ICS engineering, project management, & training. Steven is passionate about information security, and is a strong advocate and beneficiary  of the SANS hands-on approach to learning. Please join Steve and thousands of other InfoSec professionals who have advanced their knowledge and career through the SANS training and certification program.

In the early 2000's Andrew Rozema worked as a systems and network administrator for a major media company whose claim to fame was getting Lincoln elected, but that happened a long while before he started working there. After a couple of virus outbreaks including Sasser and CodeRed the company decided somebody should know something about information security, and sent him to his first SANS GSEC class. After which he immediately went back to the office and changed ALL the passwords. That class sparked a passion for information security that's been with him ever since. Since then in addition to roles in that media company involving IT administration, management and security; he worked his way through both a baccalaureate degree and Masters degree in information security and discovered a passion for not only learning about information security, but teaching it as well. After teaching a couple of night classes at the local community college, he was hooked, and when a full-time faculty position opened up, he made the switch. Now Prof. Rozema is the head of the department of Computer Information Systems at Grand Rapids Community College, as well as an Assistant Professor, still responsible for teaching information security as well as classes in Linux, shell scripting, JavaScript, Secure Mobile Application Development and some very exciting classes in penetration testing. As department head his focus is now to bring the program in line with both the CNSS and NICE framework for national accreditation. Prof. Rozema still accepts select consulting engagements and advanced teaching opportunities to make sure he stays on the cutting edge in technology and grounded in what IT looks like in the real world.
Francisco holds a Masters Degree in Computer Engineering, from Nova University, in Lisbon, since 2011. A military official, Francisco was promoted to Major in 2010. Currently employed at the Armys Geographical Institute, Francisco was promoted twice within the last three years and is now responsible for the IT Department. He is an extremely dedicated and hard-working individual, passionate about his work. Francisco has continuously been broadening his knowledge and skills in the information security area, having completed several certifications in this field: a)Certified Linux Administrator; b)Curso Cisco Certified Network Associate (by Academy); c)Curso Cisco Certified Network Associate Security (by Academy); d)Check Point Certified Security Administrator; e)Tenable Certified Nessus Auditor; f)Tenable Certified Nessus User; g)GIAC Certified Incident Handler (GCIH).
Louis Scharringhausen is a principal in CRAs Forensic Services practice, specializing in digital forensic and cyber investigations assisting clients and their counsel in independently responding to allegations of fraud, abuse, misconduct, intellectual property theft, and non-compliance. A former federal agent, he has more than 20 years of experience in investigation with 15 of those conducting complex computer forensic investigations for matters concerning intellectual property theft, computer intrusion, and unauthorized use. Mr. Scharringhausen is frequently called upon to present findings of his analyses through expert opinion reports, affidavits, declarations, and testimony in federal and state courts. Mr. Scharringhausen has performed forensically sound collections and analyses on computers, laptops, servers, mobile devices, and cloud storage platforms. Mr. Scharringhausen is an EnCase Certified Examiner and a Global Information Assurance Certification (GIAC) Certified Forensic Analyst. He has spoken at the Paraben Forensic Innovations Conference (PFIC) on forensic analysis techniques. In addition, he served as a technical editor on McGraw Hills 2nd edition of Hacking Exposed: Computer Forensics.
Heather was fortunate enough to enter IT at a time when the only prerequisite for a job was the ability to turn on a PC. Starting on a helpdesk, she worked her way up through systems and network administration, finally stumbling into information security after being told her job responsibilities suddenly included firewall log review. In 2006, Heather received her Masters in Information Assurance from Norwich University and has since earned several SANS certificates and her CISSP. Heather currently works as an information security architect for an international tire distributor after experiencing such diverse industries as insurance, accounting, real estate, banking, and healthcare. She loves helping people learn and is excited to have the opportunity to teach!

