GIAC Authorized Graders

www.giac.org

•  
• Overview
  • Mission Statement
  • FAQ
  • Code of Ethics
  • GIAC Ethics Council
  • Code of Ethics - Violation Submission
  • EEOC Policy
  • Proctor Policy
  • Program Overview (PDF)
  • Contact
• Why GIAC
  Certification Matters
• Certifications
  • Roadmap
  • Steps To
  • Security Admin
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GREM
    • GSEC
    • GCED
    • GSOC
    • GPEN
    • GWAPT
  • Management
    • GISP
    • GSLC
    • GCPM
  • Audit
    • G7799
    • GSNA
  • Legal
    • GLEG
  • Software Security
    • GSSP-NET
    • GSSP-C
    • GSSP-JAVA
  • GSE
  • GSE-Malware
  • GSE-Compliance
  • DoD 8570
  • Retired Certifications
• Certified
  Professionals
  • Listings
    • G7799
    • GAWN
    • GCFA
    • GCFW
    • GCIA
    • GCIH
    • GCUX
    • GCWN
    • GISF
    • GISP
    • GREM
    • GSEC
    • GCED
    • GSLC
    • GSSP-NET
    • GSNA
    • GSOC
    • GPEN
    • GCPM
    • GLEG
    • GSSP-C
    • GSSP-JAVA
    • GWAPT
    • Retired Certifications
  • Profiles From The
    Front Lines
  • Does Certification Really Matter?
  • GIAC Hero
  • Business Card Logos
• GIAC Gold
• GIAC Expert Level
  • GSE
  • GSE-Malware
  • GSE-Compliance
• Skills Test and Report (STAR)
• GIAC Help and Information – NEW
• Challenge Info
• Registration Info
  • GIAC Pricing
  • Challenge Certification
• Exams
  • Practice Tests
  • Deadlines
  • Exam Technical Issues
• Proctor Program – NEW
  • Program Details
  • FAQ
  • KRYTERION Sites
  • Proctor Policy
  • Proctor Forms
  • Computer Requirements
• Retakes & Extensions
• Recertification
• Exam Feedback Procedure
• Grievance Procedure
• Resources
  • Overview
  • Interview with
    Dr. Cole
  • Student Comments
  • D1: Access
  • D2: Network
  • D3: Management
  • D4: Application
  • D5: Cryptography
  • D6: Architecture
  • D7: Operations
  • D8: Planning
  • D9: Law
  • D10: Physical
• ADA Accomodation Policy
• Job Listings
• SANS Portal
• SANS Home
• SANS Software Security Institute
• SANS Reading Room
• Direct Links G7799 GSAE GPCI GSNA GAWN-C GCDS GLFR GLIT GBLC GLEG GCIP GHSC GISP GFSP GEWF GEIT GLDR GCIM GCPM GSLC GCSC GSPA GOEC GISO GISF SSP-CNSA GGSC-0400 SSP-DRAP SSP-MPA GGSC-0200 GSEC GGSC-0100 GPEN GSOC GWAS GWAPT SSP-GHD GCWN GCFA GCED GHTQ GCIA GCIH GCFW GIPS GCUX GAWN GNET GREM GSIP GSSP-C GSSP-JAVA GSSP-NET
•  

• Practical Termination
• Administrivia
• Archived  Assignments
• Templates
• Planning Guides
• Deadlines

Each GIAC practical assignment is graded by hand by a GIAC Authorized Grader. Authorized Graders are drawn from SANS faculty and/or the top performing certified individuals for a given certification. Each Authorized Grader is a highly trained professional with experience in the field he or she is grading for, and therefore can provide the student with the most up-to-date feedback.

Each potential grader must go through a long and tough training process to learn what GIAC expects and requires from the students. Once authorized, each grader has significant responsibilities, to accurately and consistently grade the practicals and to help train new graders in the methodology of the GIAC standard. The Authorized Graders provide detailed feedback on each practical, letting each candidate know not only where their paper could have been improved but also where their paper was well done. Our belief is that writing and receiving constructive feedback on your practical should be as much a learning experience as the course itself.

