Save up to $350 on Cyber Security Training at SANSFIRE in Washington, DC. Ends Tomorrow!

Mentor: Bios


Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

Brad is a consultant with SecureWorks doing full time web application penetration testing. He has a masters degree in Information Assurance from Dakota State University. Certifications include GWAPT, GPEN, GCIH, GCED, and CISSP. He is an active member of the local information security community. When not on a computer, Brad is usually tormenting his wife, playing with his two kids, or playing guitar.

David Bernal Michelena holds a bachelor's degree in Computer Engineering from the National Autonomous University of Mexico (UNAM). Since June 2015 he serves as a cyber security researcher in Cyber Security Group in Scitum, a large consultant company in Mexico and Latin America. David's main activities are malware analysis, cyber threat intelligence, digital forensics and writing yara and snort rules to detect those threats and protect customers. David also performs ethical offensive activities and writes custom tools that are used in controlled environments to verify that security products do what they claim to do.†
From July 2013 to June 2015 David was a member of Security Events team at Alstom, a large company in energy and transport solutions protecting the endpoint environment of about 90,000 hosts distributed worldwide. In his time in Alstom his main activities were incident response, malware analysis and remediation, forensic analysis, IPS/IDS and SIEM management.
Formerly he served as a Senior Computer Forensic Analyst at Scitum from July 2011 to July 2013. His main activities there were evidence acquisition, analysis, preservation, incident response, log analysis and results reporting to Scitum's customers. In Scitum he had the opportunity to work in challenging projects for Mexican private and public institutions, including large Banks and other large government clients.
From August 2009 to July 2011 he worked as a forensic analyst and incident handler in UNAM Computer Emergency Response Team, which is the first CERT to be created in Mexico. David is GXPN, GASF, GREM, GCFA, GCFE and Access Data certified. He likes programming in several languages and is a command line lover in LINUX and Windows as well.
On his free time, he likes to swim and play the piano.

Mr. Bluml has been performing computer related investigations for over twenty years. His investigations have ranged from simple data theft to more sophisticated hacking efforts involving multiple computers, to intellectual property theft with attempts to hide the activity or manipulate the data via date and time changes to the computer. He has also been involved in employee fraud cases involving expense report falsifications, credit card fraud, and identity theft. He has spoken at numerous national and international trade conferences on the subject of computer forensics and related investigations. www.computerforensicsconsultingllc.com Love sharing knowledge and teaching people that are really interested in the material.

After earning a degree in Electrical Engineering at Stevens Institute of Technology, Craig Bowser started in IT as an officer in the US Air Force where he managed, optimized and performed troubleshooting on networks at Air Force bases around the world. In 2000, when he was stationed in the Washington DC area, he took over as Chief of Network Security for the Defense Information Systems Agency (DISA) intranet. While there he obtained his GSEC from SANS in 2001. After separating from the military, Craig worked for several government contractors in a variety of information security roles including accreditation, security engineer, incident response, security analyst, and security manager. In 2006, he obtained his CISSP and in 2011, Craig attended SEC501 and earned his GCED. Soon after, Craig was invited to a new infosec user group starting to meet in Virginia called NOVA Hackers (NOVAH). The requirement for membership in NOVAH was simple: each member needed to give a 10-15 minute talk on a regular basis. So Craig started giving talks. Even though he was an experienced briefer from his time in the military, giving technical talks to an audience with varied technical experience taught him to be prepared in new ways. First, he needed to be prepared to know answers he didnt think he needed and second, the importance of learning from the audience. This actually taught him something else: Always have a notepad to take notes when speaking! Participation in NOVAH inspired him to learn python. This helped him to deal with his frustration regarding the alerts he received at the job he had at the time by automating much of the manual review. Participating in NOVAH also led to opportunities to attend local conferences such as Shmoocon and BsidesDC. The firehose of information was overwhelming at first, but with the help of his growing friendships in the community, Craig was able to absorb more and more of the knowledge and apply that knowledge at work. As Craig grew in his skills and knowledge, he found himself increasingly helping others at work, teaching them and leading the way in implementing new methodologies. Soon, during conversations at security conferences and at NOVAH, Craig found himself answering as many questions as he asked. Thats when he realized he needed to give back to the community that helped him by sharing the knowledge, skill, and methods he had gained over the years. And so, in 2015, he researched and crafted his first talk and submitted it to several conferences for consideration. That year he was accepted and spoke at three conferences, BsidesCharm, SANS SOC Summit, and SANS Cyber Defense Summit. Since then, Craig has given talks at every SANS SOC Summit, DerbyCon, Shmoocon Epilogue, and the SANS SIEM Summit in addition to keeping his membership active in NOVAH by speaking regularly and he volunteers on staff at BsidesCharm and BsidesDC. Since 2012, Craig has been the senior security engineer responsible for building and maintaining multiple SIEMs for a government agency. Being responsible for multiple SIEMs brought multiple disciplines from his career into one job. Security Engineering was required for him to architect the system so that it could manage the amount of logs being sent and to design how the logs would be captured and archived. Security Analysis was required so that he could design searches, alerts, reports and dashboards that identified anomalies in the enterprise and use the latest threat intelligence to find attacks. Incident Response was required so that when an alert was raised, he would know what to look for, in which logs to look, how to confirm or deny that a security event had taken place, and if so, how to track on-going activity to ensure that all everything malicious is identified and removed. Security Management was required to understand how the SIEM supported current policies and procedures or create opportunities to develop new ones. While he doesnt use other disciplines as often, there are times where an understanding of security law, application security, certification and accreditation and others have been important to ensuring that the SIEM succeeds in the organization. Managing the SIEM has caused Craig to mature as an infosec professional and expanded his areas of knowledge and skills. Craig is looking to find new ways to grow in his career, help others and give back to the communities that helped him.

