Become more effective at your job with hands-on cyber security training in Reston. Save $200 thru 8/28.

Mentor: Bios

Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Scott Anderson is a Technical Leader with Cisco Systems with Learning@Cisco. He has been with Cisco for over 10 years and specialises in Security, Routing and Switching. Prior to joining Cisco Scott has worked in various roles in IT and T industry for with a broad range of experience in Defence, State Goverment and Commercial customers Scott has a Masters Degree in Networking and Systems Administration from Charles Sturt University and currently holds a number of Industry Certifications including CCIE, CISSP, GNFA, GPEN, GCUX and GCIA.

James Arndt is a Cybersecurity Engineer for American Transmission Company in Milwaukee, Wisconsin. He focuses on dissecting whatever malicious email, documents, URLs, and executables come across his way. Besides incident response, he has his hands in endpoint security, vulnerability management, and access management.

James has spoken at various local and national conferences on topics such as incident response and reverse engineering. He has sucessfully taught SEC401 Security Essentials and SEC504 Hacker Tools, Techniques, Exploits, and Incident Handling. You might also find James running after his four kids, playing guitar, or tinkering around in his basement lab.

Dan Banker currently holds the GCIH, GCIA, GCFE, and GNFA and is a threat hunter/incident responder for Motorola Solutions in Chicago, Illinois. He is also the primary Carbon Black system administrator and has extensively worked on customizing the product for Motorola's environment. This includes extensive scripting with the API to increase detection beyond what is currently capable in the GUI. From his time in the SOC at Dell Secureworks, he developed a love for pcaps and chaining grep/sed/awk to distill logs into useful information. Outside of infosec, he is a career musician and plays guitar for the popular Metallica tribute band Blackened. As a former guitar instructor with 40+ weekly students, he knows that passion for the field is and important part of the teaching process, and he brings his love of information security to the classroom.
Brad is a consultant with SecureWorks doing full time web application penetration testing. He has a masters degree in Information Assurance from Dakota State University. Certifications include GWAPT, GPEN, GCIH, GCED, and CISSP. He is an active member of the local information security community. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.

David Bernal Michelena holds a bachelor's degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since June 2015 he serves as a cyber security researcher in Cyber Security Group in Scitum, a large consultant company in Mexico and Latin America. David's main activities are malware analysis, cyber threat intelligence, digital forensics and writing yara and snort rules to detect those threats and protect customers. David also performs ethical offensive activities and writes custom tools that are used in controlled environments to verify that security products do what they claim to do. 
From July 2013 to June 2015 David was a member of Security Events team at Alstom, a large company in energy and transport solutions protecting the endpoint environment of about 90,000 hosts distributed worldwide. In his time in Alstom his main activities were incident response, malware analysis and remediation, forensic analysis, IPS/IDS and SIEM management.
Formerly he served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitum's customers. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
From August 2009 to July 2011 he worked as a forensic analyst and incident handler in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico. David is GXPN, GASF, GREM, GCFA, GCFE and Access Data certified. He likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to swim and play the piano.

Mr. Bluml has been performing computer related investigations for over twenty years. His investigations have ranged from simple data theft to more sophisticated hacking efforts involving multiple computers, to intellectual property theft with attempts to hide the activity or manipulate the data via date and time changes to the computer. He has also been involved in employee fraud cases involving expense report falsifications, credit card fraud, and identity theft. He has spoken at numerous national and international trade conferences on the subject of computer forensics and related investigations. Love sharing knowledge and teaching people that are really interested in the material.

Craig Bowser is an ardent and dedicated infosec professional with 19 years of experience in the field. He began his career in the Air Force as a communications officer where he began as a system administrator, then was assigned as an IT specialist leading teams performing network optimization and troubleshooting. His final assignment was as a network security team lead. After separating, he worked as an Information Security Manager, Security Engineer, Security Analyst and Information System Security Officer with the DOJ, then DOD, and currently is with the Dept of Energy where he is one of the Senior Security Engineers.

He has spoken at various security conferences such as BSidesDC, BSidesCharm, DerbyCon and multiple SANS events such as the SOC and the SIEM Summits. He hold multiple certifications from SANS (GSEC, GCED, GCDA) as well as the CISSP from ISC2.