It is one of the toughest jobs on the planet, so you may be thinking, "Why would anyone want a job like that?" Well, there are several reasons. Graders do get paid for their work, as their time and input is invaluable to GIAC. Secondly, Authorized Graders play a significant role in designing the practical assignments and leading the certification. They are the first to see areas in assignments that need revamping or rephrasing, and the first to offer suggestions for its improvement. And of course, being a grader is a great way to stay up on the latest changes in your field.

GIAC is the prominent worldwide information security certification and the Authorized Graders have helped us to get there every step of the way. They are the backbone to our certification and a huge pillar supporting the defensive information community.

Garrett Anderson Tanya Baccam Cynthia Bonnette Brad Bowers Carla Brinker Guy Bruneau Stephen Carroll Tom Chmielarski Yong Choe Carlos Cid Sid Faber Peter Giannoulis Dan Goldberg

Brian Granier Andrew G. Hargreave, III Jeffrey Holland Joe Kaluzny Erik Kamerling David Koconis Jason Lam Daniel Mellen Roger Millen Don Murdoch Jim Murray Laura Nunez James O'Brien

Jeff Parker David Parks Patrick Prue Jeff Schaller Dave Shackleford Raul Siles Patrik Sternudd Dan Strom Koon Yaw Tan James Tarala Peter Vestergaard Rick Wanner Lisa Yeo

Garrett Anderson

Garrett Anderson is an information systems consultant specializing in network and system administration. Before becoming a consultant, he has held a number of job titles such as Support Engineer for Oracle Applications, System Administrator and European MIS Manager. His past employers include companies like Perkin-Elmer and Oracle. In addition to his GSNA certification, he holds or has held certifications from Microsoft, Novell and the ICCP. Garrett has a B.A. in Political Science from Claremont McKenna College, a Master's from Embry-Riddle Aeronautical University and a B.S. in Information Science from Coleman College. Before his information technology career, he spent six years on active-duty in the US Army. Living outside of Paris since 1985, Garrett thoroughly enjoys helping multinational companies with their IT infrastructure in Europe.

Tanya Baccam

Tanya Baccam currently functions as the Manager of Assurance Services for Vigilar. She is responsible for providing penetration testing, vulnerability and risk assessments, training and system auditing for clients. She is also responsible for designing, installing, and configuring intrusion detection systems and firewall technologies. Her prior experience includes functioning as the Manager of Infrastructure Security for a healthcare organization. She was also a Manager at Deloitte & Touche in the Security Services practice where she had the opportunity to consult with many clients about their security architecture including topics such as perimeter security, network infrastructure design, and database security. She also played an integral role in developing multiple business applications. She currently holds the GCFW, GCIH, CISSP, CISA, CCNA, MCSE, CCSE, CCSA and Oracle DBA certifications.

Cynthia Bonnette

Cynthia A. Bonnette has 15 years of experience in financial services, with the last 7 years concentrating on bank technology and information security. Ms. Bonnette is a former senior bank regulator, with a 13-year tenure at the Federal Deposit Insurance Corporation, most recently as Assistant Director of the Bank Technology Group. She was previously the Division of Supervision's expert in the area of emerging bank technologies. Ms. Bonnette is a recognized expert in bank technology, author of several regulatory guidance documents and published articles, and frequent public speaker.

As a bank technology consultant and former regulator, Ms. Bonnette has an extensive background in risk assessment and risk management. With years of experience identifying, researching, and addressing bank technology issues, she has developed a broad network of professional contacts in financial services organizations, technology companies, research and consulting firms, professional and trade associations, academic institutions, law enforcement, and federal, state, and international regulatory agencies. She played a lead role in overseeing the development of examination procedures and training programs for the FDIC's electronic banking supervisory program. She also directly authored or supervised a variety of guidance documents on topics such as security risks associated with the Internet, risk assessment tools and practices for information security, and effective practices for technology outsourcing. Ms. Bonnette has a diversity of international experience, which includes providing special assistance and consulting services to the central banks of Poland, Barbados, and Trinidad and Tobago regarding financial services technology. She is also a frequent speaker at international conferences and events concerning financial services technology, information security, and cyber-crime, including events held in Europe, the Caribbean, and South America.

