Instructors

Neale Pickett – Neale worked for years at Los Alamos National Laboratory (LANL) as a responder on the Cyber Security Incident Response Team (CSIRT). He is now part of LANL’s Advanced Research in Cyber Systems group (ARCS), where he runs the Cyber Fire effort, including Foundry, Summer School, and more. He developed and teaches the Network Archaeology track.

Shane Steinfadt – Shane attended Kent State University, receiving a Master’s and Ph.D. in Computer Science. As a student, she interned at NASA Glenn Research Center in Cleveland, in addition to being a web developer for her own company. She is now a cyber security researcher specializing in algorithms and the use of bioinformatics to detect malware. She also serves as a technology evangelist for PcapDB, a network packet capture database, to build and grow a community to contribute to the open source, scalable, low-cost, multi-site network packet capture solution. As an educator, she has taught at Cyber Fire, a national cyber training event, and LANL’s Cyber Summer School, and volunteers in the community to motivate youths to pursue STEM fields.

James Wernicke – James has been involved with LANL since his undergraduate years at New Mexico Tech, where he earned a Bachelor’s degree in Informational Technology and, later, a Master’s in Computer Science. James specializes is in web and mobile security, working primarily in mobile computing and location-based app development to make progress in crowd-sourced security measures and nuclear detection. A self-dubbed “chat expert,” his most recent project, “Zirconium,” intends to combine meetings and work – all in an online forum. As an applications developer for the lab, James seeks to spark an increase in work productivity through his work, adapting technology for human use, so that computers aid in productivity instead of distracting from it.

Joe B. Taylor – With over 20 years’ experience in computer science, Joe has a deep understanding of technology ranging from networking and storage sub-systems to systems analysis and system integration. Joe completed his Master’s in Computer Science at the University of Colorado, and previously held positions at Helios and the DOE/NNSA Pantex Plant, primarily focusing on software development, code optimization, and database analysis. Joe has expertise in designing and implementing data management, disaster recovery, and changing management systems, and is currently a solutions architect in the Advanced Research in Cyber Systems group at LANL, working on data analysis.

J. Patrick Avery, Jr. – With more than 25 years in the IT industry and 8 years at the DOE/NNSA Pantex Plant, Patrick has worked on remote incident response engagements, helping other sites in the DOE complex and prime contractor business partners. His previous work includes being the technical leader of Pantex’s cyber analysis, the cracking of adversary C2 channel encryption and obfuscation, and the creator of underlying C2 protocol dissectors. In each case, hundreds of gigabytes of packet capture were transformed into actionable intelligence, providing a play-by-play of the adversary’s actions for consumption by incident responders and senior leadership. Patrick now works in the Advanced Research in Cyber Systems group at LANL with a wide range of USG customers on next-generation cyber physical topics.

Grace Herrera - Grace is a recent addition to the Advanced Research in Cyber Systems group (ARCS) and was in the first Cyber Fire Summer School as an intern.

Chris Rawlings – Chris Rawlings is a cyber security research and development scientist in the Advanced Research for Cyber Systems(ARCS) group at Los Alamos National Laboratory(LANL). He helped develop and teaches the Host Forensics class at Cyber Fire Foundry and at the Cyber Fire Summer School and also runs the Cyber Fire Simulation events for DOE.

Kelcey Tietjen - is LANL’s Chief Information Security Officer (CISO) and recovering forensicator. As LANL’s CISO, Kelcey runs LANL's cybersecurity program. Previously, he led the transformation of Apple's cybersecurity operations center, and formed their global 24x7 SOC helping to architect and build detection and response capabilities for new services. Previous to Apple, Kelcey played a critical role in forming Bechtel's globally distributed cybersecurity engineering, operations and incident response organizations. Before spending time at corporations helping to increase and build up their information security programs Kelcey played his services as a consultant at Mandiant. Kelcey’s current areas of passion are cyber data science, measuring and optimizing cyber resiliency through data analysis and cloud service detection, response and forensics operations implementation.

John Donaldson – John serves at the Department of Energy’s Lawrence Livermore National Laboratory (LLNL) as a cyber security engineer and researcher. At LLNL, John is responsible for tools development and threat hunting in support of operational cybersecurity and conducts cybersecurity research within LLNL’s research organizations. Additionally, he is involved in DOE cybersecurity training and educational outreach activities and has served as a co-lead for DOE network defense cyber-intelligence activities.

David Hudson - David is a cyber security researcher at Idaho National Labs. At INL, David is responsible for reverse engineering malware samples that are found in the field when conducting on site analysis of industrial control system networks. His research focuses on improving detection and collaborative analysis of samples to increase efficiency during incident response.

Kyle McCready – Kyle is a cyber security researcher at Idaho National Laboratory (INL). During his initial years at INL, he worked as an incident responder and forensics analyst. Nowadays, Kyle is primarily responsible for reverse engineering malware to determine capabilities, detection methods, and mitigations. Interested in both forensic and malware analysis, he enjoys developing tools and methods to aid in the analysis process.

Jeremy Hefner - Jeremy has worked in the Cyber Security industry since 2001. Currently, he is the threat hunting lead at Idaho National Laboratory where he analyzes malware and hunts for threats across the enterprise.

Jeremy Thomas - Jeremy Thomas is currently the deputy cyber security officer for the Idaho National Laboratory (INL). He most recently served as cyber security manager and classified information systems security manager with oversight of the classified cyber security program. Prior to joining INL, Thomas was the cyber security officer for Bechtel BWXT Idaho.

Thomas serves in the Idaho Army National Guard as the computer network defense team chief and served two tours of duty in Iraq as a battalion intelligence officer directing and developing intelligence-gathering activities, conducting threat assessments and overseeing information security and information assurance activities.

He earned his bachelor’s degree in Applied Technology from Idaho State University and a master’s degree in Management with an emphasis in Information Systems Security from Colorado Technical University. Thomas is a Certified Information Systems Security Professional (CISSP), Global Industrial Cyber Security Professional (GICSP), and Certified Ethical Hacker (CEH).