He maintains a website at http://www.shadowtrackers.net where he maintains a blog and also posts slides from some of his past presentations.

He is stoked to have an opportunity to teach others while learning from students and fellow instructors. And have fun all the while!

Marcelo has been working with information security and carrying out computer forensics investigations for over 20 years. He worked with incident response / computer emergency response, was responsible for conducting investigations, responding to networking intrusion attempts, investigated and handled privacy-related incidents and consumer complaint in liaison with Legal and Human Resources departments, analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place, including offering remediation strategies, investigated and immediately worked to stop leaks and inadvertent disclosures of confidential information and developed policies and security awareness programs, working with highly sensitive information in a team environment.

He analyzed and documented information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place. Audited, verified network security and gave recommendations to improve network security. Executed wireless evaluations and security auditings. Advised organizations with current information about information security technologies and issues and researched and recommended solutions. Wrote user manuals on security software and computer, email and Internet use policy. Developed and implemented user security awareness programs, with seminars, conferences, folders, newsletters and helpful suggestions. Designed and reviewed Windows and Linux security architecture.

Marcelo has assisted task forces in lawsuits as a technical assistant, acting as an expert witness in civil and criminal trials. He assisted in computer crimes (cybercrime) investigations and was responsible for establishing many procedures at the Federal Prosecution Service, such as evidence's†chain of custody. He performed customer data analysis of data requested from banks and telecommunication companies, as requested by Brazilian Attorneys. He wrote, compiled and edited reports of security activities.†He has also worked as an associate professor at some universities and lectured at the most important Information Security conferences in Brazil. He maintains a webpage dedicated to Digital Forensics and Incident Response (in Portuguese): http://dfir.com.br/

Finally, he holds a Masters degree in Computer Science, a Master in Bussiness Administration (Public Administration) and a Bachelor degree in Information Systems. He also has some certifications, which illustrates his passion to learn: GIAC Certified Forensics Analyst (GCFA), GIAC Certified Incident Handler (GCIH), CISSP (Certified Information Systems Security Professional), CHFI (Computer Hacking Forensic Investigator) and EnCase Certified Examiner (EnCE).

Michael A. Curtis (Mike) has over 20 years of experience in the security field.

He has held several key leadership positions at Rollins, Virtual IT Experts, this.com and BellSouth.net.

Additionally, Mike is active in the security community having served as a past member of the Symantec Customer Advisory Board, and is an officer in the Atlanta (ISC)2 Chapter.

Mike holds a BSEE, cum laude, from Northeastern University, an MBA from Bentley College and a CISSP.

Mel Drews has been on both attack and defense sides of security throughout the public and private sector for more than 15 years. He's covered numerous roles in organizations large and small, including solutions engineer, analyst, auditor, penetration tester†and consultant. His current role is in a global 50 financial services firm assuring software security.

When not coding projects or studying for the next big thing, Mel is combing the forest floor for fungus in West Michigan or playing racquetball.

He holds the GWEB, GCFE, and GCCC certifications, as well as CISSP, CISA, and CISM.

Jeremy works as a security penetration tester, application security consultant, and defect remediation expert for UPS. Jeremy is also the owner of Ellipsis Information Security and teaches courses for SANS Institute.

As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on application security, penetration testing and defense along with operating the "webpwnized" YouTube video channel.

Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment. Jeremy has a Bachelors in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Masters in Computer Science from the University of Louisville and is a GIAC-certified Web Application, Mobile and Network Security Penetration Tester.