Craig has an Electrical Engineering degree from Stevens Institute of Technology. He is active with local infosec groups such as NOVA Hackers where he has given multiple presentations and maintains a blog at

He is a Christian, Father, Husband, Geek, and Scout Leader who enjoys woodworking, sci-fi fantasy, home networking, tinkering with electronics, reading, and hiking. And he has a to do list that is longer the time to do slots that are open.

Ismail has over 15 years of Information Security experience and holds multiple SANS certifications. He has a passion for teaching and presenting complex topics. His classes are engaging, interactive and dynamic.

Michael A. Curtis (Mike) has over 20 years of experience in the security field.

He has held several key leadership positions at Rollins, Virtual IT Experts, and

Additionally, Mike is active in the security community having served as a past member of the Symantec Customer Advisory Board, and is an officer in the Atlanta (ISC)2 Chapter.

Mike holds a BSEE, cum laude, from Northeastern University, an MBA from Bentley College and a CISSP.

Mel Drews has been on both attack and defense sides of security throughout the public and private sector for more than 15 years. He's covered numerous roles in organizations large and small, including solutions engineer, analyst, auditor, penetration tester and consultant. His current role is in a global 50 financial services firm assuring software security. When not coding projects or studying for the next big thing, Mel is combing the forest floor for fungus in West Michigan or playing racquetball. He holds the GWEB, GCFE, and GCCC certifications, as well as CISSP, CISA, and CISM.
Leslie Fife has been involved in technology for more than 30 years. He has been a software developer (6 years), a college professor (22 years) and for the past few years has worked as a Security Analyst in the financial services industry and as an Information Security Manager for a large non-profit. His interests are welding, blacksmithing and physical security.

Craig Galley is an Information Technology Professional with accomplished work experience in the Security industry since 2001.  He earned a Bachelor of Science degree in Information Science from the University of North Florida.  Early in his career, he was responsible for deployment and management of network prevention controls for a private sector organization.

Craig's career focus shifted exclusively to application development with a desire to lead secure coding best practices while chaired on Information Security Steering committees and managing large development projects and teams.  

Craig's certifications include GSEC, GISP, CISSP and CSSLP.  In his current role as an Information Security Officer, Craig manages and directs an Information Security Program in the public sector.  He is also active in Information Security groups, with volunteer experience as a Vice President.

McKell (Mick) is an information security professional with a unique blend of business and technology expertise. He enjoys dynamic and fast-paced environments and is passionate about building secure technology solutions. Micks background in technology began at an IT service desk. Following his undergraduate degree he became an IT auditor but found his passion in cybersecurity. In his 7+ years in the field, he has developed specialized expertise in the healthcare sector and is most passionate about software security. He currently manages product security in the healthcare and life sciences verticals for Cognizant Technology Solutions. Mick has a deep interest in technology and risk management, and enjoys attending and contributing/presenting at security conferences. His specialties include governance, systems architecture, AppSec and DevSecOps. He holds a B.S. in Business Management from Brigham Young University and an M.S. in Information Systems from the University of Utah. He also holds several certifications: CISSP, CISA, GWAPT, GWEB, PMP and others. Outside of work Mick enjoys cycling, swimming, music, sports, outdoor activities, geeking out and spending time with his family. He resides in Bluffdale, UT with his wife Lindsay and two sons. Mick loves teaching and helping students to succeed! As a mentor, he focuses on both soft and hard skills in the cybersecurity space.
Stanley got his start with computing and security at an early age. Having received a computer at age four, his curiosity with all things technology was cultivated by his parents. By age 13 he was trolling IRC channels and Usenet forums, running a small dialup BBS, and teaching himself computer networking, scripting, brute forcing, and password cracking. For his college career at Georgia Institute of Technology, he switched gears to pursue knowledge of electrical and computer engineering as he felt a degree in computer science would not be challenging enough. Through his education he discovered the microcosm of transistors and bits, gaining deep insight into how computers operate at the chip level. He used that knowledge as an intern at Texas Instruments to develop firmware for their DSP line of microprocessors in one summer session and to optimize testing routines on production semiconductor wafer batches in a second session. Another pivot led Stanley to a research position while pursuing a Masters degree at University of South Florida under the tutelage of Dr. Rich Gitlin of Bell Labs fame. There he developed software defined radio test platforms using FPGA systems in VHDL to assist PhD candidates to obtain data on novel wireless modulation schemes for use in medical applications such as in-vivo wireless networks. Ultimately, he chose a career in information security, which has revealed itself to be his true calling. He is extremely passionate in the field and his greatest motivators are the pursuit of knowledge, uncovering truth, and solving complex problems. Stanley is currently employed by Deloitte in its Managed Threat Services division, a MSSP SOC offering continuous monitoring service to commercial and public sector entities. His role is a multifaceted combination of senior security analyst, security engineer, and analyst manager. He has significant experience using all the major SIEM technologies in the pursuit of evil by running digital investigations to identify malware, insider threats, weak configuration, and other anomalies that reside on enterprise level networks. He has also been actively performing engineering development, correlation content, and maintenance of several SIEM deployments. He frequently gets called in to assist with incident investigations as a technical asset providing analysis on log activity, network capture data, and an occasional forensic image. His repertoire of GIAC certifications by SANS are in the areas of incident handling (GCIH), digital forensics (GCFA), and network forensics (GCNA).

