Professional activities and areas of interest
Eric has been involved with information security in one form or another since 2004. He has an extensive background in penetration testing with a focus on web application security. He holds several certifications; Offensive Security Certified Professional (OSCP), Certified Penetration Testing Engineer (CPTE), GIAC Web Application Penetration Tester (GWAPT), Certified Information Systems Auditor (CISA).
In 2005 he graduated from Ferris State University with a B.S. in Computer Information Systems and in 2009 he completed a Masters in Business Administration with highest distinction while completing an advanced studies in information security and network management certificate.
In 2006 Eric joined the University of Michigan as systems administrator where he managed a farm of webservers, developed reusable code for web-based LDAP authentication, designed a tiered automated deployment system, and trained web developers in secure web application development best practices. He also held monthly training sessions that focused on web based security threats and mitigation strategies.
From 2009 to 2011 Eric joined the U-M College of Literature Science and Arts as an IT Asset Manager and Security Administrator. During this time, he managed to right size their software spend, developing a consortium across 19 schools and colleges, and bringing their software licensing use into compliance.
From 2011 to 2017 Eric joined the U-M internal audit department as an Information Technology Auditor. As a Certified Information Systems Auditor Eric examined controls around academic, administrative, research, and healthcare operations; and assessed risks related to HIPAA, PCI-DSS, FISMA, ITIL, FERPA and other regulations. Eric has extensive experience in evaluating risks related to incident response programs, intrusion prevention processes, and information assurance management.
Eric joined CBI in 2017 as a Senior Penetration Tester where he hit the ground running using his expertise in web and mobile application assessments.
At the 2016 SANS Crystal City conference, Eric won the SEC542 Web Application Penetration Testing CTF Challenge Coin. He is a regular contributor to local security organizations and conferences, and has presented to the Michigan Cyber Civilian Corps (MiC3), and the Association of Colleges and University Auditors.
- MBA Business, Information Security and Network Management, Ferris State University, 2009
- BS Computer Information Systems, Ferris State University, 2005