Faculty Directory

Kelli is a Principal Consultant and Co-Founder of Enclave Security, an information security consulting firm specializing in governance. As a security architect and project manager, she specializes in IT audit, governance, policy library development, and information assurance strategies. She is a courseware author for the SANS Institute as well as one of the lead technical editors for the Center for Internet Security’s Critical Security Controls. She is also the lead author for many of the governance resources and creator of tools and policies at AuditScripts.com. You can follow her on Twitter @KelliTarala

Joff is a security analyst and penetration tester at Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis and exploit research. He is also an instructor at the SANS Institute,  where he primarily teaches the use of Python for information security purposes.

Matthew Toussain is the Founder and CIO of Open Security, an information security consulting firm specializing in holistic security services. Matt served as the senior cyber tactics development lead for the U.S. Air Force and worked as a security analyst for Black Hills Information Security and CounterHack Challenges. As a certified SANS instructor Matthew regularly delivers educational seminars to security practitioners around the world.

Jonathan is the Global Director for the Microsoft Enterprise Cybersecurity Group. In this role, he leads a team of security advisors who provide strategic direction on the development of Microsoft security products and services. He also serves as a member of Microsoft’s Internal Risk Management Committee and is a principle author of the Microsoft Security Intelligence Report. Jonathan also serves as an Affiliate Faculty member in Research Assurance at Regis University and serves as an advisor to security startups and venture capital firms.

Aaron is a three-decade veteran of the cybersecurity community, having worked on projects covering every aspect of the industry, from helping build security technologies while at Microsoft to his work on offensive cyber projects for the U.S. government. He has spent the last 15 years on a series of cybersecurity startups, building technologies and developing companies to help teams solve some of the toughest cybersecurity problems.

Ismael Valenzuela is coauthor of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering. Ismael is Vice President Threat Research & Intelligence at BlackBerry Cylance, where he leads threat research, intelligence, and defensive innovation. Ismael Valenzuela has participated as a security professional in numerous projects across the globe for over 20+ years, which included being the founder of one of the first IT Security consultancies in Spain.

As a top cybersecurity expert with a strong technical background and deep knowledge of penetration testing, security architectures, intrusion detection, and computer forensics, Ismael has provided security consultancy, advice, and guidance to large government and private organizations, including major EU Institutions and US Government Agencies.

Ken is the President and Principal Consultant of KRvW Associates, LLC, an independent information security consulting company, and a Visiting Scientist at Carnegie Mellon University. He has held executive and senior technologist positions at Tekmark, Para-Protect, Science Applications International Corporation (SAIC), the U.S. Department of Defense, Carnegie Mellon University, and Lehigh University. Ken is a frequent speaker at technical conferences, and has presented papers and training for CSI, ISF, USENIX, FIRST, CERT, among others.

John Visneski leads information security for MGM Studios.  In this capacity, he and his team are responsible for security operations, engineering, GRC and data protection across the business.  He also leads content security efforts for the full development lifecycle and supply chain of film and television production at the studio.

Prior to joining MGM, John was the CISO at Accolade, a publicly traded personalized healthcare company.  In this capacity he led post-IPO compliance efforts, as well as leading security integration efforts for two major acquisitions.  John also built the security and privacy programs at The Pokémon Company International.  During his time with the organization, he was responsible for the protection of corporate information technology systems, customer facing platforms, applications, and products.  He also developed the company data privacy strategy to meet the demands of emerging global privacy regulations.

John started his career serving over ten years in the United States Air Force as a cyberspace operations officer.  His responsibilities while in the Air Force spanned various leadership and management positions, including leading strategic engagements for the Air Force CIO; writing policy and guidance for Air Force requirements and acquisition; directing operations for a worldwide network within the intelligence community; and directing communications and information technology in deployed environments.  John served multiple deployments to Iraq and Afghanistan, the most recent of which was as the joint communications director for the NATO Rule of Law Field Force Afghanistan.  His time in the Air Force culminated in a position as the cybersecurity advisor to the Secretary of the Air Force and Chief of Staff of the Air Force, located at the Pentagon, Washington D.C.  He currently resides in Seattle, WA with his wife Althea and their dog Ben.

Currently consulting, Mike was the head of cyber security at 2 of Canada's iconic companies, and also served as CIO at one of them. Mike's scope included security of application development, of IT systems, and of global cloud services, as well as compliance for the corporation and customer services.

 Tarah is the Founder and CEO of the cybersecurity compliance company Red Queen Dynamics. She also serves as the Senior Fellow for Global Cyber Policy at Council on Foreign Relations.  Tarah has spoken and testified on information security at the United States Senate, European Union and at multiple governmental and industry conferences.
Prior to launching Red Queen Dynamics, Tarah was the Head of Offensive Security & Technical Data Privacy at Splunk and Senior Director of Engineering and Principal Security Advocate at Symantec Website Security.

Justin is a Vice President at In-Q-Tel, a non-profit strategic investor serving the Intelligence Community, where he oversees a portfolio of innovative cybersecurity companies solving complex challenges at the intersection of National Security and Commercial Industry. He has also led research and technical diligence exploration for developmental investments that shape Digital Forensics, Behavioral Analytics, Endpoint Protection, Orchestration and Automation, and Software Assurance early-stage startups.

Jake Williams (aka MalwareJake) is a seasoned security researcher with decades of experience in technology and security. Jake is a former startup founder, former senior SANS instructor and course author, and an intelligence community and military veteran. He loves forensics, incident response, cyber threat intelligence and offensive methodologies. Today, Jake is an IANS faculty member, an independent security consultant, and is performing security-focused research to benefit the broader community. He has had the honor of twice winning the DoD Cyber Crime Center (DC3) annual digital forensics challenge. You may also know Jake from one of his many conference talks, webcasts, media appearances or his postings about cybersecurity.