10 Cyber Security Courses at SANS Baltimore Spring 2018. Save $400 thru 2/28.

Mentor: Bios


Mentors are highly qualified, experienced professionals who make themselves available in your local area to help you learn the course material and get certified. Each Mentor is hand-selected from students that have completed their relevant GIAC certification with scores of 85% or higher.

James Arndt is a Cybersecurity Engineer for American Transmission Company in Milwaukee, Wisconsin. He focuses on dissecting whatever malicious email, documents, URLs, and executables come across his way. Besides incident response, he has his hands in endpoint security, vulnerability management, and access management.

James has spoken at various local and national conferences on topics such as incident response and reverse engineering. He has sucessfully taught SEC401 Security Essentials and SEC504 Hacker Tools, Techniques, Exploits, and Incident Handling. You might also find James running after his four kids, playing guitar, or tinkering around in his basement lab.

Mohammed Asfar serves as a Senior Cybersecurity Consultant at Cyber division of Leidos. Asfar's background includes electronic discovery, forensic investigation, incident response, vulnerability assessment and penetration testing across multiple industries. Asfar holds M.S. degree in Forensic Science from Marshall University, as well as CISSP, GCFA, GCIH, GCIA, GMON, GREM, GPEN and ENCE certifications. Asfar live in Houston, Texas with his wife and two-year old daughter.
Greg has been in the industry for over 17 years, and has been working with computers since he was a kid (remember the Commodore 64?). He has worn a dozen different hats in the IT world, from sysadmin to help desk, and from development to upper management. For the last ten years, he has focused exclusively on information security. First, as a consultant performing penetration testing, web application assessments and more strategic engagements with various consulting firms, before moving to the client-side, where he has worked with global financial institutions, as well as media startups to help secure their processes and technologies. Greg has a passion for technology, as well as mentorship, and believes it is imperative to pass this on to others.
Forrest Bennett is an Information Security Professional with 30 years of experience in the Information Technology field. He has watched the industry evolve and reinvent itself from MIS to IS to IT with specializations as technology has continued to increase the pace at which we move data across the globe. He has designed, implemented, secured, and managed networks from less than 50 users to more than 500,000 users. During the course of his career he has worked for Local, County, State, and the Federal Government as well as Fortune 500 companies and a couple of Fortune 100 companies. Since 2011 Forrest has been focused on Information Security in the private sector and he has experience with building and deploying SIEM, Digital Forensics, Vulnerability Assessment, Patch Management, Firewalls, NIDS/HIDS, NIPS/HIPS, Identity Management, Email Security, Endpoint Security, and in conducting Penetration Testing. Forrest holds the GIAC GSEC Certification and is a member of the GIAC Advisory Boards. He has reviewed the GSEC curriculum for GIAC and he is currently pursuing the new GIAC GRID certification that was announced earlier this year. He is excited about teaching the GSEC Boot Camp Course because it gives him the opportunity to share his experience and the knowledge he gained while working as an Information Security and Information Technology Professional. He hopes to assist others in understanding the concepts required to obtain the GSEC certification which is globally recognized as a standard of excellence in Information Security. Forrests LinkedIn Profile is: https://www.linkedin.com/in/forrestabennett
Raluca is an experienced Information Security and Privacy specialist, holding a Master Degree in IT Security, and several industry recognized certifications: GSEC, CISSP, CRISC, CISM, CISA, CIPT and PMP. With her employer, Raluca is heavily involved in various cyber security initiatives, leading information risk assessments, supporting the application security program, participating in the development of security architecture patterns for new platforms and technologies. Raluca is also a former Computer Science teacher, with 10+ teaching experience. Raluca is a believer in continuing education, so when she is not studying for a new certification or a new skill, she loves helping others learn and having again the opportunity to teach!
Mr. Bluml has been performing computer related investigations for over twenty years. His investigations have ranged from simple data theft to more sophisticated hacking efforts involving multiple computers, to intellectual property theft with attempts to hide the activity or manipulate the data via date and time changes to the computer. He has also been involved in employee fraud cases involving expense report falsifications, credit card fraud, and identity theft. He has spoken at numerous national and international trade conferences on the subject of computer forensics and related investigations. www.computerforensicsconsultingllc.com Love sharing knowledge and teaching people that are really interested in the material.
Bryan is the co-host of the Brakeing Down Security podcast. Bryan's a Navy veteran, with 20 years of experience in IT and infosec. In addition to the GCIH, he also holds the GWAPT, and a CISSP in good standing. Bryan sees incident response as something vital to any business, and he is eager to share knowledge and experience with you. You can learn more on his podcast "Brakeing Down Security" by visiting http://www.brakeingsecurity.com

