ABOUT SECURE IDEAS
Secure Ideas is a dedicated team of experts who are passionate about technology and information security. Our primary objectives are to help companies improve their security postures and train the next generation of security professionals.
Chief Executive Officer (CEO)
Kevin Johnson is the Chief Executive Officer of Secure Ideas. Kevin has a long history in the IT field including system administration, network architecture and application development. He has been involved in building incident response and forensic teams, architecting security solutions for large enterprises and penetration testing everything from government agencies to Fortune 100 companies. In addition, Kevin is a faculty member at IANS and was an instructor and author for the SANS Institute.
Kevin has performed a large number of trainings, briefings, and presentations for both public events and internal training. He is the author of three SANS Institute classes: SEC542: Web Application Penetration Testing and Ethical Hacking, SEC642: Advanced Web Application Penetration Testing, and SEC571: Mobile Device Security. Kevin has also presented at a large number of conventions, meetings and industry events. Some examples of these are: DerbyCon, ShmooCon, DEFCON, Blackhat, ISACA, Infragard, and ISSA.
Kevin is also very involved in the open source community and runs a number of open source projects. These include SamuraiWTF (a web pen-testing environment), Laudanum (a collection of injectable web payloads), Yokoso (an infrastructure fingerprinting project), and a number of others. Kevin is also involved in MobiSec and SH5ARK. Kevin was the founder and lead of the BASE project for Snort before transitioning that to another developer.
In his free time, Kevin enjoys spending time with his family and is an avid Star Wars fan and member of the 501st Legion (a worldwide Star Wars costuming charity organization comprised of and operated by Star Wars fans).
Chief Information Officer (CIO)
Jason Gillam is Chief Information Officer (CIO) at Secure Ideas and an IANS faculty member. He has over 20 years of industry experience in enterprise software development, system architecture, and application security. Jason has spent most of his career in technical leadership roles ranging from startups to fortune 100 companies and has learned the business acumen necessary to advise everyone from developers to senior executives on security and architecture.
Jason co-built and managed an award-winning application security design and testing program at one of the world's largest financial institutions. He also provided numerous application security training and awareness briefings to large internal technical audiences and led the development of best practices code and documentation for the same. Jason is especially passionate about integration of security best practices with the SDLC.
Jason holds his CISSP and has conducted training and talks at numerous information security conferences including OWASP® AppSecUSA, Charlotte-Metro ISSA Summit, multiple BSides events (CLT, CHS, AVL, OKC), Hackfest (Canada), Carolinacon, and more. He is also the author of several Burp extensions including CO2 and Paramalizer, and an active contributor to other open-source projects with a current focus on SamuraiWTF.
Denise Johnson is the President of Secure Ideas. She has over fifteen years of experience in business and organizational administration. Denise comes from a career in financial services and customer relations. She is responsible for the day to day operations of Secure Ideas and ensuring this team runs well together.
Principal Security Consultant
Nathan Sweaney is a Principal Security Consultant with Secure Ideas. He has a wide range of experience in networking, systems administration, and development spanning 18 years in IT and more than 10 in information security. Nathan has a considerable amount of experience with point-of-sale environments and managing compliance regulations such as PCI. He excels at finding practical, operationally feasible approaches for businesses to mitigate threats and minimize compliance obligations such as HIPAA and PCI.
Nathan regularly conducts security training, both publicly and privately, including secure coding techniques, network and application penetration testing, and more. He has spoken at security events such as DEFCON, BSidesLV, ShowMeCon, and the FBI’s Information Warfare Summit, as well as a wide variety of industry-specific events. He’s one of the core organizers of BSidesOK and serves on the board of directors for ISSA Oklahoma, OWASP® Tulsa, and the Hackers of Oklahoma Enterprises Syndicate.
He has held the GPEN, GWAPT, and GAWN certifications.
Principal Security Consultant
Before coming to Secure Ideas, Eric spent close to 20 years working with Microsoft infrastructures for large Fortune 100 companies. Since its release, his core focus has been Active Directory. He was the technical leader and responsible for the engineering and architecture of one of the most complex and largest AD infrastructures used by one of the world’s largest banks. This included ongoing maintenance and major enhancements of not only a highly secure authentication environment, but also of all the supporting tool sets required to monitor its health and integrity.
This experience has given Eric a very strong knowledge of a variety of Microsoft products and best practices.