Ms. Bonnette holds an MBA from Bentley College, Waltham, MA; a bachelor's degree in economics from Boston College, Chestnut Hill, MA; and is a graduate of The Stonier Graduate School of Banking at Delaware University, Newark, DE, where she authored a thesis on Internet Banking. In May 2002, she received the GIAC Information Security Officer Certification (GISO) from the SANS Institute and she is currently a member of the GISO Advisory Board of Directors.

Brad Bowers

Brad Bowers is a data security analyst at CIGNA Corporation in Voorhees, NJ. His focus is in intrusion detection, penetration testing, and vulnerability assessment. Brad has a B.S. in Information Systems from Drexel University and holds the CISSP, GCIH, MCSE, CCNA certifications. Along with being a grader he is also a member of the GCIH advisory board. Brad's current areas of interest include security application development, wireless security and secure network architectures.

Carla Brinker

Carla Brinker is currently a self-employed security consultant in the Midwest. She has worked in IT for 13 years and in the security industry for the last 4 years. She has been involved in auditing, intrusion detection, penetration tests, presenting security training, etc. Carla is actively involved with SANS/GIAC as an authorized grader for 4 certifications, Chairman of the GISO Advisory Board, member of the GSEC Advisory Board, and holds the GSEC, GISO, and GCIA certifications (as well as certs from CompTIA, Microsoft, and Novell). She enjoys hot air ballooning as a means to get away from it all... and it doesn't even require swipe card access!

Guy Bruneau

Guy is a Senior Security Consultant with InfoPeople Security Solutions (IPSS) Inc. in Ottawa, Ontario. He works within InfoPeople security practice assisting clients with their Managed Security Services, Computer Intrusion Detection Operations and Deployment, Network Security Auditing, and Incident Response and Reporting.

Guy has a B.A. (IT) from University of Quebec and hold the GSEC, GCIA, GCUX and is a Sun Certified System Administrator. He has been a SANS instructor, mentor and he is the Lead Grader for the SANS UNIX Security (GCUX) certification. He is the author of the OS hardened Shadow/Snort IDS platform based on NSWCs Shadow version 1.8 where the ISO is freely available at: http://www.whitehats.ca . In his spare time, he has worked as a Technical Reviewer for New Rider, QUE Certification and the SANS Institute.

Stephen Carroll

Stephen Carroll works for Ernst & Young in its Technology & Security Risk Services for the Financial Services Sector in Dublin, Ireland. He works with clients to keep their information secure and available. This work involves ensuring that people, process and technology are effective throughout a system's lifecycle or during a security/availability incidents. He holds CISA, GIAC and GCFW certification as well as being a certified accountant. In his spare time Stephen trains in Kenpo Karate, scuba diving and competitive cycling.

Tom Chmielarski

Tom has worked in IT for the past seven years, more than four of those in a full-time information security role. He has been responsible for the planning, implementing, and maintaining a global intrusion detection and monitoring system across a major multi-national enterprise. His current duties include general network security consultation, investigations, policy and security service development, and providing assistance to product teams. He has spoken at ISACA and IANETSEC conferences.

Yong Choe

Yong is a security software developer at SAIC (Science Applications International Corporation). He designs, develops and maintains security-related software including PKI infrastructure components, and security policy analysis and enforcement tools in LINUX, Solaris and Windows platforms for DISA clients. He holds GCWN and GCUX certifications Yong is an Authorized Grader for GCWN, and sits on GCWN advisory board. He has a M. S. & B. S. in Systems Engineering from the Univerisity of Virginia.

Carlos Cid

Carlos holds a BSc and a PhD in Mathematics from the University of Brasilia, Brazil. After working for a short period as lecturer in Brazil, he spent a year as postdoctoral researcher at RWTH-Aachen, Germany. Between 2001 and 2003 he worked as software engineer in Dublin, Ireland, where he was involved in the design and development of hardware security modules and network security appliances. He currently holds a position of research assistant at the Information Security Group at Royal Holloway, University of London, where he works on the project "Security Analysis of the Advanced Encryption Standard (AES)". Carlos has a broad interest in the area of Information Security, in particular cryptography. He is an Authorised Grader and a member of the Advisory Board for the GIAC Computer Essentials Certification (GSEC).

