Since then, Chris has worked for Tyonek Services, E-volve Technology Systems, and as an independent contractor. Today, he's back with the USAF as a civilian employee serving as the curriculum lead for a USAF Cyberwarfare training course that prepares students to perform network security, assessment, threat hunting, incident response, forensic analysis, and penetration testing. In this role, Chris researches tactics for doing threat hunting and incident response to improve the training methods used by the Air Force, trains instructors on these tactics, builds and reviews curriculum, and occasionally teaches a cyberwarfare operations course.
"I have had a lot of fun working on some advanced incident response cases, and also doing vulnerability assessments of numerous networks," says Chris. "It is very rewarding to be able to stop an attacker before they gain access and are able to cause damage."
A SANS instructor since 2013, Chris teaches SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling, where he shares the experience he's gained protecting the U.S. DoD network and studying hacking methodologies used by multiple threat actors, including multiple APT groups. "In the classroom, I always try to share lessons I have personally learned or observed over the years," says Chris. "Many of these are of course due to making mistakes and learning a better, more efficient way of doing things."
Among the many rewards of teaching, Chris says helping students grasp new concepts and discover new ways of solving problems rank the highest. "Becoming a SANS instructor is a great opportunity to pass on lessons that I have learned over the years, while expanding my own knowledge through student interactions," says Chris. "We can all learn from each other, no matter how experienced or inexperienced anyone believes themselves to be."
In the classroom, Chris encourages students to ask questions, contribute to discussions, think about new ways of dealing with problems, and learn from each other. And he appreciates seeing students implement what they've learned in the real world.
"I had a student in a class that received a call from her company concerning a large-scale data breach involving over 100,000 pieces of sensitive information," Chris recalls. "She and I were able to discuss the problem, infrastructure, and possible containment steps. The fact that she was able to immediately put the concepts to use that we had just discussed earlier in the week was a truly memorable experience."
Chris holds GIAC GXPN, GPEN, GCFA, GNFA, GCIH, GCIA, GISP, GSEC, and CISSP certifications and is a recipient of the "General John P. Jumper Award for Excellence in Warfighting Integration." He has a bachelor's degree in intelligence studies and information operations from American Military University and a master's in cybersecurity from the University of Maryland University College.
Outside of work, Chris regularly volunteers with his church managing the church's website and network security. He also volunteers with Operation Christmas Child, which delivers gift-filled shoeboxes to impoverished children around the world. In his spare time, Chris enjoys woodworking, fishing, camping, and simply spending time with his family.
Summary of Credentials
- 20+ years in intelligence, network security, cyberwarfare, incident response, forensic analysis and penetration testing
- Worked in the NSA Threat Operations Center while active duty in the USAF
- Instructor for SANS SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling
- Recipient of the "General John P. Jumper Award for Excellence in Warfighting Integration"
- BS, intelligence studies and information operations, American Military University
- MS, cybersecurity, University of Maryland University College
- GIAC GXPN (Exploit Researcher and Advanced Penetration Tester)
- GIAC GPEN (Certified Penetration Tester)
- GIAC GCFA (Certified Forensics Analyst)
- GIAC GNFA (Network Forensic Analyst)
- GIAC GCIH (Certified Incident Handle)
- GIAC GCIA (Certified Intrusion Analyst)
- GIAC GISP (Information Security Professional)
- GIAC GSEC (Security Essentials Certification)
- CISSP (Certified Information Systems Security Professional)