Senior Security Consultant
Mic is a perennial open-source contributor, having guided the Musashi and the Client Script Injection Kit (CSIK) projects, in addition to his contributions on SamuraiWTF and Arrrspace. He also strongly believes in providing quality developer training and has provided accessible public classes at a number of conferences. Mic’s class topics have included secure coding, advanced web proof-of-concept development, and attacking and securing microservice API architecture.
When he finds a moment of spare time, Mic enjoys experimenting with sophisticated cross-site scripting payloads, building computers, and trail running.
Senior Security Consultant
Bill McCauley is a Senior Security Consultant with Secure Ideas. He is a USAF Veteran and has worked with various electronics and IT systems over the past 18 years. His background covers a wide variety of industries including DoD, Healthcare, Education, Energy, and Security.
Bill has a strong interest in security, system administration, and training. His work experience includes system administration of various DoD and Healthcare systems within both Unix and Windows environments. He taught several Health IT classes for Lake Region State College. He has also spent a few years working with NERC CIP Compliance.
Bill holds a Bachelor of Science in Management/Computer Information Systems from Park University.
Senior Security Consultant
Travis Phillips is a Senior Security Consultant with Secure Ideas. Before joining Secure Ideas, he worked in the medical field as a data analyst & web/software developer before moving on to information security doing SOC work. He later moved on to product security testing for embedded systems on several architectures and device types. Travis also enjoys CTF’s & wargames for hacking challenges as a pastime.
Travis has developed a strong skill set towards application security as a result of both working in the development and security fields, reviewing the security of applications in both roles. Travis enjoys teaching at local professional groups and conferences when he can and building tools to make security testing faster and easier.
Senior Security Consultant
Jon has over 20 years of industry experience in systems administration, infrastructure architecture, and technical leadership. During that time he has worked for organizations in Financial Services, Healthcare, Big Data Analytics, and the Oil & Gas industry. His mix of technical and business leadership experience gives him an empathetic understanding of the balancing act most IT organizations face.
Larry Franklin is a 20 year US Navy Veteran with a reputation for attention to detail and high quality workmanship standards. His work history and life includes a personal demand for integrity, safety, quality standards and worthiness. Larry brings to Secure Ideas a strong background in electronics, physical security, and operation of encryption embedded devices. He also has experience and skills in interpreting and compliance with blueprints, engineering drawings, technical directives and is proficient in multiple computer platforms.
He has hands-on experience with electronics troubleshooting, network, wireless testing, web app testing, network vulnerability assessment and configuration of network servers running in a virtual environment.
Business Development Manager
Andrew Kates is the business development manager for Secure Ideas. His experience includes more than seven years of significant project management support for client organizations nationwide, effectively managing client expectations across multiple industries. His management experience coupled with his research background brings a unique perspective to the Secure Ideas team. He is continually working to grow the Professionally Evil brand, and the Secure Ideas name.
Andrew works with clients throughout the project life-cycle including Scout Services, penetration testing, security assessments, and other consulting services offered by Secure Ideas.
Andrew earned a Bachelor of Arts degree in History from The University of North Florida.
Ben Faircloth is the Graphic Artist for Secure Ideas, as well as a Scout Analyst as needed.
Ben Faircloth has a background in physical security from working in Law Enforcement for nearly a decade. During this time, he ran control rooms, managed secure facilities, and processed sensitive information. Ben also has a Bachelors of Science degree in Information Technology and Criminal Justice, which he graduated Summa Cum Laude in his class.
His passion is to combine his experience, the things that he learns, and his ability to adapt to provide new and imaginative content for Secure Ideas. In his time at Secure Ideas, Ben worked as part of our Scout Testing team, and was a big part of creating our animated User Awareness and testing program. Ben is also responsible for many of the graphics and art that Secure Ideas uses in their logos, website, promotional materials, and social media. As an Analyst, he provides Scout services such as Network, Web, and User testing and reporting for many of Secure Idea’s clients.
Doug Bigalke is a Security Consultant with Secure Ideas. He performs penetration testing, architecture reviews, and Scout services. Doug has earned a Bachelors of Science in Information Technology. He has performed business analytics and process improvement via Business Intelligence and is currently exploring machine learning. Doug comes to Secure Ideas from 15 years in the healthcare and financial industries and has spent several years developing data warehousing and business intelligence solutions.
Cassie Faircloth is a Scout Analyst with Secure Ideas. She has a Bachelors of Science degree in Computer Animation, graduating with ‘Advanced Achievement’, an award presented to one student per graduating class. Her eagerness to learn new things, her love for technology, and her ability to process data brought her to branch out into the technical side of Secure Ideas’ Scout program. As an Analyst, Cassie provides Scout services to our clients such as Network, Web, and User testing and reporting.