Michael Hennick is currently CISO and Senior Network Security Architect for Solipsys Corporation, a wholly owned subsidiary of the Raytheon Company, where he is responsible for overseeing cyber operations for the company, including secure network architecture and design, incident response and forensics, vulnerability management, proactive threat assessments and penetration testing. He also teaches as an adjunct faculty for the University of Maryland, Baltimore County (UMBC) Cybersecurity Masters Program, and for the network security Associates Degree program at Howard Community College (HCC). Additionally he independently consults with small businesses to assist in their cybersecurity needs. With over 20 years of experience in the IT industry, Michael has held roles and gained first hand experience in positions ranging from software development, technical support, system, database, and network administration, network design and architecture, penetration testing, and incident response. Michael has a Masters of Professional Studies in Cybersecurity from the University of Maryland, Baltimore County (UMBC). He also maintains numerous industry certifications including CISSP, CASP, CEH, CHFI, as well as multiple GIAC certifications, and vendor specific certifications. He is also a member of the Baltimore chapters of FBIs Infragard, NCMS, and the Information Systems Security Association (ISSA).

James currently works as a Cyber Operation Technician for the Maryland National Guard.  His main function is to work with local defenders to make their networks more secure.  James has served in the Military for 21 years.  He has served in various positions with in a Windows environment, with his last assignment being a Systems Administrator for a small organization.  He also had additional duties of being the alternate Information Assurance Manager and Network Administrator.  James enjoys scripting and PowerShell so much that he became the admin that created the automation tools for the Sysadmin team.

James has a bachelor's degree in Management in Information Systems and is currently in the process of completing his MBA with an emphasis in Information Technology Management.  He is a graduate of the Army's 255-S school and hold the CISSP, 7 SANs Certifications (GSNA, GPEN, GCIA, GCWN, GCIH, GCFA, GSEC) and C|EH.

James enjoys giving back to the community by volunteering at schools and presenting the ISC2 Safe and Secure Online presentation to school aged children.

Ryan Irving has over 10 years of Information Technology experience working in the public sector. Ryan currently works for Hillsborough County Board of County Commissioners as the Information and Cyber Security Manager performing vulnerability management, forensics and incident response and other security operations. Ryan earned his Bachelor's degree from St. Petersburg College in Technology Management, with the focus in Information Security Assurance. Ryan then earned his Masters of Science in Digital Forensics from the University of Central Florida. Ryan has earned CompTIA's A+, Security+, ISC2 CISSP, and GIAC's GCIH, GNFA, GCFA, and GPEN. Ryan is excited to be your mentor for this course, and excited to share his experiences, and learn from others experiences during the course.

Jonathan Karchmer has over 15 years of experience in managing digital forensics and investigations. His background includes network administration, information security and electronic discovery project management. Jonathan frequently works on matters concerning trade secret theft. Jonathan has offered sworn testimony at deposition, hearing, and trial. Jonathan currently holds GCFA, GCFE, and GCIH certifications. He is excited about the opportunity to mentor FOR500 and share his enthusiasm for digital forensics with others.