Family, Gadgets, games, aerial photography, great food and craft beer are some of Paul Dumbleton's passions. Hailing from the the United Kingdom via California and now Michigan, Paul completed his Bachelors in Information Technology from the University of Phoenix in 2004 while working for Herman Miller in Zeeland, Michigan. After a recent transition to Perrigo, Inc, he now manages and oversees Global Security Operations and Engineering. Paul's passion for Information Security and Technolgoy has spanned more than 25 years. He continues to be motivated by setting goals that challenge his experience and knowledge, and admits that he continues to learn something new everyday. This translates directly into his success protecting Perrigo from evil (according to his boss) and helping the great people he works with use information resources securely.
Andrew Dunsford is currently the Director of IS Risk at Wawanesa Insurance, responsible for cyber security. Prior to joining Wawanesa, Andrew spent ten years at a consulting organization, working with clients from various industries across Canada. Andrew holds multiple certifications: GSEC, GCIH, CISSP, CISA, CISM, CRISC

Leron is a 10-year active duty US Navy military member with 4 years in an information security position. With a passion for Python, he loves automating tedious daily routine tasks for efficiency and considers himself to always be in a position to learn more. He enjoys competing in as many CTFs as possible, and also often performs as a nerdcore rapper.

He currently holds the GPEN, GCFE, and GPYC certifications. He also maintains a blog at www.daddycocoaman.com.

Mike Hale is a 13 year veteran of the IT and Security field, having worked in all avenues from physical security to security architecture. He began his formal IT journey in 2005, and caught his first SANS course in 07. His background is very varied, ranging from entertainment to manufacturing to Satcom. He currently works for a major hospital in Los Angeles as an Engineer/Architect/IR guy.
Rick is a Security Engineer for G2, Inc and has over 15 years of experience in the IT field, with 5 years specifically in InfoSec. Rick started his career as far from InfoSec as possible: as an Aircraft Armament Systems Specialist in the USAF. Mr. Hidalgo had the opportunity to cross-train into a field that allowed him to perform client support and Information Assurance duties, which then allowed him to take a position with the Department of Defense (DoD). While with the DoD, Mr. Hidalgo performed network and endpoint analysis, performed adversary emulation and conducted cyber operations as an interactive operator as part of a Red Team. Mr. Hidalgo has had the privilege of experiencing a broad range of technical fields, including network analysis, intrusion detection, penetration testing, malware analysis, reverse engineering, and digital forensics. Mr. Hidalgo is passionate about educating and mentoring future InfoSec professionals. Rick has volunteered as a Red Team member for the CyberPatriot National Finals for the past 3 years, and recently joined the Mid-Atlantic Collegiate Cyber Defense Competition (MACCDC) Red Team. Rick was also an adjunct professor for a local community college, where he helped coached a cyber competition team and taught computer science courses. Rick is still active in cyber competitions, and takes the opportunity mentor and help other students grow in the field. He also performs independant consulting services and is a security researcher with the SynAck Red Team. Mr. Hidalgo holds his Bachelors in Cybersecurity from UMUC, and is currently pursuing his Masters in Cybersecurity from Excelsior College. He also holds a number of professional certifications, including GCIH, GAWN, GCFE, GCFA, GCIA, GPEN, and CISSP.

Dale Hobbs is a veteran of IT with over 18 years of experience starting out as a Junior Systems Administrator to his current role, Security Manager.

His background includes server and network administration, network architecture, network security, security policy development, adoption and direction setting in accordance with regulatory compliance and industry standards and currently holds the certifications of GSEC, GCIH, GPEN

Dale is excited about all areas of technology but most specifically network security. He is enthusiastic about sharing his knowledge and experiences with the next generation to help others achieve their IT related educational goals and embraces the opportunity to continuously learn and develop in his own career path.