Richard Davis has over 22 years of Information Technology experience, more than 10 of which in cybersecurity/information security. He received his first computer in 1984 at the age of seven, and became immediately enamored with technology.

After graduating high school, Richard enrolled in college and opened his own computer company, providing high-performance custom-built PCs, service, networking, consulting, and training services for businesses and individuals throughout the North Georgia area. He sold the company after 10 successful years, and then spent nine years at a state college within the University System of Georgia. While there, he served as Network Support Specialist, Information Security Officer (ISO), and later Chief Information Security Officer (CISO).

Richard currently serves as Executive Director of IT Security for Embry-Riddle Aeronautical University. Richard has a Bachelor of Science in Cybersecurity from the University of Maryland University College, and holds 22 industry certifications, including CISSP, CCNP Security, CCNP Routing and Switching, GCFA, GCFE, and GPEN.

Richard also creates YouTube videos on a variety of security topics, including digital forensics and incident response, writes software for macOS and iOS, and is very involved in the information security community.

GitHub: https://github.com/13Cubed

Website: https://www.13cubed.com

YouTube: https://www.youtube.com/user/davisrichardg

Jeremy works as a security penetration tester, application security consultant, and defect remediation expert for UPS. Jeremy is also the owner of Ellipsis Information Security and teaches courses for SANS Institute.

As a Director of Education for the Kentucky ISSA chapter, Jeremy presents on application security, penetration testing and defense along with operating the "webpwnized" YouTube video channel.

Additionally, Jeremy develops the open-source OWASP Mutillidae II training environment. Jeremy has a Bachelors in Computer Science from Indiana University, a Graduate Certificate in Cybersecurity and Masters in Computer Science from the University of Louisville and is a GIAC-certified Web Application, Mobile and Network Security Penetration Tester.

Family, Gadgets, games, aerial photography, great food and craft beer are some of Paul Dumbleton's passions. Hailing from the the United Kingdom via California and now Michigan, Paul completed his Bachelors in Information Technology from the University of Phoenix in 2004 while working for Herman Miller in Zeeland, Michigan. After a recent transition to Perrigo, Inc, he now manages and oversees Global Security Operations and Engineering. Paul's passion for Information Security and Technolgoy has spanned more than 25 years. He continues to be motivated by setting goals that challenge his experience and knowledge, and admits that he continues to learn something new everyday. This translates directly into his success protecting Perrigo from evil (according to his boss) and helping the great people he works with use information resources securely.

With a bachelor's degree in computer science and an MBA, Chris performs penetration tests to help businesses understand and manage their online risk. He also holds a commission in the Army National Guard and has worked roles from international partnership management to red team on large-scale cyber exercises. 

Passionate about information security education, Chris has spoken to thousands of students in dozens of Maine high schools and contributes to (ISC)2's Safe and Secure Online materials. He holds CISSP, OSCP, GSEC, GCIH, and GWAPT certifications. 

Outside of work, he enjoys spending time with his wife and four kids and volunteering at his church.

Jose Fernandez is a Cyber Engineer for iNovex Information Systems. He has over 18 years of experience in the IT field. Jose specializes in InfoSec research by applying offensive methodologies towards practical defensive measures. Jose's background in CNO, CND and engineering has allowed him to work in some of the most technically demanding environments throughout his career in both private and public sector.

Mr. Fernandez is also a Veteran and PhD student pursuing his dissertation in application whitelisting. Jose holds a Masters degree in Science specializing in Information Security as well as over 20+ industry certifications. He has held positions from IT Specialist, Journeyman to CNO SME during his career.

