Governance: Administrators

Governance:

Administration

Alan Paller
Alan,
  • President, SANS Technology Institute
  • Director of Research, SANS Institute
  • Ex-Officio Member

  Read Biography

Alan Paller founded SANS, a professional cybersecurity training school that trains more than 41,000 cybersecurity technologists each year. He is also president of SANS Technology Institute, the nation's first regionally accredited specialized cybersecurity college and graduate school.  Alan edits NewsBites, the twice-weekly curated summary of the most important news stories in cybersecurity, oversees a global program that identifies and celebrates people responsible for remarkable improvement in cyber risk reduction, and chairs the annual RSA keynote panel on the "Seven Most Dangerous New Attack Vectors."

He has testified before the US Senate and House of Representatives and was an initial member of President Clinton's National Infrastructure Assurance Council. He was chosen by President Bush's OMB and the Federal CIO Council as the 2005 Azimuth Award winner, a lifetime achievement award recognizing outstanding service of a single, non-government person to improving federal information technology. In 2010, the Washington Post named him one of seven people "worth knowing in cyber security." Alan co-chaired the DHS Homeland Security Advisory Committee's 2012 Task Force on Cyber Skills and headed the Task Force on Best Practices in Cybersecurity for the FCC Communications Security, Reliability and Interoperability Council and was a member of the NASA Advisory Council.

Earlier in his career Alan helped build one of the first large software companies, took it public, and merged it into a larger company listed on the New York Stock Exchange.  He authored two books, The EIS Book: Information Systems for Top Managers and How to Give the Best Presentation of Your Life and founded the National Computer Graphics Association, the EIS Institute and The Data Warehousing Institute. Even earlier he was the founder and CEO of a mid-sized government contracting organization (AUI) focused on applying computer graphics to problems ranging from flight paths for airports to education and drug funding targeting.  He also founded Econometric Research Associates, a litigation support firm specializing in providing data-intensive expert testimony in major trials. He and U.S. District Court Judge Robert R. Merhige, Jr.  were selected as the faculty for the American Law Institute's national training program on "Direct and Cross Examination of Plaintiff's Expert Witness."  He earned degrees in Engineering and Computer Science from Cornell University and the Massachusetts Institute of Technology and was a registered Professional Engineer.

Dr. Johannes Ullrich
Dr.
  • Dean of Research
  • Most Advanced Degree
    Doctorate in Physics, State University of New York at Albany
  • Field of Experience
    Information Security Research Expert

  Read Biography

Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. In 2000, he founded DShield.org, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a web development company and as a research physicist. Johannes holds a PhD in physics from SUNY Albany and is based in Jacksonville, Florida. His daily podcast summarizes current security news in a concise format. Listen to Johannes discuss "HTML5: Risky Business or Hidden Security Tool Chest for Mobile Web App Authentication" in this SANS webcast.

Here is What Students Say About Dr. Johannes Ullrich:

"Dr. Ullrich is a dynamic speaker, very engaging & has good "nerd humor". Keep up good work!" - Shelly Lewis, PwC

David Hoelzer
David,
  • Dean of Faculty
  • Most Advanced Degree
    Master's in Computer Science, American Intercontinental University
  • Field of Experience
    Intrusion Detection and Auditing. See details below.

  Read Biography

David Hoelzer is the author of more than twenty days of SANS courseware. He is an expert in a variety of information security fields, having served in most major roles in the IT and security industries over the past twenty-five years. Recently, David was called upon to serve as an expert witness for the Consumer Financial Protection Bureau in a landmark case regarding information security governance within corporations in the financial sector and has previously served as an expert for the Federal Trade Commission for GLBA Privacy Rule litigation and other matters. David has been highly involved in governance at SANS Technology Institute, serving as a member of the Curriculum Committee, Long Range Planning Committee, GIAC Ethics Board, and as Dean of Faculty. As a SANS instructor, David has trained security professionals from organizations including NSA, DHHS, Fortune 500 security engineers and managers, various Department of Defense sites, national laboratories, and many colleges and universities. Outside of SANS, David is a research fellow in the Center for Cybermedia Research, a research fellow for the Identity Theft and Financial Fraud Research Operations Center (ITFF/ROC), an adjunct research associate of the UNLV Cybermedia Research Lab, a research fellow with the Internet Forensics Lab, and an adjunct lecturer in the UNLV School of Informatics. David has written and contributed to more than 15 peer reviewed books, publications, and journal articles. Currently, David serves as the principal examiner and director of research for Enclave Forensics, a New York/Las Vegas based incident response and forensics company. He also serves as the chief information security officer for Cyber-Defense, an open-source security software solution provider. In the past, David served as the director of the GIAC Certification program, bringing the GIAC Security Expert certification to life. David holds a BS in IT and an MS in Computer Science, having spent time either attending or consulting for Stony Brook University, Binghamton University, and American Intercontinental University.