Sid Faber

Sid Faber is a security analyst with Federated Investors, one of the largest investment management firmst in the United States. His experience includes over 10 years in software application development and security, and 5 years in the US Navy Nuclear Power program. Sid holds GCWN and GCIA certifications, an MS degree in Information Science from the University of Pittsburgh, and BS degrees in Electrical Engineering and Mathematics from the Pennsylvania State University.

Peter Giannoulis

Peter Giannoulis is an Information Security Consultant for Access 2 Networks Inc. http://www.access2networks.com/, a Toronto, Ontario based information security consulting firm. He has worked in the security field for the last five years with small, medium and large organizations. He has specialized in the design and implementation of client perimeter defenses, intrusion detection systems, performing vulnerability assessments and penetration tests. He is also an instructor for Check Point, Nokia IP Security, and Shiva VPN products.

Peter is an Authorized Grader for the SANS Institute Security Essentials track and has participated as a member of the SANS Intrusion Detection Immersion Curriculum Team. He also works with the GSEC Local Mentor Program in Toronto, Ontario and has recently become active within the http://www.whitehats.ca community. His current certifications include: GSEC, CISSP, CCSA, CCSE, CCSE+, CCSI, CCNA, INFOSEC, CCSP, & MCSE.

Dan Goldberg

Dan Goldberg, an independent consultant specializes in the design and implemention of network perimeter controls, intrusion detection systems, and development of secure data communication systems. He holds GCFW and CCNA certifications. When not tinkering with computers he is enjoying time with his children and the blue ridge mountains near his home.

Brian Granier

Brian works as an Information Security Architect for a computer consulting/outsourcing firm in Houston, TX where he focuses on networks, firewalls, IDS and HIPAA compliance. He holds a number of certifications including GCIA, GCFW, GCIH, GCUX, GCFA, GSNA, GCSC, GHSC, MCSE and CCSE. He is currently a GCFW, GHSC authorized grader and GCSC Lead Grader. He is the GCFW Advisory Board Chair and is a member of the GCIA, GCIH, GCUX, GCFA and GSNA Advisory Boards. Brian is one of the co-authors of the SANS Step by Step Guide to HIPAA Security Implementation. In his spare time, he has written a practice test for the CCSA exam and has reviewed technical books for MCP Magazine. When he can tear himself away from his busy work life, Brian enjoys spending time with his wife, Jean, and with his daughter Moira (born January 2002).

Andrew G. Hargreave, III

Andrew Hargreave works at TLC Networks, Inc. (www.tlcnetworks.com) as a Network Technology Architect / Senior Information Security Engineer. In his 16+ years in the industry, he has built and managed networks and internet infrastructures for companies ranging from the 2 computer small business as well as a 190+ person custom software development company. He's also been a Lotus Domino/Notes Administrator and Developer since '93. In his 'off-hours', he provides networking, internet consulting & security management, web design, and Lotus Domino consulting services for small businesses and non-profit organizations. (www.agh3.com) He is an Authorized Grader for GSEC and is a member of the GSEC Advisory Board.

Jeffrey Holland

Jeff Holland is a network administrator at Invacare, a home medical equipment manufacturer, in Cleveland, OH. He previously worked as a network security engineer Raytheon in Dallas, TX. He has a B.S. and M.S. in Mathematics, and holds the SANS GCIA, GCUX, GCIH and GSEC certifications, as well as the CISSP. He also serves on the GCIH and GCIA advisory boards, as well as being the Lead Grader for the GCIA certification. His web page is located at: http://www.whitehats.ca/main/members/Jeff/Jeff.html

Joe Kaluzny

Joe been working in the computer industry since 1990, with involvement spreading across corporate, education, and military sectors. He is currently working as a Sr. Systems Engineer for a large Retail organization based in the southeastern U.S. and focuses primarily on Active Directory, Internet connectivity and web security. Joe holds MCSE+I, CCSE, and GCWN certifications, and has received a B.S. degree in Computer Science from SUNY at Buffalo, a B.S. degree in Business Administration from the University of South Florida, and an MBA from Florida Southern College.

