Alumni: Biographies

SANS Technology Institute Class of 2014

SANS Technology Institute offers its alumni the opportunity to post a short bio on the STI website. The following alumni requested that their bio be posted.

Russ McRee, MSISE, 2013

Russ McRee directs the Security Response and Investigations team for Microsoft's Operating Systems Group (OSG). He writes toolsmith, a monthly column for the ISSA Journal, and has written for numerous other publications including Information Security, (IN)SECURE, SysAdmin, and Linux Magazine. Russ also speaks regularly at events such as DEFCON, Derby Con, BlueHat, Black Hat, SANSFIRE, RSA, and others, and is a SANS Internet Storm Center handler. His work includes service in the Washington State Guard as an advisor to the Washington Military Department. Russ advocates a holistic approach to the practice of information assurance and, as such maintains

TJ OConnor, MSISE, 2012

TJ OConnor is the lead author of the book Violent Python. TJ's love of computer security began as an undergraduate student of computer scientist at the United States Military Academy in 1999. After a myriad of experiences in the Department of Defense (DoD), he returned to academics in 2006 to pursue a Masters in Computer Science focusing on methods for defending attacks against the Bluetooth Protocol. Following successful defense of his thesis, he created the course materials for the Digital Forensics and Computer Exploitation courses for the CS Department of the US Military Academy. After returning back to work for the DoD, TJ completed his Master of Science in Information Security Engineering from the SANS Technology Institute in 2012. He is currently pursuing a PhD in Computer Science focused on prevention of code-reuse attacks. TJ also recently earned a Purple Belt in Gracie Jiu Jitsu from Team Royce Gracie.

Tim Proffitt, MSISM, 2010

Tim Proffitt is the Director of Technology Governance Risk and Compliance for Insperity INC and a professor at Lonestar College. He has 25 years in the technology field working as a network engineer, forensic examiner, server administration and consultant for several mid-sized companies. Tim has obtained over 25 industry certifications such as the CISSP, MCSE, NNCDE, CCSA and various GIAC certifications. He also holds a Master of Science in Information Security Management from SANS Technology Institute, and a BS in Computing Science from Sam Houston State. Tim is currently working on his Ph.D from Walden University.

Manuel Santander, MSISE, 2010

Manuel Humberto Santander Pelaez is the CISO of Empresas Publicas de Medellin, the largest utility company in Colombia. He holds a Master of Science degree in Information Security Engineering from SANS Technology Institute and also GIAC GCFA , GCIA, GCIH, GSEC and GPPA certifications. He has 16 years of experience in the field and his topics of interest include computer forensics, intrusion detection, security management models and malware analysis. He is currently a community SANS instructor, member of the GIAC Ethics Council and SANS Internet Storm Center handler. His personal webpage is and contact e-mail:

Kevin Bong, MSISE, 2009

Kevin Bong is a Manager at 403 Labs focusing on information security and compliance issues faced by financial institutions. Prior to joining 403 Labs, Kevin spent 12 years as a Vice President of a multi-billion-dollar financial group, leading the bank's security and IT risk management activities. With his experience performing audits, penetration testing, risk assessments and forensic investigations, Kevin provides invaluable guidance to institutions affected by standards such as those related to the FFIEC, NIST, HIPAA and PCI.

Kevin is the creator of the MiniPwner, a pocket-size penetration testing device used to get remote access to a network. He's also an author, instructor and a speaker at conferences like RSA, DerbyCon, THOTCON and WACCI. Kevin has a Master of Science Degree in Information Security Engineering from the SANS Institute. In addition, he is a Payment Card Industry Qualified Security Assessor (QSA) and a Project Management Professional (PMP) who holds numerous Global Information Assurance Certifications (GIAC).

Eric Conrad, MSISE, 2009

Certified SANS instructor Eric Conrad is lead author of the book The CISSP Study Guide. Eric's career began in 1991 as a UNIX systems administrator for a small oceanographic communications company. He gained information security experience in a variety of industries, including research, education, power, Internet, and health care. He is now president of Backshore Communications, a company focusing on intrusion detection, incident handling, information warfare, and penetration testing. He is a graduate of the SANS Technology Institute with a master of science degree in information security engineering. In addition to the CISSP, he holds the prestigious GIAC Security Expert (GSE) certification as well as the GIAC GPEN, GCIH, GCIA, GCFA, GAWN, and GSEC certifications. Eric also blogs about information security at

Rick Smith, MSISE, 2009

Rick Smith is a Principal Cyber Security Engineer for Science Application INternational Corporation (SAIC) where he provides information security consulting services to Department of Defense, other federal civilian government agencies, and commercial organization. Rick holds the GIAC Security Expert certification and several other GIAC certifications including GSNA, GPEN, GWAPT, and GAWN. His other IT certifications include CISSP, ISSEP, CISA and, MCSE+I. Rick is a member of the GIAC Advisory Board and is an instructor in the Community SANS.. Rick holds a Master of Science in Electrical Engineering Degree from Rensselaer Polytechnic Institute and a Master of Science in Information Security Engineering Degree from The SANS Technology Institute.