Mr. Fernandez is an avid developer and spends his research time automating system processes and implementing new technologies in networking and virtualization. Jose has led specialized teams as both a mentor and tech lead within different areas of federal government. He has also been successful in defending hostile and restricted spaces within the federal government as a CND OCO by performing rogue malicious user emulation and incorporating CNE into hunting operations abroad.

Craig Galley is an Information Technology Professional with accomplished work experience in the Security industry since 2001.  He earned a Bachelor of Science degree in Information Science from the University of North Florida.  Early in his career, he was responsible for deployment and management of network prevention controls for a private sector organization.

Craig's career focus shifted exclusively to application development with a desire to lead secure coding best practices while chaired on Information Security Steering committees and managing large development projects and teams.  

Craig's certifications include GSEC, GISP, CISSP and CSSLP.  In his current role as an Information Security Officer, Craig manages and directs an Information Security Program in the public sector.  He is also active in Information Security groups, with volunteer experience as a Vice President.

Kevin Garvey has worked in IT for 8 years and has been devoted to cyber security since 2013. Since becoming an analyst, he has worked at New York Power Authority, JP Morgan and is currently employed at Time Warner as a manager of Threats and Incident Response. Kevin has always has had a passion to hunt down the adversary has loved the challenges his current role has thrown at him. Kevin is incredibly excited to share this knowledge with everyone taking the course!
Bob is the CIO for a Software as a Service provider that provides services to foundations and financial institutions. He began his career as a Network Engineer in the United States Air Force where was also a Systems Administrator and Lead Information Technology Instructor. Upon leaving the Air Force he developed and instructed technical courses and has been working in Technical and Security Operations for the past 15 years. Bob holds professional certifications, including CISSP, GIAC GSEC, and GIAC GCIH.

Dale Hobbs is a veteran of IT with over 16 years of experience starting out as a Junior Systems Administrator to his current role, Security Manager.

His background includes server and network administration, network architecture, network security, security policy development and adoption and direction setting in accordance with regulatory compliance and industry standards.

Dale is excited about all areas of technology but most specifically network security. He hopes to use his experience and training to help others achieve their IT related educational goals. He currently holds the certifications of GSEC, GCIH, GPEN and currently pursuing certification for CISSP.

Dale is very passionate about 4 main things in his life, his family, hockey, fishing and his passion for the IT industry. He enjoys mentoring and teaching others but embraces the opportunity to continuously learn and develop in his own career path. He is very proud to have the opportunity to be a SANS Mentor and be a part of the SANS family.

Brian Hooper holds dual B.S. degrees from Northwestern University in Computer Engineering and Computer Science. Brian has always had a passion for solving problems and figuring out how things work.

As a child that passion equated to fixing broken fax machines and constantly taking apart computers and putting them back together.

In his professional life that passion has led to a career in technology. From developing and deploying large systems in all stages of design through installation, to writing custom software exploits and penetration tests, his 14+ years of experience after college have been defined by three things: an inquisitive mind, a drive to push the boundaries of what is possible, and a thirst to learn new things.

He has focused that passion on Information Security for the past 10 years working in a variety of roles from R&D to consulting to training to figuring out how to secure the cloud. Brian is currently a cloud security architect at Microsoft and holds several certifications including GCFA, GCIH, GCIA, CISSP, and OSCP. He is excited to share his experience and perspective and passion with others as a SANS mentor instructor!

As an information security professional, Azeem has accrued years of experience in security engineering, incident response, digital forensics and vulnerability management. A firm believer in ongoing education, he works hard to keep his base of knowledge current and up to date. Although he holds accreditations from such industry leaders as GIAC, ISC2 and Access Data already, he is constantly looking for ways to learn more and to gain a better understanding of his field, attending and volunteering at conferences such as Shmoocon and Blackhat.

Azeem is a natural people person who connects easily with people from all backgrounds. He enjoys working with and mentoring people who are motivated to the same extent that he is, and he takes real pleasure in discussing the security field. A strong advocate for continued progress in the security field, he speaks eloquently and listens closely, knowing that there is always something for him to learn and share.

Azeem looks forward to serving as a mentor as a way to provide value to the community that has become so much like home to him over the years.