Erik Kamerling

Erik Kamerling is an Information Security contractor specializing in vulnerability assessment, network security, and intrusion detection. He holds the CISSP, GSEC, and NSA Infosec Assessment Methodology certifications and is further trained in the GIAC-GCUX, GCIA, and G7799 curricula. Erik currently contracts for a number of small to medium sized businesses where he is responsible for intrusion detection, firewall maintenance, vulnerability assessment, and network security consultation. A frequent SANS and GIAC contributor, he has most recently participated as: the courseware author of “Google Hacking and Defense”, contributing Stay Sharp author on SSH port forwarding, GSEC grader, Editor and Coordinator of the 2003 SANS Top 20 List and 2004 Steering Committee member, GSEC Lead Grader, Contributing Author on Top 20 2002-present (SNMP, LSASS, Chat/IM), and contributing author on the SANS Step by Step book “OpenSSH, A Survival Guide for Secure Shell Handling”. Erik enjoys writing and research on topics such as CNA-CND/Information Warfare, TCP/IP scanning and enumeration methodologies, and Internet based OSINT.

David Koconis

David Koconis is a senior research associate at Dartmouth College's Institute for Security Technology Studies. His primary responsibility is managing the information retrieval related subtask of the National Institute of Justice contract. He is also the lead developer on the main project under this task, the Security CyberSleuth, an email subscription service that gathers computer security related information from open sources on the Internet, indexes the documents, and disseminates customized notifications. His current research includes investigating and implementing techniques for automated document clustering, text categorization, and topic tracking. David is engaged in the SANS community where he serves on the board of advisers for the UNIX security administrator (GCUX) certification track and is the Lead Grader for the track. In addition, he has completed and is certified in the Windows Security Administrator and Firewall Analyst tracks.

Jason Lam

Jason started his career as a programmer. Later, he moved on to the administration of an ISP network where he handled network security incidents, which sparked his interest in infosec work. Jason specializes in firewalls, network perimeter protection and IDS technologies. He currently holds a B.A. in Computer Science from York University in Toronto, Ontario as well as GCIA, GCFW, GCUX, GCWN and CCNA. Jason serves on the GCIA and GCFW advisory board and in addition, he is also an Authorized Grader for GCFW and Training Grader for GCIA.

Daniel Mellen

Daniel Mellen is currently a Manager with Accenture, the world's leading management consulting and technology services company. He has worked in the IT industry for the last 9 years and in the security industry for the last 5. He has been involved in major security engagements to various industries including the US Federal Government, health care services, resources and telecommunications. Dan focuses in UNIX security, risk assessments regulatory compliance and computer forensics. Dan is actively involved with SANS as a book/course author, instructor, authorized grader, Vice Chairman of the GISF Advisory Board and exam author.

Roger Millen

Currently working on special projects for Cornell University >Police. My previous positions were Director or IT at Cornell Law School, Sr. Mgr. Network & Tech. Services at Cornell Hotel School, IT Director at Mark Russell & Associates in Syracuse NY. I hold CISSP and GCIH certifications.

Don Murdoch

Don Murdoch has about fifteen years of IT/IS experience, ranging from system administration and network management to application development and database administration. He currently works as the Information Systems Security Officer for Old Dominion University in Virginia - where he spends most of his days in the Wild, Wild West of academic computing putting most of his SANS education to the test. Don is an occassional conference speaker, and his engagements have included ITEC, ICCM, various Microsoft events. Don participates with SANS and GIAC as a Local Mentor and Stay Sharp Instructor, GCIH Grader, and most recently GCUX Board Chair. Credentials include GCFW (Honors practical), GSEC, GCWN, GCUX (Honors practical), GCIA, GCIH, MCSD, and MCSE NT/2000.

Jim Murray

Jim works for NCCI Holdings, Inc., an independent data reporting agency for the Workers Compensation insurance industry, headquartered Boca Raton, FL. In his 7 years with the company he has worked his way from a customer service rep through the help desk and network services team to his current position as Information Security Architect. Jim currently holds the GSEC, CCSA, CCNP+Security, CCDA, and CNE certifications. When not working Jim is involved with the SANS Local Mentor Program, plays softball, and works with the Youth Group at his church.