Now a recovering CISO with over 20+ years direct Information Security experience, Christopher Hudel's experiences demonstrate success (and reveals his most inner excitement) within the domains of application and product security, incident & crisis management, penetration testing ("red teaming"), security roadmap and strategy, security operations, evangelism and leadership. Christopher's career path careened both the very technical (developing penetration testing teams & methodologies, working incident response for both malicious internal threats and nation state advanced persistent ones) and the very strategic (as a CISO for industries ranging from retail through industrial manufacturing). Comfortable in front of either board (key- or -directors), Christopher brings a sense of "extreme common sense" to communicating and understanding risk related to highly technical topics. Christopher is an accomplished speaker, most recently served as an adjunct professor teaching information security graduate and undergraduate courses for the University of North Carolina in Charlotte, NC.
Duane Isaacs is an IT veteran with over 23 years of experience who began his career as a Computer Repair Technician at a local computer store and evolved into his current role as a Web Application Security Analyst for one of the top corporations specializing in Software as a Service (SaaS). His background includes over 10 years of development and implementing complex infrastructures and technical solutions for industry leaders, IT Management, server and network administration, network architecture, network security, security policy development, adoption and direction setting in accordance with regulatory compliance and industry standards. He currently holds the GWAPT certification. Duane is enthusiastic about all areas of information technology, with focus on automation and information security. He is excited to share his knowledge and experience with the next generation to help others achieve their IT-related educational goals and expand his mastery into new security arenas.
Perry is an accomplished, well-rounded results driven Cybersecurity leader holding numerous certifications (SANS GSEC-GOLD, CISSP , CCSP, PMP, LSS-BB) and experience in enterprise security management, support, sales, consulting, project management and product development. His passion after retiring from the Air Force is bringing a cybersecurity focus to enterprise and government organizations driving the best possible cyber protections through leveraging the latest technologies and providing Defense in Depth (DiD) via information centric and vector control methodologies. He thrives in high visibility roles rapidly analyzing issues, translating the needs into strategic business objectives then effectively communicate innovative technical solutions. Perry has delivered edge protection, internal segregation, IdAM, VPN, and endpoint security systems for small business to Fortune 500 enterprises with 40,000+ users as well as state, federal and local governmental and education organizations. Passionate about business outcomes and he has a strong track record of leading projects that meet and exceed expense and revenue objectives. Routinely presents at conferences, i.e. ISSA Hawaii and Oregon Association of Government IT Managers, and driving new business and increased margins. ‚Experienced communicator comfortable presenting to audiences of one C-Level or 1K engineers ‚Expert in translating internal/external customer needs and pain points into solutions ‚Security Architecture and Design ‚Palo Alto Endpoint Associate, Accredited Configuration Engineer (ACE), Sales Executive (ASE) ‚Sophos Central and Endpoint Sales Engineer ‚Led teams of IT engineers, security/IAM software product development ‚Endpoint Protection Development and Management
Jonathan Karchmer has over 15 years of experience in managing digital forensics and investigations. His background includes network administration, information security and electronic discovery project management. Jonathan frequently works on matters concerning trade secret theft. Jonathan has offered sworn testimony at deposition, hearing, and trial. Jonathan currently holds GCFA, GCFE, and GCIH certifications. He is excited about the opportunity to mentor FOR500 and share his enthusiasm for digital forensics with others.

Bill has a Bachelor's of Science in Criminal Justice from the University of Alabama Birmingham and a Master's of Science in Technical Management from Embry Riddle Aeronautical University.† Currently he is working on his Masters of Science in Information Security Engineering through SANS Technical Institute and has numerous certifications through SANS.† Bill began his career in computer technology in the early 1990's while working at the University of Alabama Birmingham. There, he learned many of the widespread platforms and operating systems, employing computer troubleshooting and virus removal skills.

After a brief stint with professional baseball, Bill moved back to computers and started working for a DoD Contractor.† During the last 20 years, he has worked in various departments; Desktop Support, R&D, Client Engineering, IT Systems Engineering and Cyber Security.† The last ten years, Bill has worked within Information Security managing projects and working with various programs across multiple areas of Information Security.† He started working with SANS Instruction in 2012.†

Fredric Lauzier has been†in the IT business since 2000. He was an IT consultant for two years and then enrolled in the Canadian Armed Forces as a Signals officer. He is still serving after 17 years and manages IT, Cyber, Radios, Satcom, among others, both in a deployed field environment and in a static strategic one. Over the year†he acquired the ITIL Expert certification. He has also earned a Masters in IT from Universit de Sherbrooke and a Masters in Defence Studies from the Royal Military College of Canada.

He attended his first SANS course in Fall of 2018 and since always wanted to share his knowledge to other SANS learners.

For the past 16 years, Kevin has led high-performance teams of technical professionals at large-scale internet companies, with deepest experience in Network Security. Kevins 25+ year career in technology started when he was a CS student at UC San Diego, and has encompassed unix systems administration, secure software development, network security, and web site and SaaS performance and scalability. Kevin holds the CISSP, GCFA and GNFA certifications. Kevin is active in internet operational security efforts, and advises and invests in early stage technology companies.

Kevin is an extreme tcpdump enthusiast.

