Our Distinguished Staff of Network Security Consultants

Jonathan G. Gossels, President & CEO
ISACA/CISM ISACA/CRISC

Jonathan is President of SystemExperts™ Corporation, a network security consulting firm specializing in IT security and compliance. He plays an active, hands-on role advising clients in compliance, technology strategies, managing complex programs, and building effective security organizations. Jonathan brings a business focus to this work, balancing all technical initiatives with business requirements and impact.

Prior to founding SystemExperts™, Jonathan built the Consulting Services operation for OpenVision Technologies (now Veritas). Before that, he was the Director of Business Development and Business Area Manager of Interoperability for the Open Software Foundation (OSF). In that role, Jonathan initiated and led the Distributed Computing Environment (DCE) project from its inception through its three major releases.

Jonathan is frequently quoted on the emerging challenges as well as best practices in information security in leading publications such as ComputerWorld, Information Week, CSO Magazine, Wall Street & Technology Magazine, and InfoWorld. He is also a regular contributor to SC Magazine, Information Security Magazine, and the ISSA Journal.

Jonathan has served on the editorial advisory board of Information Security Magazine, as technical advisor to Dateline NBC, and has been a guest on CBS news radio.

Jonathan is a graduate of Yale University and MIT's Sloan School of Management.

---

Brad C. Johnson, Vice President
ISACA/CISM, ISACA/CRISC, NSA/IAM

Brad Johnson is Vice President of SystemExperts™ Corporation. He is a well-known authority in the field of distributed systems and is a frequent speaker on the subjects of security standards, penetration testing, middleware, and practical intrusion detection. He has participated in seminal industry initiatives including the Open Software Foundation (OSF), X/Open, and the IETF, and has published extensively about open systems.

Brad is frequently quoted in business and technical publications such as SC Magazine, Wall Street and Technology, ISSA Journal, and IT Security Magazine. He has also served as a technical advisor or contributor to Dateline NBC, Information Security Magazine, Internet World, ISSA, WatchIT, and CNN.

At SystemExperts™, Brad has pioneered innovative methodologies and operational practices that enable our clients to use penetration testing, event management, and protocol-oriented infrastructure analysis to vastly improve their level of effective security at the lowest possible cost.

Prior to joining SystemExperts™, Brad was one of the original members of the OSF DCE Evaluation Team. He was also the engineering project manager to complete the actual integration of those technologies and the project leader for the first three major releases.

Brad holds a Bachelor of Arts degree in Computer Science from Rutgers University (Magna Cum Laude) and a Master of Science degree in Applied Management from Lesley University (Summa Cum Laude).

---

Peter S. McLaughlin
Vice President of Business Development

Pete McLaughlin joined us from Accenture, where he was the North America Sales Director for its security practice. This is his second tour with SystemExperts.

Pete has helped organizations of all sizes identify solutions to their specific challenges and scope engagements that meet their unique needs. He sees himself as an extension of his clients' teams, prides himself on being easy to work with, and knows that responsiveness, thoroughness, and consistency are cornerstones of trusted relationships.

Pete's sales career started in the S/390 world at Amdahl Corporation where he was responsible for all new accounts in Georgia. From there, he opened the Northeast territory for angel backed start-up INSUREtrust, the first company globally to provide Electronic Information Error and Omissions Insurance Policies (Breach of Security Insurance) combined with security risk assessments.

Pete lives in New Hampshire, has three boys including identical twins. He was drafted by the National Hockey League's Pittsburgh Penguins, won the 41st annual Beanpot, and toiled in the minor leagues for the Detroit Vipers and Baton Rouge King Fish.

Pete has a BA in History from Harvard University.

---

Paul Hill, Senior Consultant

Paul Hill has worked with SystemExperts as a principal project consultant for more than twelve years assisting on a wide range of challenging projects across a variety of industries including higher education, legal, and financial services. He joined SystemExperts full time in March, 2012.

Paul joined the IT Department of the Massachusetts Institute of Technology in 1991. During his tenure, he has played a leadership role in the evolution of identity services for the Institute and the industry as a whole. He is also recognized as one of the industry's foremost experts in Microsoft technology.