Laura Nunez

Laura lives in Buenos Aires, Argentina. She has a five-year degree in Computer Systems (UM) and holds GCIA and CISA certifications. Started working as an instructor ten years ago, evolving into a network support and admin, and then a consultant, now a Senior Consultant with the SCS team of CORE Security Technologies. She is part of the GCIA Advisory Board, and also a GCIA Grader. In her free time she enjoys writing sci-fi and having long walks.

James O'Brien

James O'Brien is a security professional based in the midwest of the United States. He has worked in the telecommunications and utility industries and as the Vice President of Information Technology for an information security startup. He has a B.A. in Administration of Justice and Psychology. Jim's areas of information security focus include AAA systems, network security systems, and cryptography. He serves on the GSEC advisory board and as a GCFW grader. In his spare time he practices his talents at creative writing.

Jeff Parker

Jeff's experience is shared between analyzing heterogeneous environments and implementing disaster-tolerant solutions for Hewlett Packard, chiefly involving Novell clusters. In his spare time, he is actively pursuing a Masters degree in National Security Studies and sharing his wife's love of traveling. Jeff's certifications include Master Certified Novell Engineer, MCSE on both NT 4.0 & Windows 2000 and Cisco's CCNA. But he only feels truly fulfilled from the efforts put forth in writing the GCIH and GSNA practicals.

David Parks

David Parks is an Infrastructure Architect at a Fortune 500 retailer in Central Florida. His professional IT experience began there in 1995, and he has held a number of roles and positions including Check Point firewall administrator, Senior Systems Engineer, and Server Team Leader. David began working with personal computers in 1978, an Internet shell account in 1993, and Linux in 1994. He was previously a Captain in the United States Marine Corps where he trained recruits as a Series Commander and served as the Finance Officer at the Marine Corps Recruit Depot in San Diego, CA. David received a BA from the University of Florida and an MBA from Webster University. His current certifications include MCSE +Internet, CCSE, and GCIH. David's interests include spending time with his family, Linux, other UNIX and Unix-like operating systems, network & system security, travel, hiking, music, and movies.

Patrick Prue

Patrick Prue is currently owner of Prue Consulting Inc, a small business which focuses on bringing security solutions and testing to the small to mid size business market. Certifications currently held include GCIH and is presently working on a few new SANS certifications but has also previously held a number of industry certifications. Patrick has served on the GCIH advisory board from almost it inception holding the role of Lead Grader as well as Board Chair on an occasion or 2. Outside of work time is spent enjoying relaxation with his wife and 2 children.

Jeff Schaller

Jeff is a system administrator with experience in Solaris, Linux, and Windows. For fun, he works on building a cluster of 486's for an artificially-intelligent Othello-playing program. He enjoys learning, programming, bicycling, motorcycles, and playing ping-pong and pool. He has a BS in Computer Science from the University of Kansas, GCUX and GSNA (Advisory board for both), and cSAGE.

Dave Shackleford

Dave Shackleford has been involved in Information Technology, particularly the arenas of networking and security, for over nine years. Dave has worked as a security architect and manager for a number of large companies, and has also run his own consulting practice for several years. He currently works as a Senior Security Architect for Vigilar, and his areas of specialty include incident handling and response, intrusion detection and traffic analysis, and vulnerability assessment (penetration testing). He has been an authorized grader for the GSEC, GCIH, and G7799 certifications, and has also edited courseware, written exam questions, and proctored bootcamp sessions for GIAC and SANS. Dave holds CISSP, GCIA, GSEC, GCIH, G7799, MCSE, and MCIWA certifications, and is working on an MBA. He is also the co-author of "Hands On Information Security" from Course Technology.

Raul Siles

Raul Siles is currently performing as a Security Technical Consultant for Hewlett-Packard Spain. During the last 5 years he has been designing security infrastructures and developing system and network audits, penetration tests, system hardening, implementing IDS and firewalls... Previously he worked as a network and system consultant, focused on Internet/E-businness projects, being also involved in development tasks. Raul is author of several books about security, Java and CORBA. He also have a deep experience as a security and programming instructor. Additionally, he has participated in several security challenges. He has a Master Bachelor degree in Computer Science from UPM, Spain, and a master on Security and E-Commerce. He currently holds CCNP, CCNA, GCIH, GCIA, GSNA, GCUX, GCFW and GCFA certifications, and is trying to obtain the GSE.