Dave Mayer is a Senior Security Consultant with InGuardians. Prior to joining InGuardians Dave was a member of the Red Team for a global financial organization and has almost a decade of experience working in healthcare both in Information Security and IT.†In his spare time, Dave can be found tinkering with many house projects or reliving his fire department days when he was part of the Fairchild Fire Company in the Morris Township Fire Department. He held numerous positions ranging from Engine, Ladder and Rescue Operator to Battalion Chief. Dave Mayer graduated from State University of New York at Plattsburgh with a Bachelors in Computer Science. Aside from running into burning buildings, Dave currently holds the following certifications: GIAC GSE, GSEC, GSNA, GCIA, GCFE, GPEN, GXPN, GCIH, GWAPT, GAWN and OSCP

Chris is Principal Consultant at Utopia Consulting and an ASD certified IRAP Assessor based in Canberra. After starting his career on a help desk, Chris pivoted through system administration into security around the turn of the millennium. Working with the Fortune 100, retail, non-profit and the government sectors, Chris is focused on ensuring that technical and security measures are user focused,† risk aware and understood by all stakeholders. This has included work in security architecture, assessment, auditing, engineering and response.†
Check out his Soundcloud, Instagram (et al) @chrismewett.†

William has been passionate about computers and their security since being introduced to them as a young teen. Early on he knew that he wanted to be working in information security. He began his education as network engineer at a vocational technology school while still in high school. After graduation he started an Information Assurance and Forensics Bachelor's degree at an NSA Center of Academic Excellence.

William has a decade and a half of experience within the field of information security. He has supported a fortune 5 company as a security engineer, supported many government and commercial customers in various roles within a Security Operations Center (including Incident Response analyst, DMA Lead and SOC Manager) and now is a Principal Security Researcher in a malware analysis role. He has taken the initiative to mentor and train new team members and has led many community events within the companies he has worked for. These events include quarterly mini conferences, Capture The Flag (CTF), LAN Parties, and other events to build the community and share knowledge. He is a frequent conference attendee and has participated in and won a number of IoT Village CTFs, including winning a Black Badge at BSidesDC for placing First in the competition. While the majority of his career has been supporting the blue team, he's always had a passion for the red team and has been honing his skills in penetration testing and exploit development. William currently holds the GCIH, GPEN, GREM, GCTI, and GXPN GIAC certifications. In addition to those GIAC certifications, he holds the OSCP and CISSP.†

Outside of information security, William is a general class Amateur Radio operator (KE5HDY), 3D printing enthusiast, and is working to become a member of the 501st legion (a Star Wars costuming organization that participates in costumed charity and volunteer work). His blog can be found at haxel.io

Jake Miller is an information security professional, primarily focused in offensive security. Jake is currently a penetration tester, but also has previous experience as a security controls assessor, SOC analyst, and system administrator.

Jake is a lifelong student, holding a variety of IT and cyber related certifications including GXPN, GCFA, GCIA, CISSP, and AWS Solutions Architect Associate, among others.

He blogs about security and coding at laconicwolf.com, and is passionate about sharing knowledge in the community.

Erich has been defending networks in the financial services industry for the last 3 years. In that time he has developed skills in areas such as Incident Response, Network Security Monitoring, and Vulnerability Management. In addition to being GIAC certified in Continuous Security Monitoring (GMON), he has his BS degree in Information Systems Security, and is also CompTIA CASP certified. Erich is eager to share his unique experiences all while delivering best in class instruction with SANS.

Jason Ostrom has helped over 220 organizations mature their Cyber Security programs by identifying business risks and improving their readiness for security incidents.† In his current role as Director of Technical Services for Zyston (https://zyston.com), Jason leads the Offensive security practice and† provides support for client security incidents in potential data breaches.† Jason is also the courseware author and instructor for Zyston?s ?Top Gun? offensive security class modules.

Jason has used his extensive experience to help clients solve a variety of security problems impacting their respective businesses.† He helped a solution manufacturer raise their DoD STIG metrics to above 95% for all assessed products, including development of Python hardening scripts that protected federal assets.† He coded a Python vulnerability management program that automatically provided remediation timeliness and metrics for closing security issues.† In a client-authorized penetration test, he found a 0-day vulnerability (CVE-2016-2783) in a networking platform that was ethically disclosed to the vendor.† He is the author of the ?VoIP Hopper? network infrastructure pen testing tool, which is included in the popular Kali Linux distribution.† Jason has extensive experience distilling security issues and presenting them to target audiences, including C-Suite and board, and has been quoted in media outlets such as Network World and Wired Magazine.† Jason has spoken at many high-profile security events such as DefCon and ShmooCon.† He has been invited by federal agencies, SANS Institute (Pentest Summit) and Forrester Research to speak on application security.† Jason currently holds the CCIE Security certification (including CCNA, CCDA, CCNP, CCSP) and GCIH, GCFA, GPEN, GWAPT certifications.† He earned an M.S. in Information Security from James Madison University, and his B.A. from the University of Michigan.