Here is What Students Say About David Hoelzer:

"David was incredibly knowledgeable, enthusiastic, and was able to relate examples to real-life scenarios." - Alice MacFarlan, UK Dept. for Transport

Tim Medin
Tim,
  • MSISE Program Director
  • Most Advanced Degree
    MBA, University of Texas at Tyler

  Read Biography

After watching the movie Sneakers, Tim Medin knew the career path he wanted to pursue. "I saw the movie and wanted to break into places and hack thinks," he says. Infosec was the perfect fit. "I love hacking, and I can get paid to do it!"

Tim began his security career in 2008 with a role at AgStar Financial Services (now Compeer Financial), and since then has worked for FishNet Security (now Optiv) and Counter Hack. Today, he's the founder and principal consultant at Red Siege where he manages the company and hacks things, his favorite role so far because he gets to lead a team of smart hackers and run a business.

A SANS instructor since 2012, Tim is currently the program director for the SANS Master of Science in Information Security Engineering (MSISE) curriculum, as well as a principal instructor and course author. In the classroom, you'll find him teaching SEC560: Network Penetration Testing and Ethical Hacking and SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking.

Through the course of his career, Tim's had the opportunity to hack some of the best and biggest companies on earth and get a sneak peek inside cutting-edge technology before it's publicly released. He has performed penetration tests on a wide range of organizations and technologies in industries including control systems, higher education, financial services, and manufacturing, and brings years of practical experience and stories from himself and his team to his SANS students.

Tim says an eagerness to learn, and an openness to see things differently are keys for success in his classroom. "I really enjoy seeing students break through their current way of thinking and see technology and data differently," he says.

And those lessons can have a lasting impact. "Years ago I had a high school student in a one-day class who came up to me years later and showed me he was doing penetration testing at a major company," says Tim. "It was amazing to see him develop himself and see his transformation."

Tim is an experienced international speaker and the creator of Kerberoasting, a widely-used technique to extract kerberos tickets in order to offline attack the password of enterprise service accounts. He has an MBA from the University of Texas, holds the GWAPT, GPEN, GMOB, GCED, and GCIH certifications, and previously held the CCNA certification.

In his free time, you'll find Tim watching sports, appreciating a good beer, and running.

Summary of Credentials

Qualifications Summary

Get to Know Tim Medin

LinkedIn

Twitter

Website

Student Quotes

  • "Tim is a great instructor, I really enjoyed the live demos and the style of his teaching. He really keeps you engaged." - Drew Davis, Rook Security

Certifications

  • GPEN (GIAC Certified Penetration Tester)
  • GWAPT (GIAC Web Application Penetration Tester)
  • GCED (GIAC Certified Enterprise Defender)
  • GMOB (GIAC Mobile Device Security Analyst)
  • GCIH (GIAC Certified Incident Handler)

Eric Patterson
Eric,
  • Executive Director
  • Most Advanced Degree
    Master's in Defense Analysis (Irregular Warfare), Naval Postgraduate School Master's in Humanities (Irish Studies), John Carroll University

  Read Biography

LTC(R) Eric Patterson, with over over 25 years of experience in military, government, and academia, brings a wide variety of leadership, organizational design, training, and higher education experiences to SANS.  His military experience includes 20 years as an Infantry and Special Forces officer, during which time he deployed to multiple combat zones, managed the training programs for all US Army Special Forces, Civil Affairs, and Psychological Operations soldiers, and directed full spectrum special operations in eastern and central Africa.  After retiring from the Army, he served as the founding director of nationally recognized student veteran and international student programs at a private university in Ohio.  Eric earned his BS in International Relations and a minor in Systems Engineering from the US Military Academy at West Point, NY.