Paul was responsible for the evolution of MIT’s identity services. He led the project to design, deploy, maintain, and support MIT’s Shibboleth infrastructure and MIT’s central authorization management system, known as Roles. The support included consulting with business teams on campus, working with multiple teams to improve and enhance MIT’s LDAP system, and to improve and streamline the provisioning of new hires and new students.

Paul built and led the team responsible for the creation and development, initial deployment, and ongoing operations of MIT’s central Windows Active Directory domain. The domain was integrated into MIT’s existing identity services including the campus Kerberos infrastructure and centralized group management and campus DNS. The team worked extensively with Microsoft’s internal developers on Kerberos interoperability issues, and provisioning AD from external sources. The team was also involved in the evolution of the AFS client for Windows and created the first test suite for the AFS client on Windows. He also worked with many colleges and universities and the MIT Kerberos team to resolve cross-real interoperability issues.

Paul was also instrumental in the creation of the Kerberos Consortium, including the development of the initial business plan. He also plays a leading role in the development of Internet2 specifications, including ongoing participation in the Middleware Architecture Committee for Education, particularly the MACE Privilege Management and Access working group (MACE-PACCMAN).

Paul continues to participate in the IETF; he served as Steering Committee Chair of the Calendaring and Scheduling Consortium and contributed to several of the drafts created by the calendaring and scheduling working group.

Paul attended Syracuse University and later Northeastern University, studying Aerospace and Mechanical engineering.

---

Michael Sullivan, Senior Consultant
CISSP, GCIH, CEH, GSEC, ICC

Michael Sullivan is a Senior Consultant with SystemsExperts based out of the greater Philadelphia, Pennsylvania area. Michael has been directly involved with information security since 2005 and, in conjunction with his prior 15 year of application design and development, he bring a unique insight to application security. Michael’s main concentration has been in application security testing but he also has great depth of knowledge in secure application architecture, design and development. Michael came to SystemsExperts from the financial industry where he performed Penetration Tests, Security Code Reviews as well as developed and presented Security Awareness for Application Developers courses in his role of Director of Application Security.

Michael holds a Bachelor of Science degree in Electrical Engineering from Temple University in Philadelphia, Pennsylvania.

---

Jason Rhykerd, Consultant
CISSP/CHFI

Located in Pennsylvania, Jason Rhykerd, CISSP, is a security professional with 10 years of experience in assessing, analyzing, and auditing IT security risk. Jason has worked in multiple industries including healthcare, manufacturing, nuclear power generation, and government.

Jason is an accomplished application designer and developer. This experience serves as a foundation for his effectiveness at web and application penetration testing. Other areas of expertise for Jason include network penetration testing, incident response, security awareness training, and risk analysis.

Jason is a popular speaker on topics such as Penetration Testing/Hacking, Social Engineering, and Web Application Security. Jason takes pride in delivering exceptional service to his clients and uses his “out of the box” thinking to help them solve security challenges in their unique business context.

Jason holds a Bachelors of Science degree from the University of Pittsburgh and has continued professional training in: Firewalls and Perimeter Security, Malware, Secure Web Application Development, and Network Penetration testing. He is a Certified Information System Security Professional (CISSP) and Certified Hacking Forensics Investigator (CHFI).

---

Alexander Chaveriat, Consultant
OSCP/OSWP/WST

Alex Chaveriat is a security consultant with SystemExperts specializing in application security.

Alex’s passion for information security spans from the physical layer to the application layer. Alex approaches projects with new and innovative ideas, works and collaborates with existing security staff, and loves to share his excitement for security. Alex has extensive experience performing vulnerability and penetration tests against all types of systems and software.

Prior to SystemExperts, Alex worked for General Electric on the Corporate IT Risk Team uncovering vulnerabilities within GE products and internal software. Alex led and participated in small and large scale security assessments approaching tasks as an adversary or as a security architect. These assessments were across many platforms including GE client/server applications, web applications, HMIs, embedded systems, SCADA equipment, smart grid technologies, and more.

Along with actively contributing to industry security groups and conferences, Alex volunteers his knowledge to a few non-profit organizations, helping secure systems that would otherwise remain vulnerable to attack.