Military Biography Bryan Rude Bryan Rude enlisted in the Army in May of 1996 under the Student Loan Repayment Program. He attended Basic Training at Fort Sill Oklahoma. Advanced Individual Training (AIT) was later conducted at Fort Bliss Texas. His first enlisted assignment as a Specialist was as a 14R Air Defense Artillery Driver at Fort Stewart Georgia. SSG Rude was selected for Warrant Officer training. WO1 Rude's first Warrant assignment was to the 1st Calvary Division at Fort Hood Texas. Assigned to the Division Artillery Brigade, WO1 became the BDE Automations Officer. Deploying with the reflagged 5th Brigade Combat Team (BCT) into Baghdad, Chief Rude had the distinction of completing the first Brigade level tactical fiber optic ring. Chief Rude re-deployed the following year into Kuwait as the Information Assurance Security Officer (IASO) for the South West Asia (SWA) Theater Network Operations Security Center (TNOSC). Upon completion of these two deployments Chief Rude was assigned to the 5th Signal Commands TNOSC as the IASO in Mannheim Germany. Chief Rude was promoted again to Chief in November of 2007. Chief Rude was the Project and later Program Manager (PM) for the Host Based Security System. Later, Chief Rude assumed the role of Assistant Project Manager and then (PM) for the Theaters implementation of System Center Configuration Manager (SCCM). These two programs combined provided Europe with the protection mechanisms to fend off all but a handful of infections during the Operations Buckshot/Rampart Yankee. Chief Rude completed Warrant Officer Advanced Course (WOAC) in August of 2008 where he also earned a Private Pilot License (PPL) and Certified Information Systems Security Professional (CISSP) certificate. Chief Rude participated in the Training with Industry (TWI) program working with Microsoft for a full year. Chief Rude trained over 400 Warrant Officers as the Senior Microsoft Instructor at Fort Gordon. Chief Rude completed the 255S course in 2013 attaining numerous GIAC certifications. His final Army assignment was as the Senior Cyber Advisor to the Southwest Asian Cyber Center (SWACC) Director, retiring from the Army in July of 2016. Bryan joined the MITRE team shortly after retirement from the Army. He has worked multiple projects primarily support the Army CIO-G6.
Petr Sidopulos has been in the IT technology field for over 15 years and a full-time security practitioner for more than 6. His passion for understanding how things work under the hood dates to his childhood. Petr currently works for the Information Security Department at the Texas Comptroller of Public Accounts and holds numerous industry certifications, including CISSP, OSCP, OSWP, GCTI, GMOB, GCIA, GCIH, GCWN and GSEC. He received a bachelors degree in Information Science at the University of Economics in Prague, Czech Republic and a masters in Information Technology at the same university. Petr is focusing on offensive and defensive security, threat hunting and incident response. He demonstrated his security prowess by placing 1st in the NetWars Core (PenTest Austin 2017), 2nd at NetWars Core (PenTest Austin 2018) and 5th at DFIR NetWars (DFIR Summit 2018). Petr is passionate about educating people in cyber security. Petr held an extremely well regarded, hands-on hacking demo for his 140 IT and security peers using the SANS NetWars Continuous platform.

Andrew Skatoff has been securing and protecting critical infrastructure networks for the last 16 years.†
Raised by a Topgun Marine fighter pilot and a middle school special education teacher, he has always been driven to find meaningful work, solve interesting problems and help others do the same in an effort to make the world a† better and safer place.
Andrew's love for computers started in college and after spending several years providing technical support in the energy and financial sectors, he achieved his MCSE certification. This led to his first info security job supporting a migration to active directory.† Andrew went onto champion, design and implement an automated compliance and vulnerability management program. He has been developing and leading incident response teams, a malware analysis function and digital forensics services for the past 12 years in critical infrastructure financial organizations.†
SANS FOR508 is one of Andrew's favorite classes! It combines incident response and triage analysis with full disk forensics in a way that† balances accuracy and efficiency in our increasingly demanding role as cyber defenders.††
Andrew currently holds GREM, GCFA, and CISSP certifications and is an Incident Response Manager at a large financial organization.

Check out Andrew's blog at:†https: www.dfirtnt.com

Mr. Stashis has over ten years of professional experience in penetration testing, information security, and technology. He began as a child hacker; dissembling his first electric toy cars then moving on to build his first desktop out of spare parts as a young teen. As an educator and mentor, Mr. Stashis works with students across the globe in Cyber Security and maintains a leadership standing within the local Atlanta Security community. He enjoys working as a fulltime Penetration Tester and is passionate about educating Pen Testing to individuals willing to learn. Certified in OSCP, GPEN, GCIH, and GSLC.

Sean Thomas has over 20 years of Information Technology experience, with more than eight years in cybersecurity/information security. He has been involved in many aspects of IT throughout his career including desktop support and academic systems administration, networking, and Windows & Unix/Linux server administration before finding his way to cybersecurity.†

Sean has been an instrumental part of the formation and evolution of the IT Security Services program at Embry-Riddle Aeronautical University. He currently serves as the Senior Information Security Analyst on the team, with over six years of experience working Incident Response, Digital Forensics, and Policy Management. In addition to his duties with the team, he is regularly asked to guest lecture on cybersecurity topics at the University, primarily for many first-year student classes.