Betsy Marchant
Betsy,
  • Assistant Director
  • Most Advanced Degree
    Master of Public Health, University of South Carolina

  Read Biography

Betsy Marchant brings over 20 years' experience in education and management to her role as Assistant Director at SANS Technology Institute, where she has broad oversight of current student management, academic program administration, and curriculum review and improvement.

Betsy joined the college in 2016 as Assistant Director of Graduate School Operations. Through her leadership, student support programs were improved and greatly expanded to effectively manage the college's growing student population.  Prior to joining SANS Technology Institute, Betsy directed a public health preparedness training team at the Virginia Department of Health and worked in training and education at the Centers for Disease Control and Prevention. She has a B.S. in Health Sciences from Clemson University and a M.P.H. in Public Health from the University of South Carolina.

Tom Vanderhorst
Tom,
  • Assistant Director, Undergraduate Operations
  • Most Advanced Degree
    Bachelor's in History, United States Naval Academy

  Read Biography

Tom Vanderhorst has experience in operations, education, and leadership in a variety of environments including military, non-profit, and academic organizations. As Assistant Director of Undergraduate Operations, he leverages his breadth of experience in support of the undergraduate student population to successfully complete their academic programs and be prepared for entry into and advancement in their cybersecurity careers.

After graduating from the US Naval Academy, Tom served as a Marine officer for seven years, during which time he managed unit training, operations, and logistics, deployed in support of Operation Iraqi Freedom, and served on the staff of the US Naval Academy as the Director of Operations for Navy Football. After stepping away from the military, he partnered in consulting efforts that focused on the development and implementation of infrastructure protection strategies for clients in both the public and private sectors. Then, as Director of Operations for the National Board of Information Security Examiners (NBISE), he supported the advancement of the information security workforce through managing engagements with experts to identify the ground truth needs for the assessment and development of examinations and certifications. In his role prior to joining the SANS Technology Institute, Tom enjoyed serving his local community and broadening his understanding of education through teaching and coaching at Teton High School in eastern Idaho.

Alex Wang
Alex,
  • Senior Marketing Manager
  • Most Advanced Degree
    Master of Arts in Media Studies, The New School

  Read Biography

Alex brings more than 12 years' experience in higher education marketing to his role as Senior Marketing Manager at the SANS Technology Institute, where he is building awareness of the university's distinctive approach to higher education and its outstanding students and faculty. Prior to joining SANS, Alex was Director of Marketing and Promotions at New York Institute of Technology, where his work was recognized with a Gold Award for best new college advertising campaign from the Collegiate Advertising Awards and Big Apple Awards from the PRSA for brand management and best use of research and measurement.  Alex holds a Bachelor of Arts in Political Science from Stony Brook University and a Master of Arts in Media Studies from The New School.  A lifelong New Yorker, Alex likes to spend his spare time traveling, reading, kayaking, hiking, and listening to and making music.

Stefanie Sarno-Sutrina
Stefanie,
  • Manager of Quality Assessment and Reporting
  • Most Advanced Degree
    Master of Arts, Higher Education Administration and Leadership, Adams State College

  Read Biography

In her role as Manager of Quality Assessment and Reporting, Stefanie Sarno-Sutrina supports the entire college by gathering, tracking, analyzing, and archiving information to assist in the ongoing assessment of the performance and outcomes for academic program, students, alumni, and processes. She has 10 years of experience as a data analyst, to include both financial services and higher education settings. Stefanie previously worked for Ruffalo Noel Levitz, a leading US higher education consulting firm, and for Metropolitan State University in Denver, where she supported a variety of institutional assessment and reporting activities.

Stefanie holds a Master of Arts in Higher Education Administration and Leadership from Adams State University and a Bachelor of Science in Mathematics with Applied Statistics Emphasis from the University of Northern Colorado.