Billy Smith is an IT Security professional with over 25 years of training in the IT and Security field. He began his career with Lockheed Martin Data Systems deploying networks, UNIX based network management systems and satellite communications for the Department of the Navy. Following Lockheed Billy joined Mercer Engineering Research as a Computer Scientist working on contracts with the Air Force maintaining enterprise level UNIX Systems. Later, as the center became known for its Finite Element and Computational Fluid Dynamics analysis Billy deployed and managed High Performance Linux Clusters to run solvers for these difficult problems. For the past several years Billy has served as the centers Sr. Division Manager of Network Systems and Information Assurance which has included the development and ongoing management of a Network Security Operations Center. Billy currently holds the following security certifications (GSEC, ACSA and ACSE)

Dmitriy Sokolovskiy entered the Information Technology field in 1999 and throughout the years gained experience in multiple fields, including Windows and Unix server administration, NOC and SOC operations, large scale security projects and live incident response and remediation for some of the largest breaches in US history. He is a Certified Information System Security Professional and a GIAC Certified Enterprise Defender. Dmitriy had a first hand experience with the incredible lack of knowledgeable and experienced information security professionals in the IT and wanted to utilize his skills and experience to help close this gap.

Scott has been in the IT industry since 1970 and a has been a member of  the IEEE since 1984

He has multiple College degrees, including:
Masters of Science in Computer Engineering, University of South Florida
Masters in Business Administration, University of Tampa

Many vendor certifications, including:
MCSE, Master CNE, CISSP and GSEC certifications.

A Veteran of the USAF, 56th Security Police Squadron in Tampa Florida.

Scott is excited to mentor the GSEC class once again because it was a lot of fun last time.  All of the people who took the class passed and were certified, he wants to see that happen again.

Charter member of the ISC2 Twin Cities Chapter, Board of Directors, Treasurer.
Participate in UMSA, and putting on Secure 360 conference.

Scott is a Scouter (BSA) with two sons and a daughter who are Scouts. And a long term volunteer in scouting (12 years) currently the Metro Lakes District, District Commissioner in the Northern Star Council.

Austin Taylor has an extensive background in Defensive and Offensive Cyber Operations and has performed incident response for some of the world's top Fortune companies. His expertise includes penetration testing, data science, threat hunting and User and Entity Behavioral Analytics (UEBA). He is the co-author to "Crash Course in Data Science for Hackers" which is taught annually at Blackhat and author of "How to Build a World Class Monitoring System for Home, Small Office, or Enterprise Networks". In his off time, he teaches programming and conducts training at conferences. He currently serves as a Cyber Warfare Operator for the United States Air Force and works at IronNet Cybersecurity as a Senior Security Researcher. Austin holds multiple industry certifications including CISSP, GMON, GCCC, GCIA, GCIH, GCPM, GSEC, GPEN, CEH, VCP, CCNA:Security

Andy Thompson, has 20 years in the fields of Web Development, Systems Engineering/Administration, Architecture, and Information Security. Currently, he is the Customer Success Strategic Advisor in the Southwest region for CyberArk Software. He works with Fortune 500 clients to ensure they are properly deploying their privileged account security programs and leveraging cybersecurity best practices. He's also an public speaker, who continues to speak on the topics of cybersecurity. He's a active member of the Dallas Hackers Association and Shadow Systems Hacker Collective. In his free time he enjoys "travel-hacking" and going on fantastic adventures all over the world with his wife and two girls. Andy holds a Bachelors of Science in Information Systems from the University of Texas at Arlington as well as the GIAC GPEN certification, and CISSP from (ISC)2.

Jim Voorhees was named MSISM Program Director of SANS Technology Institute (STI) in November 2011. A graduate of STI, Dr. Voorhees has had a varied career in government and private industry. He earned his Ph.D from the Johns Hopkins School for Advanced International Studies after earning degrees in International Affairs from the George Washington University and working on the editorial staff of the International Food Policy Research Institute. After writing a book for the Kettering Foundation (Dialogue Sustained) and experience with Kettering, the Congressional Research Service, and IREX, Dr. Voorhees entered the IT industry as a technical writer, he quickly moved on to systems administration, then IT security and SANS. He has worked on security at several government agencies, including the FBI and the IRS, and currently works for Sage Management as a Network Security Engineer on a DOD contract.

Brian Willis is a cyber-security expert for CSRA based in the DC area. He has been providing Unix/Linux administration and cyber roles to private industry and government for 18 years. Currently his role is running cyber systems that protect the federal government. Before that he managed systems at NOAA's National Weather Service in various operational roles. Through his years of experience he helped draft security guidance for interagency communication via disparate application stacks using application layer security proxy devices. Other projects include NIST/FISMA security, security scanning, PKI key creation, network packet dumps, etc. He enjoys understanding how things interconnected and then evaluating how they are vulnerable or prone to failure. All this interest started with Amateur Radio and has led to a passion for all thing technical and mechanical. He holds the CISSP, GCUX, and CCSK.