Faculty Directory

Ed Skoudis is the founder of Counter Hack, a company focused on conducting ultra high-quality penetration tests and red team engagements to help organizations better manage their cyber risks. Ed is a SANS Fellow, author, and instructor who has trained over 20,000 cyber security professionals in the art of penetration testing and incident response. Ed is an expert witness who is often called in to analyze large-scale breaches.

Eric is the CEO and Co-Founder of Lares, an international cybersecurity consulting firm specializing in a wide range of offensive, defensive, and advisory services. He is committed to a lifelong career in Information Security holding positions as CEO, CTO, VP, Co-Founder, Engineer and Consultant spanning over the last three decades.

John is the Owner of Black Hills Information Security (BHIS) where he leads the Hunt Teaming, Command & Control (C2)/Data Exfiltration and Pivot testing development. He is also a SANS Institute Senior Instructor. In these roles, John has both consulted and taught hundreds of organizations in the areas of security, regulatory compliance, and penetration testing.

Taryn brings over 15 years of experience in cybersecurity, governance, vulnerability management and ethical hacking. She has established a reputation as a results-driven leader in the field and proven herself adept at managing complex security challenges across finance, government and healthcare organizations. Taryn currently serves as Risk Governance and Insights Lead for Google gTech where she heads efforts to bolster global cybersecurity strategies and implement cutting-edge governance programs across diverse portfolios.

James is a Managing Partner at Cyverity, an information security consulting firm specializing in cybersecurity risk assessment and governance that is based in Venice, Florida. As a consultant, he has focused on architecting and assessing large enterprise IT security and infrastructure architectures. He has also assisted organizations in security management, operational practices, and regulatory compliance issues. He often performs independent security audits and assists internal audit groups in developing their internal audit programs. James is also a Senior Instructor, Course Author, editor, and regular speaker with the SANS Institute, a contributor to the Center for Internet Security’s Controls for many years, and a founder of the Cybersecurity Risk Foundation (CRF).

Kelli is a Principal Consultant and Co-Founder of Enclave Security, an information security consulting firm specializing in governance. As a security architect and project manager, she specializes in IT audit, governance, policy library development, and information assurance strategies. She is a courseware author for the SANS Institute as well as one of the lead technical editors for the Center for Internet Security’s Critical Security Controls. She is also the lead author for many of the governance resources and creator of tools and policies at AuditScripts.com. You can follow her on Twitter @KelliTarala

Joff is a security analyst and penetration tester at Black Hills Information Security (BHIS). He has extensive experience covering intrusion prevention/detection systems, infrastructure defense, vulnerability analysis, defense bypass, source code analysis and exploit research. He is also an instructor at the SANS Institute,  where he primarily teaches the use of Python for information security purposes.

Matthew Toussain is the Founder and CIO of Open Security, an information security consulting firm specializing in holistic security services. Matt served as the senior cyber tactics development lead for the U.S. Air Force and worked as a security analyst for Black Hills Information Security and CounterHack Challenges. As a certified SANS instructor Matthew regularly delivers educational seminars to security practitioners around the world.

Jonathan is the Global Director for the Microsoft Enterprise Cybersecurity Group. In this role, he leads a team of security advisors who provide strategic direction on the development of Microsoft security products and services. He also serves as a member of Microsoft’s Internal Risk Management Committee and is a principle author of the Microsoft Security Intelligence Report. Jonathan also serves as an Affiliate Faculty member in Research Assurance at Regis University and serves as an advisor to security startups and venture capital firms.

Julie Tsai is a seasoned cybersecurity leader with over 20 years of experience driving security and engineering excellence across Silicon Valley. She has held key roles at companies ranging from lean startups to Fortune 1 enterprises, building and scaling security programs that are deeply integrated with engineering and DevOps practices. With a foundation in full-stack technology including system administration, network architecture, site reliability engineering, and application development, Julie brings a rare depth of technical expertise to her security leadership. Her work emphasizes DevSecOps, modern security architecture, organizational design, and building resilient, inclusive security cultures. She is a passionate advocate for civil liberties, open technologies, and using security as a force for good.

Aaron is a three-decade veteran of the cybersecurity community, having worked on projects covering every aspect of the industry, from helping build security technologies while at Microsoft to his work on offensive cyber projects for the U.S. government. He has spent the last 15 years on a series of cybersecurity startups, building technologies and developing companies to help teams solve some of the toughest cybersecurity problems.