Bryan Koch first became involved in cybersecurity as a member of the cyber defense team at the United States Coast Guard Academy. After four years of participating in the annual NSA Inter-service Academy Cyber Defense Exercise, Bryan attended his first SANS course, SEC 401. After 2 years of sea duty, Bryan entered into the Electronics and IT support field in the Coast Guard. At this assignment, Bryan served as the project officer for the Coast Guards IT Seabag Project, which was programmatic attempt to implement hardware authorization and management across the entire Coast Guard. He also returned to help cadets with the CDX and attended four more SANS courses at various venues. Bryan completed an MBA in 2015, focusing in Operations and Supply Chain Management. Shortly after, Bryan was temporarily assigned to Coast Guard Cyber Command to assist with the DoD Cybersecurity Implementation Plan following the OPM Data Breach. Bryan helped implement Coast Guard wide system health audits and was able to establish a 30-member Cyber Analytics team to augment traditional FISMA Audit efforts. Bryan graduated from Northeastern University in 2017 with an MS in Cybersecurity. At Northeastern, Bryan was President of the ISSA Student Chapter. Bryans thesis is currently being reviewed for publishing for the 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). His paper and presentation on Detection and Mitigation of Malicious Modifications on the Minnowboard Turbot won the 2017 Northeastern Research, Innovation, and Scholarship Expo (RISE) for Computer Science graduate level. Bryan is currently assigned as the Enterprise Operations Center Manager at Coast Guard Cyber Command and oversees a 75 member workforce maintaining Service Operations and Defense Cyberspace Operations for the U.S. Coast Guard.

Tim Larkin is a Senior Cyber Security Engineer at Spinvi Consulting, LLC supporting US Navy projects.  In 2013, as the US Army was working to create its Cyber Workforce, Tim graduated first in his class at the pilot course of Fort Gordon's 25D Cyber Network Defender program becoming the first National Guard Cyber Network Defender in the world. In 2018, he mobilized with his unit to support US CYBERCOM and the NSA.  He holds an MBA from Webster University and is projected to graduate from the SANS Technology Institute's MSISE program in 2020. Tim holds the following industry certifications: GIAC GSE #216, GXPN, GSEC, GMOB, GCCC, GSNA, GCED, GCFE, GCIH, GCIA, GMON, GCPM, CISSP-ISSEP, CRISC, CompTIA Security, CompTIA Network and CompTIA A.  Tim lives in Charleston with his wife, Janet, stepson, Justin and their dog, Rey.

Fredric Lauzier has been in the IT business since 2000. He was an IT consultant for two years and then enrolled in the Canadian Armed Forces as a Signals officer. He is still serving after 17 years and manages IT, Cyber, Radios, Satcom, among others, both in a deployed field environment and in a static strategic one. Over the year he acquired the ITIL Expert certification. He has also earned a Masters in IT from Universit de Sherbrooke and a Masters in Defence Studies from the Royal Military College of Canada.

He attended his first SANS course in Fall of 2018 and since always wanted to share his knowledge to other SANS learners.

For the past 16 years, Kevin has led high-performance teams of technical professionals at large-scale internet companies, with deepest experience in Network Security. Kevins 25+ year career in technology started when he was a CS student at UC San Diego, and has encompassed unix systems administration, secure software development, network security, and web site and SaaS performance and scalability. Kevin holds the CISSP, GCFA and GNFA certifications. Kevin is active in internet operational security efforts, and advises and invests in early stage technology companies.

Kevin is an extreme tcpdump enthusiast.

Bryan McAninch is an information security professional with over twenty years experience in various disciplines including digital forensics, penetration testing, and security architecture. He holds a Bachelor of Science in Business Administration from the University of Texas at Dallas and a Master of Science in Information Assurance from the University of Dallas. Bryan is passionate about information security and giving back to the community. He is an organizer of the North Texas Cyber Security Group and owner of Prevade Cybersecurity.

William has been passionate about computers and their security since being introduced to them as a young teen. Early on he knew that he wanted to be working in information security. He began his education as network engineer at a vocational technology school while still in high school. After graduation he started an Information Assurance and Forensics Bachelor's degree at an NSA Center of Academic Excellence.

William has a decade and a half of experience within the field of information security. He has supported a fortune 5 company as a security engineer, supported many government and commercial customers in various roles within a Security Operations Center (including Incident Response analyst, DMA Lead and SOC Manager) and now is a Principal Security Researcher in a malware analysis role. He has taken the initiative to mentor and train new team members and has led many community events within the companies he has worked for. These events include quarterly mini conferences, Capture The Flag (CTF), LAN Parties, and other events to build the community and share knowledge. He is a frequent conference attendee and has participated in and won a number of IoT Village CTFs, including winning a Black Badge at BSidesDC for placing First in the competition. While the majority of his career has been supporting the blue team, he's always had a passion for the red team and has been honing his skills in penetration testing and exploit development. William currently holds the GCIH, GPEN, GREM, GCTI, and GXPN GIAC certifications. In addition to those GIAC certifications, he holds the OSCP and CISSP. 