Sean performs several functions with SANS Online Training as part of the OnDemand QC team to improve content delivery for dozens of courses, assisting with course review, and as a virtual TA for Simulcast.† Sean holds a Bachelor of Business Administration in E-Business Technology from Stetson University and holds multiple GIAC certifications, including GCED, GCFA, GCIH, GMON, GCWN, and GCDA.

Eric is an accomplished governance, risk and compliance specialist and author set to publish his first book titled: Building a HIPAA Compliant Cybersecurity Program in late 2017 or early 2018.

In his GRC role as the Director of Compliance at Blue Health Intelligence (BHI), Eric leads efforts to increase cyber security maturity in several domains including governance, policy and controls, risk management, cyber security strategy and business alignment. He established the risk management function which includes assessment, analysis and treatment of risks, threat and vulnerability management strategy and due diligence requirements for assessing third-party risk.† Eric also assesses cybersecurity technology capabilities recommending enhancements to current solutions and new capabilities required to meet risk reduction requirements. †

Prior to BHI, Eric spent seven years at Ernst & Young (EY) in the Advisory practice where he specialized in helping healthcare organizations (providers, payers and business associates) solve problems related to information security, risk management and compliance. †Eric lead HITRUST Common Security Framework (CSF), cybersecurity program management and third-party risk management assessments.†

With more than 20 years in the industry, Kendrick has served in many areas of the IT industry including networking (LAN/WAN troubleshooting, engineering and structured wiring), Web design, EndPoint administration, System administration, Programming and now Information Security. Kendrick currently serves as a member of his companys Information Security team and president of InfraGards Birmingham chapter which works with the FBI, Homeland Security and the U.S. Attourneys office to protect the 16 U.S. critical infrastructures from terrorist attacks. At night he manages 2 successful YouTube channels and his company which works directly with gaming companies around the world and has its own professional eSports team.

My name is Jerry Watson and I currently work as a Digital Forensics Examiner for Department of Defense.† I have conducted forensic examinations on all types of digital media for the past three years.† I have also testified and provided expert opinion on several trials.††

I hold a Bachelor of Arts degree in Criminal Justice and have begun studying to complete my Master?s Degree in Computer Forensics.† I am a GIAC Certified Forensic Examiner, EnCase Certified Examiner, Magnet Certified Forensic Examiner, Cellebrite Certified Physical Analyst, Berla Vehicle Forensic Examiner, and Department of Defense Certified Forensic Examiner.

I have worked alongside numerous other Forensic Examiners, Attorneys, and Case Agents in federal crimes concerning digital media and have provided expert witness testimony in federal courts.† Computer forensics is my specialty and I have completed examinations on various types of computers and operating systems, including Macintosh systems.

During my free time, I enjoy watching sports and I am an avid weight lifter.† I also coach an Amateur Athletic Union basketball coach, where I am an NCAA and Junior NBA certified coach.

Michael Weeks is currently working as the SOC and Incident Response Lead at Fair Isaac Corporation. He leads a highly technical team of Analyst, Developers, and Incident Handlers in the daily monitoring of cyber security events for FICO. A graduate of the SANS Technology Institute Master of Science in Information Security Engineering Program and certified GIAC Security Expert, as well as a host of other SANS Certifications and the CISSP from ISC2. Michael is also a Chief Master Sergeant with the United States Air Force Reserve working in the 960th Cyber Operations Group as a Cyber Warfare Operator. The greatest privilege is the ability to mentor the future cyber warfare operators in hopes that they can help solve the many problems in cyber security.