Bill has a Bachelor?s of Science in Criminal Justice from the University of Alabama Birmingham and a Master's of Science in Technical Management from Embry Riddle Aeronautical University.  Currently he is working on his Masters of Science in Information Security Engineering through SANS Technical Institute and has numerous certifications through SANS.  Bill began his career in computer technology in the early 1990's while working at the University of Alabama Birmingham. There, he learned many of the widespread platforms and operating systems, employing computer troubleshooting and virus removal skills. He has been employed with Northrop Grumman for 17 years, during which he has performed several roles including desktop support, client engineering, systems engineering, and most recently information security.

Ken May is the CEO and co-owner of Swift Chip, a full service IT firm servicing all of Southern California. Hes been a resident of Ventura since 1999, is married to his wife Debbie, and has 3 daughters and a son.

Ken has a Masters Degree from SBCOM, a Bachelors in Liberal Arts from Thomas Aquinas College and has written 3 books and numerous articles. He has been Voted Top Channel Influencer of the SMBnation 150, and carries numerous certifications from HP, Microsoft, Cisco, Symantec, Dell and more.

Recently, Ken was chosen by his peers to be elected to the CompTIA Managed IT Services Community Executive Council, where he will directly influence the education and guidance of their international IT community.

Ken is also a Commissioner for the City of Ventura, CA, where he works to help promote the Arts in his community. He enjoys music, martial arts, movies and SCUBA diving. Mr. May strongly believes that it is important to be actively involved in the community, and that one should always try to keep the Big Picture and long term goals in mind when solving immediate-need issues, whether it be in business, community or ones personal life.

Victor Monga is a Security Engineer working for a company located in Studio City, California.

His words "Learning about security is my passion and implementing security is my job". He is in the field for more than a decade and enjoys learning about InfoSec. He has an core networking background which helps him in InfoSec world.

He has achieved couple of certifications such as GSEC, VCP-DC, CCNA, ITIL etc. He is woking on getting GCIH, CISSP and VCP-NV. He is a certificated paralegal.  He is hands-on with networking and VMware. He is an active member of community groups such as OWASP, ISSA, CSA and Cisco. He loves explaining / training / providing workshops. 

He is a fan of IronMan and calls his home network lab "Jarvis".

He belevies that there ain't enough trained security professionals and he wants to help people learn abour security. During his teaching he is expecting to learn from students or at least see the thins from different angle.

Lisa Peterson CISA, CRISC, CISSP has worked in Information Security for 20 years, and is a Security Analyst for Progressive Insurance. Her current focus is in governance, risk and compliance. She is a part-time instructor at Cleveland State University and also speaks on security topics. She serves on the board for the Information Security Summit, the Northeast Ohio chapter of ISACA, and the Northeast Ohio chapter of CSA.

Brandon C. Poole is SOC analyst for an electric & gas utility company in the southeastern US. He brings with him 10 years of IT experience in system administration, network administration, disaster recovery, and information security. During this time Brandon has helped various employers setup & run vulnerability assessment/management, business continuity, security assessments, and change management programs across nonprofit, government & private sector organizations.
In addition to the above experience he also maintains numerous professional creditable such as GSEC, GCWN, GCIH, GCCC, CEH, CompTIA Security +, CompTIA Network + and IBM QRadar SIEM Analyst as well as being a member of ISSA, InfraGard, and the GIAC Advisory Board. 
When Brandon isn't at work he can be found further sharpening his skills in his homelab, writing Python or PowerShell scripts to automate security workflows, tweeting on Twitter (@bcpoole_sc), working on his new blog bitsbybrandon.com, or mentoring others in their IT and/or Infosec career.

Shyaam Sundhar has had over 5 years of Information Security experience with over a year of management experience at BAE Systems Inc. He currently works for Department of Interior as their Information Assurance Engineer. He was a security analyst at Symantec MSS for over 3 years with over five years of intrusion defense, threat analysis and signature writing experience through his previous jobs. He holds Master of Science in Information Security and Master's Certificate in Computer Security and Information Assurance from the George Washington University, Graduate Certificate in Computer Security from Stanford University and is currently pursuing Master's in Intelligence Studies from the American Military University (AMU). With active professional membership at InfraGard, ACM, ACFE, ISACA, IACSP, HTCN, ATAB and various other associations, he has been actively participating in the security community. He has held professional certs such as, GREM, GCFA, GCIA, GCIH, GPCI, GCDS, GLDR, SSP-CNSA, SSP-MPA, SSP-GHD, GHTQ, GWAS, and GIPS. He was a board member at IARIA research group where he has participated as TPC, Chair and Co-Chair of several IEEE conferences related to Security. For more information on Shyaam, his profile can be found at http://www.linkedin.com/in/intrusion.