Outside of information security, William is a general class Amateur Radio operator (KE5HDY), 3D printing enthusiast, and is working to become a member of the 501st legion (a Star Wars costuming organization that participates in costumed charity and volunteer work). His blog can be found at

Christian was formerly the service line lead and one of the core content developers for the KPMG Pentesting and Threat Intelligence service lines. After leaving KPMG, Christian joined Foundstone for a period in order to help build the practice back up and establish himself in a more technical consulting role again, currently Christian is working as the Lead Cyber Partner and part owner of his own consulting firm Indelible LLC.
Christian has presented and been a participant at Blackhat, Defcon, MPOWER, RSA, Pacific Hackers Conference, Anycon, and was offered a position to keynote at RFUN; a threat intelligence conference run by Recorded Future. Christian has also presented on behalf of himself and KPMG at a variety of schools and charity events to help promote cybersecurity and protect against cyberbullying. Currently Christian holds 5 GIAC certifications with the goal of earning his GSE in the near future. He is also an active member of the SANS community assisting in question writing and course audits for the SANS OnDemand courses for the last few years, as well as an active member in the Security community, participating and assisting in the running and organization of many of the popular Security Conferences and events.

Recently retired, Mark, in his 28 years of service with the Kansas City Missouri Police Department, has served in many capacities, including Patrol, Internal Affairs and conducting digital forensic investigations. In 2011 Mark was assigned as a task force officer at the FBI?s Heart of America Regional Computer Forensics Laboratory (HARCFL).

While working as an FBI CART-certified forensic examiner he conducted examinations on a number of state/local and federal cases involving child exploitation, homicide, network intrusions and terrorism. He has also provided court testimony on numerous cases regarding general crimes and digital investigations.

Mark was a mentor and training officer at the HARCFL and he worked a number of cases while appointed to the lab. He was sought out for his knowledge of forensics, electronics and Python programming. He also used his programming background to create scripts which are used in the lab to streamline various functions. 

Mark has experience in HTML, Linux, Apple devices and cell phones. He held the FBI certification of FE (Forensic Examiner), and still maintains the SANS certifications GCFE and GPEN, CompTIA certifications A+, Net+, SEC+ and he has an Associate's Degree in Computer and Electronics Engineering Technology?. This most likely explains his fascination with Frankenstein electronic projects with lots of little blinking lights - at least his wife would like to think so.

Mark is excited to share his knowledge of electronics and digital forensics with people who have similar interests, and employ problem-solving techniques to assist them when needed.

Prior to graduating in 2017, Chris went back to working with NuWeb IT Solutions, a local IT Consulting firm. As a Systems Engineer, Chris was able to learn numerous fundamentals including, building, supporting, and configuring endpoints, network systems, VPN systems and configurations, SIEM tools and controls, and Active Directory. Throughout this time, Chris spent countless hours studying to reinforce his network skills before challenging himself with the CompTIA Network+. 

Following, thirst for information security knowledge and a position within the information security, Chris attained an internship at Assurant, Inc in July 2017. Here Chris earned the title of Jr. Security Engineer. As a Jr. Security Engineer, Chris harnessed the skills to document attack detections and assist in the development of control rules for detection through intensive log analysis. Chris also validated these endpoint and network security controls through the use of carious penetration tools including (MetaSploit, Mimikatz, BloodHound, and more). On October 2017, Chris continued extracurricular studies and received the Security+ certification. Reinforcing the skills learned after my studies, I worked to develop departmental technical security documentation for security controls, whitelisting and blacklisting, and general security procedures. Chris also worked diligently to get an in-depth analysis of security tools used throughout the environment through troubleshooting, development, updating of signatures, and growth of security implementations. In January, a full-time position opened up at Assurant for Information Security Analyst focusing on Incident Response and Security Operations. 

On March 2018, Chris accepted the job offer and became a member of the CSIRT team. Within the CSIRT team, Chris grew and developed skills to perform complex incident response and technical analysis to develop technical conclusions based on analysis of evidence and data. Chris also learned other skills including performing hunting for malicious activity across the network and digital assets, performing information security incident response and handling based on risk categorization and in accordance with established procedures, utilizing digital forensics tools to execute digital investigations and perform incident response activities. 