Jeremiah L. Williams, Sr was born in Baltimore, Maryland, in 1976. He is currently a doctoral student in the Department of Business Administration at Northcentral University where he has successfully completed all core and specialization requirements. Both his specialization and professional career has been Information Technology (IT) for over 22 years. Jeremiah has been enrolled in this program since 2013 completing courses part-time while attending to his family and professional career. Education He received the B.S. degree in Information Technology Engineering Security from Charter College, Anchorage AK in 2012. The path to completing his B.S. degree took 17 years consistently earning credits every year from different institutions despite constant work travel. He attended Frederick Community College and Morgan State University in Maryland, Virginia Commonwealth University in Virginia, and Drexel University in Pennsylvania before finally completing his B.S. in Anchorage Alaska. He immediately continued school and obtained his M.S. degree in Information Technology Security Assurance from American Intercontinental University, Schaumburg, IL in 2013. Currently hes a graduate student pursuing his PhD in Information Technology Business Administration at Northcentral University in San Diego, CA. Career From 2004 to 2010, Jeremiah Williams served honorable as Instructor Airborne Battle Manager onboard the Airborne Early Warning Control System (AWACS) E-3 Sentry for the United States Air Force. During his military service, he earned Airmen of the Quarter and several distinguished military volunteer service awards including a check for $1000 for winning an Air Force wide essay competition. Then from 2010 to 2015, he served as a Network Engineer, Software Developer, and Senior IT Instructor with Northrop Grumman, Caterpillar Inc., and Charter College respectively. As network engineer, he successfully maintained the military tactical network links between Elmendorf AFB, Alaska and Eielson AFB, Alaska enabling Alaskan airborne situational awareness to national decision makers. His work with Caterpillar Inc, enabled advanced software testing and auditing via his customized automation solutions ensuring successful deployment of enterprise software to over 5000 clients systems worldwide. His 6 years as IT Instructor and Microsoft SME (subject matter expert) eventually lead to his promotion to Senior IT Instructor providing curriculum development and accreditation assurance. Finally, he began work for the federal government as an Information Technology Specialist where he currently works as a Web Services Architect today. Volunteer Jeremiah has received several awards for his volunteer service. He received Air Force awards for his volunteer services on behalf of the Elmendorf AFB military chapel. The University of Alaska Anchorage awarded Jeremiah with the Martin Luther King Jr volunteer award for his volunteer work providing computer lab setup and administration for their students. Currently, he volunteers his time as director and mentor over a non-profit IT trades and training organization in Anchorage Alaska called Integrity IT Internship. He started the 501(c)3 organization where he also mentors 5 junior IT professionals. Jeremiah also spends his volunteer time as a community services leader helping the homeless and fellow Alaskans fine shelter, stability, jobs, and rehabilitation. Entrepreneur Mr. Williams began his entrepreneur career in 2000 when he started Integrity Computer Systems, LLC (ICS). ICS was a debt free information technology (IT) sales, services, and consulting firm which began in Frederick Maryland. It eventually moved to Kingsport Tennessee and now operates in Anchorage Alaska as an IT training and consulting center. Jeremiahs passion for operating debt free has kept the company in good reputation. He employed up to 3 personnel during the peak business operations. Next, he started and franchised a Daycare in 2012 called AEIOU Childcare employing 5 personnel. Then, internationally, he worked with a leading staffing agency in the Dominican Republic called Soluciones Humanas to develop and program a software business solution for unifying front end, back end, and client data services into a single comprehensive platform independent solution. The program was bi-lingual but functioned in Spanish mode primarily. Lastly, Jeremiah began a non-profit 501(c)3 organization called Integrity IT Internship in Anchorage Alaska which functions to provide advanced hands-on technology training to its members. The organization provides free computers to the general public and donation based IT services for non-profit organizations endeavoring to provide hands on training experiences for its members. Memberships and Websites Mr. Williams is a member of the IEEE, Anchorage Area Toast Masters, and Project Management Institute of Alaska. My web portfolio can be found at https://www.taskstream.com/ts/williams1645/JeremiahWilliamsPhDPortfolio

Since 2011, Terrence Williams has embraced the United States Marine Corps saying, "Grow Where You Are Planted."†As an active duty Marine, Terrence was placed into the cybersecurity world to satisfy "The needs of the Marine Corps."†Turns out, being planted in the cybersecurity role is the best place for Terrence to grow his passion for Digital Forensics & Incident Response (DFIR). Currently Terrence Williams works in a Defensive Cyber Operations billet that requires him to conduct various duties in the DFIR realm. His young career has led him to operating on multiple enterprise networks supporting military operations that expand across the world.

Terrence's thirst for knowledge is the primary fuel for his passion for the various DFIR avenues. Terrence's background in DFIR covers smartphone and Windows forensics, including, vulnerability discovery and analysis, threat hunting, reverse engineering malware, network security monitoring, and Python coding. Terrence has participated in building multiple standard operating procedures for the up and coming Marines that will be in various cyber operation roles.

Terrence alternative passion is to share his knowledge with the world. At an early age, Terrence found that people around the world crave knowledge and need the opportunity to gain it. He has begun building his social platform to drive his passion by being a guest blogger on www.smarterforensics.com. The guest blog appearance has inspired Terrence to build his own website Life is a Game of Choices†(www.liagoc.com) to further expand his brand. Terrence is excited to fulfill his passion for sharing knowledge as a SANS Mentor to further reach people that want to feed their passion for knowledge.

Outside of work, Terrence finds his passion in sports, dog training, reading, and being a connoisseur of the world's food and spirits.