Alex holds a Bachelors of Science degree in Network Security and is an Offensive Security Certified Professional (OSCP), Offensive Security Wireless Professional (OSWP), and a Wurldtech Systems Certified Achilles Tester (WST).

---

Jeff VanSickel, Senior Consultant
ISC2/CISSP, PCI/QSA, ISACA/CISM, Cisco Certified Network Architect (CCNA)

Based in the Philadelphia area, Jeff VanSickel is a seasoned Information Security Professional with over 20 years’ experience in the areas of Information Security, Information Technology, Audit Compliance, Risk and Project Management. He is highly knowledgeable about US Federal and State Law (including SOX, HIPAA, GLBA and Breach Law), US Regulations, ISO-27001/2, NIST, and PCI-DSS.

Just prior to joining SystemExperts, Jeff was Director of Information Security Policy and Audit Assurance for Barclays Bank Delaware, a large US credit card issuing bank. This position enabled Jeff to gain in depth exposure and insight into ongoing development, implementation and enforcement of controls for the bank, its bank vendors and partners.

Before Barclays, Jeff was Vice President of Vendor Control & Information Protection for MBNA America/Bank of America where he established controls over external sharing of sensitive customer data with 3rd party vendors to ensure compliance with federal laws, state legislation such as SB1386, OCC and Payment Card Industry (PCI) requirements.

Jeff provided on-site management of individual engagements while at Deloitte & Touche,. He developed Standards for Information Security and IT for an upcoming broker-dealer ECN (Archipelago) and a large packaged goods company (McCormick Products). He developed & taught OCC, FFIEC and NCUA IT audit training for over 900 credit union auditors. He led GLBA, OMB-A-130 and FISMA audits for numerous private and public companies including a $41 billion private investment company (Bessemer Group Inc.), the Federal Reserve Bank headquarters, World Bank and the Pension Benefit Guarantee Corporation, which protects $44 million worker pensions. He also developed a compliance strategy for a bio-technical company (Chrysalis Technologies) based on FDA (21 CFR 11), Export Administration Regulations (EAR), Good Laboratory Practices (GLP), ITAR and HIPAA.

While in the Credit Card Division of Fleet Bank, Jeff established and managed the Information Risk Management function emphasizing security policy enforcement and the implementation of technical, operational and management security controls.

Jeff is a CISSP and has a Bachelor of Science in Electrical Engineering and a Master’s of Engineering in Computer Science.

---

Mark Huss, Senior Consultant

Mark Huss is a Senior Consultant with SystemExperts and is based near Philadelphia, PA. Mark has been working in information security since 2005, performing security reviews, conducting penetration testing, and educating development staff. He has worked extensively with web-based, client-server, and mobile applications. His expertise covers both Linux and Windows environments.

Prior to joining SystemExperts, Mark worked at JPMorgan Chase. He helped establish its first internal security testing team, performed testing, and later lead the internal penetration testing team.

Mark worked in application development and management for ten years at JPMorgan Chase prior to his switch to information security.

Prior to working at JPMC, Mark worked for Icon Solutions, a small consulting company based in Conshohocken, PA, doing software development primarily for financial institutions. Mark has done work in x86 assembly language, C, C++, and Java. He has familiarity with many other languages and environments.

Mark attended Drexel University in Philadelphia where he studied Electrical Engineering.

---

Robert Shullich, Consultant
CPP/CISSP/CISA/CISM/CGEIT/CRISC/CIPP/CEH

Robert brings to the table over 35 years of experience in the areas of Internet, IBM Mainframes, Networking, and Server and Desktop systems covering responsibilities in Computer Operations, Administration, Technical Support, Systems & Application Programming, and Physical and Information Security. Among his several areas of specialization are a focus on IT Risk Management, security architecture, policy compliance, regulatory compliance, vulnerability assessments, and the building security policies and security programs.

Prior to joining SystemExperts, Robert was a Senior Security Advisor at Bowne, a service provider in the financial industry. As a main responsibility he served on the SDLC board to review projects and identify risk, and then worked as the Security Architect in order to help the organization in addressing those risks. Prior to Bowne, he worked for the Securities Industry Automation Corporation (SIAC), which was the data processing center of the NYSE and AMEX, he served as a director in charge of Desktop, Server and LAN administration, and prior to that he was a Senior Manager at SIAC in charge of the IBM VM Systems Programming Group.