In January 2019, Chris participated in SEC504 with John Strand with high hopes of passing the GCIH with a high enough score to participate in SANS Gold and potentially mentor a course. On April 2019, Chris passed the GCIH with an 88 and following, received an email to apply for the mentorship. Upon receiving that e-mail Chris became ecstatic at the possibility of participating in a mentorship position to learn and grow amongst prestigious members within the industry. This opportunity is one Chris believes would not only help in the growth of his technical skills, but the growth of awareness and knowledge with those who seek to also grow.

Bryan Rude enlisted in the Army in 1996 and spent most of his 20-year career combating bits and bytes from the tactical to the enterprise.  He participated in the development and operational deployment of critical enterprise automation systems such as System Center Configuration Manager (SCCM) as well as Host Based Security System (HBSS) and Application Whitelisting. He retired from the Army as a Chief Warrant (CW) Officer 4 with the Military Occupational Specialty (MOS) of 255S.  

Bryan joined the MITRE team shortly after retirement from the Army as a Lead Cybersecurity Engineer.   He has worked to operationalize the ATT&CK Framework for several government organizations.  

Bryan specializes in endpoint security and the systems that support it.

He has spent most of his life as a student and continues to search for a life.  Over the years he has earned a Bachelors degree in Biblical Studies and a Master?s degree in Information Systems.  

Bryan achieved and continues to maintain multiple professional certifications.

Joe Sullivan has 20 years of experience in information security. Joe is the principal security strategist for Crossroads Information Security, the Chief Information Security Officer for a bank, and the owner and lead investigator of 1 to1 Risk Control & Investigations.

Joe got his start in information security in 1999 working for a web hosting company during the .com boom. In 2001, Joe started one of the first outsourced technical support companies for web hosting server support specializing in administration of LAMP servers and incident response.

After selling his company he went to work as the network security manager for a consumer electronics distributor and remained there for nearly 10 years. In 2014, Joe was recruited by Oklahoma based RCB Bank to guide their network security program. At RCB Joe is the Chief Information Security Officer.

Joe and his wife, Cathy, also operate Crossroads Information Security, which provides services to businesses that do not have the expertise or resources for network security. These services include penetration testing, gap analysis, policy, procedures, and training.

Joe holds the following information security related certifications:

GIAC Strategic Planning, Policy, and Leadership (GSTRT)
GIAC Certified Forensic Examiner (GCFE)
GIAC Certified Incident Handler (GCIH)
Certified Information Systems Security Professional (CISSP)
CNSSI 4012 Senior Systems Manager
CNSSI 4013 System Administration in Information Systems Security
CNSSI 4014 Information System Security Officer
NSTISSI 4011 Information Systems Security Professional
NSTISSI 4015 Systems Certifier

Joe is active in the Oklahoma City information security community and is the chapter leader of the Oklahoma City Open Web Application Security Project (OWASP) chapter, is an instructor for the SANS Institute and teaches the following classes:

SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
MGT514: Security Strategic Planning, Policy, and Leadership

You can find Joe Sullivan's blogs online at:

Sean Thomas has over 20 years of Information Technology experience, with more than eight years in cybersecurity/information security. He has been involved in many aspects of IT throughout his career including desktop support and academic systems administration, networking, and Windows & Unix/Linux server administration before finding his way to cybersecurity. 

Sean has been an instrumental part of the formation and evolution of the IT Security Services program at Embry-Riddle Aeronautical University. He currently serves as the Senior Information Security Analyst on the team, with over six years of experience working Incident Response, Digital Forensics, and Policy Management. In addition to his duties with the team, he is regularly asked to guest lecture on cybersecurity topics at the University, primarily for many first-year student classes.

Sean performs several functions with SANS Online Training as part of the OnDemand QC team to improve content delivery for dozens of courses, assisting with course review, and as a virtual TA for Simulcast.  Sean holds a Bachelor of Business Administration in E-Business Technology from Stetson University and holds multiple GIAC certifications, including GCED, GCFA, GCIH, GMON, GCWN, and GCDA.