Patrik Sternudd

Patrik is working as a security consultant in Sweden. He holds three different GIAC certifications, the GCIA, GSNA and GCFW. Throughout his work, he has participated in several interesting projects in different parts of the country. Patrik enjoys analyzing network traffic in hexadecimal, but has also taken an interest to matters of law and its consequences to information security.

Dan Strom

Dan Strom currently is the Data Security Manager for Kansas Farm Bureau in Manhattan, Kansas. He holds a B.S. in Electrical Engineering from Kansas State University and a M.A. in Biblical Studies from Dallas Theological Seminary. Over the course of the last 20 years he has held positions as a consultant, programmer, technical trainer, network architect and manager. He honestly believes that to be successful in today's world, one has to be committed to integrity, exercise creativity and be accepting of change.

Koon Yaw Tan

Koon Yaw is currently employed as a security consultant for Infocomm Development Authority of Singapore. His current main responsibilities include playing the lead role in incident handling, intrusion detection and vulnerability assessment for the Government and where appropriate, the private sector and general public. Previously, he was a cryptographer, involving designing and analysing of cryptographic algorithms and systems. He holds a BSc (Hons) in Mathematics and MSc in Engineering from the National University of Singapore.

James Tarala

James is currently responsible for information security for Bon Secours Healthcare System's operations in the state of Florida. He is also currently involved with numerous projects within Bon Secours nationwide, including the rollout of Microsoft Active Directory and thin clients using Terminal Services, and creating security standards for HIPAA compliance. He has spent the past few years providing training and consulting services to organizations in the areas of system security and network and system architectures. He also works with GIAC and SANS, grading for the GSEC and GSNA certifications and holds many vendor certifications, including MCSE:S, CCNA, GSEC, GCWN, GSNA, and CISSP.

Peter Vestergaard

Peter Vestergaard is Technical Manager of a Scandinavian Vulnerability Assessment company PROTEGO A/S - working with in depth manual and automatic testing of external perimeter security. He is responsible for 12 Security engineers performing Security testing for high profile customer segments such as governmental and financial institutions. Peter holds Microsoft, Cisco and a GCFW certification and have a broad experience in security devices (VPN, firewalls, routers etc.) both commercial as well as open source products. In June 2002 he won 2nd place as "Network Professional of the Year" at the Networking Industry Awards in Birmingham. Having a key interest in full VPN solutions he has worked with almost any type of authentification mechanism and VPN technology and functions as an instructor in this and other security related courses.

Rick Wanner

Rick has over 15 years experience in IT, first as a software developer, then team leader, manager and technical consultant. Since 1996 Rick has specialized in Information Security, and is currently employed in Audit and Security at SaskTel in Regina, Saskatchewan. Rick has participated in numerous projects for SANS including the Top 20 vulnerability lists, the SSH Step by Step guide, GSEC course revisions, and conference presentations. Rick holds a B. Sc. in Computer Science and is a certified Information Systems Professional (I.S.P.). Rick is a grader for the GCFW certification, and an active member of the GSEC and GCFW Advisory Boards. When he is not working, or participating in security related activities, Rick is a hockey and baseball coach, and a father to a dancer and a karate kid.

Lisa Yeo

Lisa has worked in IT for 15 years, seven of them in security. She is currently working on a project with public libraries in Alberta as they prepare to connect to a province-wide broadband network. Lisa holds GSEC and GCWN certifications, a BMath from the University of Waterloo, and is currently pursuing her MBA from the University of Alberta.

• Practical Termination
• Administrivia
• Archived  Assignments
• Templates
• Planning Guides
• Deadlines

© 2000-2009 The SANS Institute

SANS Web Privacy Policy: www.giac.org/privacy.php - Web Contact: webmaster@giac.org

Phone: 301-654-7267 | Mon-Fri 9am-8pm EST/EDT

(ISC)² and CISSP are registered marks of the International Information Systems Security Certification Consortium, Inc.