In the early 2000's Andrew Rozema worked as a systems and network administrator for a major media company whose claim to fame was getting Lincoln elected, but that happened a long while before he started working there. After a couple of virus outbreaks including Sasser and CodeRed the company decided somebody should know something about information security, and sent him to his first SANS GSEC class. After which he immediately went back to the office and changed ALL the passwords. That class sparked a passion for information security that's been with him ever since. Since then in addition to roles in that media company involving IT administration, management and security; he worked his way through both a baccalaureate degree and Masters degree in information security and discovered a passion for not only learning about information security, but teaching it as well. After teaching a couple of night classes at the local community college, he was hooked, and when a full-time faculty position opened up, he made the switch. Now Prof. Rozema is the head of the department of Computer Information Systems at Grand Rapids Community College, as well as an Assistant Professor, still responsible for teaching information security as well as classes in Linux, shell scripting, JavaScript, Secure Mobile Application Development and some very exciting classes in penetration testing. As department head his focus is now to bring the program in line with both the CNSS and NICE framework for national accreditation. Prof. Rozema still accepts select consulting engagements and advanced teaching opportunities to make sure he stays on the cutting edge in technology and grounded in what IT looks like in the real world.

John Sicklick has over 30 years of experience in the aerospace industry as a software developer, systems administrator, systems integrator, and systems security engineer. John is a retired U.S. Navy Commander where he served as an Information Corps Warfare Qualified officer. John currently serves as an adjunct faculty member at a local community college, teaching courses in ethical hacking, Linux operating system, and computer forensics. A graduate of New York Maritime College, he holds a BS in computer science and an MS in applied computer science and technical programming. He holds the GSLC, GXPN, GWAPT, GCIH, GCFE, GPEN, and CISSP certifications and the Penetration Testing & Ethical Hacking certificate from the SANS Technology Institute. John is excited and honored to help others further their careers in cyber security. www.sicklick.com

Bob Simpson is the creator of GhostSentry, an access control and compliance firewall and CIO for Finley & Cook, PLLC, a private accounting firm where he has served for 11 years. Before that, he was Security Architect for the Oklahoma Department of Human Services.  Mr. Simpson holds the CISSP, GCIH, GCIA, and GPEN, as well as MCSE and CCNA Security certifications. He is a member of the SANS Advisory board and InfraGard.

Bob is passionate about spreading the knowledge and skills necessary to face today's security landscape with confidence. Bob has spoken at DEF CON Wall of Sheep, BSides, the Oklahoma Cyber Terrorism Summit, several times at Information Warfare Summit, and at dozens of regional events. He has background in large complex infrastructure such as telecom service providers, but has dedicated the past fifteen years to information security. 

Scott has been in the IT industry since 1970 and a has been a member of  the IEEE since 1984

He has multiple College degrees, including:
Masters of Science in Computer Engineering, University of South Florida
Masters in Business Administration, University of Tampa

Many vendor certifications, including:
MCSE, Master CNE, CISSP and GSEC certifications.

A Veteran of the USAF, 56th Security Police Squadron in Tampa Florida.

Scott is excited to mentor the GSEC class once again because it was a lot of fun last time.  All of the people who took the class passed and were certified, he wants to see that happen again.

Charter member of the ISC2 Twin Cities Chapter, Board of Directors, Treasurer.
Participate in UMSA, and putting on Secure 360 conference.

Scott is a Scouter (BSA) with two sons and a daughter who are Scouts. And a long term volunteer in scouting (12 years) currently the Metro Lakes District, District Commissioner in the Northern Star Council.

Joe Sullivan got his start in information security in 1999 working for a web hosting company during the .com boom.  In 2001 Joe started one of the first outsourced technical support companies for web hosting server support.  After selling his company he went to work as the network security manager for a consumer electronics distributor and remained there for nearly 10 years. 