Chris Traynor is a Sr. SecDevOps Engineer within Equifax's Global Security division. His background in information systems spans the Federal (VA), DoD (Marine Corp & Navy), and private sectors working within large international conglomerates and startup consulting shops alike. He has expertise in web apps, databases, APIs, scripting/automation, and project management. Chris holds a bachelor's degree in CIS from Anderson University, as well as GSEC, GCIH, GWAPT, and IAT Level III security certifications. He is a member of the GIAC Advisory Board, and has been a SANS course facilitator for SEC401 and SEC504. Chris lives in Charleston, SC with his wife, 2 dogs, and a cat. Twitter: @_christraynor_
Roy has been in the Information Security field for nearly a decade, working in the US Air Force as a network engineer, then later on as a Cyber Warfare Operator. While with the Air Force, Roy worked under the NSA as a Red Team Operator; conducting operations all over the world. After leaving active duty military, Roy worked for various defense contractors in both Red and Blue team positions, defending large organizations and conducting penetration tests and Red Team assessments alike. He currently runs Sentient Cyber, LLC, a company geared to providing enterprise level cyber security for small and medium sized businesses. Roy currently holds six GIAC certifications, as well as the coveted OSCP. He is currently pursuing his MSISE through the SANS Technology Institute. Throughout his professional and personal life, Roy has been a snowboard instructor, pistol coach and national competitor, and mentor to various military and DoD personnel in the realm of cyber security.
With more than 20 years in the industry, Kendrick has served in many areas of the IT industry including networking (LAN/WAN troubleshooting, engineering and structured wiring), Web design, EndPoint administration, System administration, Programming and now Information Security. Kendrick currently serves as a member of his companys Information Security team and president of InfraGards Birmingham chapter which works with the FBI, Homeland Security and the U.S. Attourneys office to protect the 16 U.S. critical infrastructures from terrorist attacks. At night he manages 2 successful YouTube channels and his company which works directly with gaming companies around the world and has its own professional eSports team.

Tom Webb has over 15 years of experience in a dedicated security role. Tom has worked for state law enforcement and in the education sector.  He is currently employed by the University of South Carolina as the director of security operations. His current role includes leading a team that performs: incident response and forensics investigations. Tom's previous roles included: network security engineer, security architect, incident response, and penetration testing.

Tom has a B.S. in Information Management from the University of South Carolina. He holds various certifications including, CISSP, GXPN, and GSE. Tom also volunteers for the SANS Internet Storm Center. You can follow him on twitter @twsecblog, or

Michael Weeks is currently working as the SOC and Incident Response Lead at Fair Isaac Corporation. He leads a highly technical team of Analyst, Developers, and Incident Handlers in the daily monitoring of cyber security events for FICO. A graduate of the SANS Technology Institute Master of Science in Information Security Engineering Program and certified GIAC Security Expert, as well as a host of other SANS Certifications and the CISSP from ISC2. Michael is also a Chief Master Sergeant with the United States Air Force Reserve working in the 960th Cyber Operations Group as a Cyber Warfare Operator. The greatest privilege is the ability to mentor the future cyber warfare operators in hopes that they can help solve the many problems in cyber security.

Since 2011, Terrence Williams has embraced the United States Marine Corps saying, "Grow Where You Are Planted." As an active duty Marine, Terrence was placed into the cybersecurity world to satisfy "The needs of the Marine Corps." Turns out, being planted in the cybersecurity role is the best place for Terrence to grow his passion for Digital Forensics & Incident Response (DFIR). Currently Terrence Williams works in a Defensive Cyber Operations billet that requires him to conduct various duties in the DFIR realm. His young career has led him to operating on multiple enterprise networks supporting military operations that expand across the world.

Terrence's thirst for knowledge is the primary fuel for his passion for the various DFIR avenues. Terrence's background in DFIR covers smartphone and Windows forensics, including, vulnerability discovery and analysis, threat hunting, reverse engineering malware, network security monitoring, and Python coding. Terrence has participated in building multiple standard operating procedures for the up and coming Marines that will be in various cyber operation roles.

Terrence alternative passion is to share his knowledge with the world. At an early age, Terrence found that people around the world crave knowledge and need the opportunity to gain it. He has begun building his social platform to drive his passion by being a guest blogger on The guest blog appearance has inspired Terrence to build his own website Life is a Game of Choices ( to further expand his brand. Terrence is excited to fulfill his passion for sharing knowledge as a SANS Mentor to further reach people that want to feed their passion for knowledge.

Outside of work, Terrence finds his passion in sports, dog training, reading, and being a connoisseur of the world's food and spirits.