Robert graduated from the College of Staten Island (CUNY) with a B.S. and M.S. in Computer Science (With Honors), Baruch College (CUNY) with a MBA in management, NYU-Polytechnic University with a M.S. in Telecommunications Networks. He is currently attending John Jay College of Criminal Justice (CUNY) and is enrolled in the M.S. in Forensics Computing and Cyber Security program.

Robert holds many industry security certifications, including certifications issued by ASIS International, the International Information Systems Security Certification Consortium (ISC)2, Information Systems Audit and Control Association (ISACA), The International Council of Electronic Commerce Consultants (EC-Council), The Computing Technology Industry Association (CompTIA), The International Association of Privacy Professionals (IAPP), and the System Administration, Networking, and Security Institute (SANS).

---

Nancy B. Zanga, Project Manager

Nancy Zanga serves as the Project Manager for SystemExperts and works closely with the Vice President of Business Development to ensure each project meets and ideally exceeds the client’s expectations.

Nancy is a seasoned professional who brings over two decades of experience providing outstanding planning, coordination, and execution of consulting projects. Clients appreciate her responsiveness, clarity, professionalism, and ability to shepherd multiple projects to successful completion.

Before joining SystemExperts in February of 2012, Nancy worked with a national fundraising- consulting firm for over 15 years. During her time there, she fulfilled a variety of roles including all coordination and communication between the consulting team and the firm’s clients including The National Geographic Society, Vassar College, Rensselaer Polytechnic Institute, Museum of Fine Arts Boston, Scripps Research Institute, and the New York Public Library.

Nancy resides in New Hampshire and has two daughters. She also has served on numerous non- profit boards and committees within her community.

---

Erin White, Principal Project Consultant

Erin White is an IT manager specializing in risk, security and compliance. A highly skilled and experienced leader, she focuses on helping organizations to identify and close security gaps, mitigate information technology risks and achieve regulatory compliance.

Erin demonstrates confident leadership, employing skillful oral and written communications to expertly direct and motivate diverse domestic and international teams. She had end-to-end responsibility for the development and execution of a global network perimeter security product strategy for a U.S. Fortune 20 financial firm. The strategy included several highly visible and successful security programs, including projects that deployed intrusion detection systems, refreshed and consolidated virus management infrastructure, consolidated firewall infrastructure and aggregated state and event monitoring information to form a comprehensive picture of the firm's security and compliance posture.

Erin is a CISM (Certified Information Security Manager) and a member of ISACA's South Florida Chapter.

Erin earned her BA in Psychology from Dowling College in New York and is currently completing graduate studies in Compliance at Florida Gulf Coast University.

---

Lynne Heitman, Principal Policy Consultant

Lynne Heitman is a policy consultant and communications specialist at SystemExperts. She has over twenty years of professional experience in finance, line management, human resources, and policy development for large, small, union, and nonunion organizations. Most recently, Lynne has worked as an independent business analyst and consultant turning difficult, complex, or abstract material into clear, accessible, and audience appropriate communication.

Her extensive work in the financial services industry includes the development of business requirements for an anti-money laundering case management tool for a global correspondent bank, the implementation and documentation of an executive compensation system for a Wall Street investment firm, and the design of a shareholder communications process for a major mutual funds company. She also upgraded the treasury operating manual for an agency of the United Nations, bringing it to industry standards and repurposing the content for online use.

Other projects include the development of a comprehensive ISO 27002 compliant security policy manual for a company providing secure, Web-based patient-transition networks to healthcare organizations, and the revision of a master Administrator’s Guide for the flagship product of a business continuity software development firm. The polished, customer-facing document is now used by the company for client training and is provided to customers as part of the product package.

Lynne spent fourteen years at AMR Corp / American Airlines in finance, operations, and leadership training. She later worked as the Vice President of Human Resources and the Chief Financial Officer for a $120 million nuclear engineering services firm. She is also the published author of a series of four thrillers.

She has a Master of Business Administration and a Bachelor of Business Administration, both from Southern Methodist University in Dallas, Texas.

---

Visit our blog