Cory Sabol is a consultant with a background in web development, web research, and machine learning research. He has several published academic research papers on user identification using WebID. In addition to web research he has conducted research work on botnet detection using machine learning.
Cory has done substantial research on the topic of container security, focused primarily on Docker and Kubernetes. In addition to using these skills to identify and exploit misconfigurations during penetration testing engagements, Cory has taught workshops on this topic to other security professionals. He has developed the Harpoon open-source tool for fingerprinting and escaping containers, and led the development efforts on the Arrrspace containerized microservice training target.
He also dabbles in video game development and video game related security.
Alex Rodriguez is a consultant who is passionate about Linux, systems automation, and networking. He is part of several security groups in the Charlotte area that have been paramount to his experiences in security. He loves new challenges, security conferences, and helping out the community and its members in any way that he can.
Ochaun Marshall wants you to become Professionally Evil. He'll push you beyond ethical hacking by sharing his experience from building software in AWS and breaking other people's web apps. He can be found mainlining academic research papers, conspiring with his fellow consultants, and drinking the DevOps Kool-aid while listening to weird music. He covers everything he does professionally with the signature phrase: I code; I teach; I hack.
Jenee Rogers is a Project Manager and Marketing Lead with Secure Ideas. She coordinates projects and training for the company as well as working closely with clients. She also takes care of our social media and content building.
Jenee runs a non-profit Locksport training group, FoxPick, and trains at 16+ conferences per year to raise money for Hak4Kidz. She graduated from UNC Charlotte with a degree in Software Information Systems and a minor in Computer Engineering.
She is a Carolina Panthers fan, is absolutely obsessed with Futurama, and is fluent in American Sign Language.
Jennifer is a security consultant with Secure Ideas with a background in malware analysis, penetration testing, and teaching. She graduated with honors from Florida State College at Jacksonville’s networking program. An avid computer geek for most of her life, she began her journey in cybersecurity as a SOC Analyst where she showed an aptitude for both penetration testing and malware analysis. She was quickly promoted into a role that capitalized on her abilities. She has experience performing penetration tests against web applications, mobile software and platforms, and social engineering.
Jennifer discovered a passion for computers and problem solving at a young age. She bought Steal This Computer Book 2.0, by Wallace Wang, with one of her first paychecks, and became enamored with hacking and cyber security. While pursuing her degree she dedicated time to teaching computing skills to underrepresented minorities. She is the co-leader for the TOOOL chapter in Jacksonville, FL. Jennifer continues to be passionate about teaching and is eager to share her knowledge with anyone who will listen.
In her free time, she likes gaming, playing around with SDR’s, and painting.
Jessie is a 20-year U.S. Marine Corps veteran that was in the transportation maintenance industry. She is a highly organized, self-driven, and exceptional leader. While in, she received many certifications to include her Department of Labor maintenance mechanic (any industry) and counseling (kindred). She additionally trained and advised personnel to utilize the newly adopted integrated web-based automated logistics system by Oracle within the logistics community.
After her military career, she started college to adventure in another interest, computer networking, along with managing and operating her e-commerce business by selling new, pre-owned, and handcrafted woodworking goods. She then completed her A.S. in Business Administration and B.A.S in Computer Networking at FSCJ. Along her newfound journey, she studied and worked on hardware and software configurations, information security, server configurations, VMware, system integrations, software defined networks, convergent technologies, and application security/testing.
Kathy Collins is a Security Consultant at Secure Ideas. She assists with penetration testing, Scout services, and the Open SBK project. Kathy studied Cybersecurity at Fullstack Academy New York, holds a CompTia Security+ certification and is studying for the CISSP exam. Kathy’s background consists of 20 years of non-profit, education and corporate experience in the hospitality industry and she holds an A.A.S. in Culinary Arts from Le Cordon Bleu Chicago. She enjoys writing, 80’s horror movies, the outdoors, hands-on projects, cooking, and is currently in the planning phase of building a home theater.
Training Coordinator (Goose)
(December 2020) Kevin: El, write a bio.
El of 2020, so young and naive: Yeah, definitely, I am on it.
(September 2021) El: ah.
El McCarthy is a Training Coordinator and Designer with a background in Fine Art and UX/UI. They enjoy many things from gaming to painting, and are very bad at writing bios about themself. El is learning Mandarin and is proficient in American Sign Language.
Brenna has a year of accounting experience and is now learning Project Management. She is continually is trying to learn new, exciting, and challenging things. In her spare time you can find her reading fantasy novels and listening to music.