In 2014, Joe was recruited by Oklahoma based RCB Bank to guide their network security program. At RCB Joe is responsible for firewall administration, email filtering, incident response, and other areas of information security. Joe also owns 1 to 1 Risk Control & Investigations, a private investigation agency in Edmond, Oklahoma. 

Currently, Joe and his wife, Cathy, are collaborating on an IINFOSEC company, Crossroads Information Security, with plans to start providing several services to small local businesses (5-10 employees) that do not have the expertise or resources for network security. 

Check out Joe's Blogs at: 
www.1to1riskcontrol.com/news/ 
www.crossroadsinfosec.com/blog/ 

Eric is an accomplished governance, risk and compliance specialist and author set to publish his first book titled: Building a HIPAA Compliant Cybersecurity Program in late 2017 or early 2018.

In his GRC role as the Director of Compliance at Blue Health Intelligence (BHI), Eric leads efforts to increase cyber security maturity in several domains including governance, policy and controls, risk management, cyber security strategy and business alignment. He established the risk management function which includes assessment, analysis and treatment of risks, threat and vulnerability management strategy and due diligence requirements for assessing third-party risk.  Eric also assesses cybersecurity technology capabilities recommending enhancements to current solutions and new capabilities required to meet risk reduction requirements.  

Prior to BHI, Eric spent seven years at Ernst & Young (EY) in the Advisory practice where he specialized in helping healthcare organizations (providers, payers and business associates) solve problems related to information security, risk management and compliance.  Eric lead HITRUST Common Security Framework (CSF), cybersecurity program management and third-party risk management assessments. 

Tom Webb has 16 years of experience in IT and 12 years dedicated to security. Tom has worked for state law enforcement and in the education sector.  He is currently employed by the University of South Carolina as the director of security operations. His role includes leading a team that performs: incident response and forensics investigations.

Tom has a B.S. in Information Management from the University of South Carolina. He holds various certifications including the GSE. Tom also volunteers for the SANS Internet Storm Center. You can follow him on twitter @twsecblog, irhowto.wordpress.com or https://isc.sans.edu/handler_list.html#tom-webb.

Nick Wiebelhaus has a diverse background in both offense and defense in the security industry. Nick currently works as a security professional with a diverse business at an enterprise level that engages in loan origination, loan servicing, payment processor, internet service provider, collaboration spaces, software development, and banking. Nick's is a subject matter expert in the areas of penetration testing, incident response management, system administration, and security operations center (SOC) management. He has developed enterprise penetration testing methodologies, SOC processes, and incident response processes. Nick is an active member of the information security community in and around the Denver Colorado area. He teaches information security at the Community College of Aurora and frequently attends conferences and other community events. Nick earned his BS in Information Security from Colorado Technical University and currently holds several certifications including GPEN, GWAPT, GCIH, and Security +.

Brian Willis is a cyber-security expert for CSRA based in the DC area. He has been providing Unix/Linux administration and cyber roles to private industry and government for 18 years. Currently his role is running cyber systems that protect the federal government. Before that he managed systems at NOAA's National Weather Service in various operational roles. Through his years of experience he helped draft security guidance for interagency communication via disparate application stacks using application layer security proxy devices. Other projects include NIST/FISMA security, security scanning, PKI key creation, network packet dumps, etc. He enjoys understanding how things interconnected and then evaluating how they are vulnerable or prone to failure. All this interest started with Amateur Radio and has led to a passion for all thing technical and mechanical. He holds the CISSP, GCUX, and CCSK.

Asmerom Yakob has over 10 years of experience in Information Technology as well as Information Security and He is member of Incident Response team in his current role . He earned his MSc of Computer Science with concentration in Information Security and Assurance from George Mason University , Fairfax ,VA and holds GCFA , GCIA and CISSP. He is passionate what SANS training has to offer to students to sharpen skills in order to cope with modern cyber threats and decided to join mentor program to share the knowledge and experience in cyber security. Asmerom is an active member of the infosec community and looks for every opportunity to both learn and encourage others to gain a deeper understanding of the challenging field of Cyber Space.