Lares Engineering Team

Lares Engineering Team


Mike Guthrie (he/him)
Managing Director of Security Services
Oregon, United States

Mike is an accomplished security expert with over 25 years of experience in cybersecurity, including penetration testing, red teaming, application security testing, software development, and policy writing. He utilizes this expertise to assist his team and clients in achieving their goals and objectives during projects. Mike is a frequent attendee and speaker at security conferences, such as DEFCON and the IAEA Conference on Nuclear Security. As the Managing Director of Security Services, he is responsible for the management and strategic direction of all aspects of service delivery to Lares’ clients. Mike has experience working in both the public and private sector, including various senior and leadership roles at Accenture, Cylance Inc, and the US Department of Energy. Mike is currently sitting for his MSc in Software and Systems Security at Oxford University.

Andy Gill (he/him)
EU/UK Adversarial Engineering Lead
Scotland, United Kingdom

Andy is a renowned expert in offensive security engineering with over 12 years of experience in security consulting, technology, information risk, and data forensics. He heads up Lares’ European Adversarial Engineering Team. A valued contributor to open source projects, regular presenter at security conferences in the UK, EU and internationaly, author of Learning the Ropes 101 & 102 and he also volunteers at DEFCON as a Goon and is the co-founder of DC44141 aka Glasgow's Defcon Chapter. Andy holds several certifications such as Xintra’s Attacking and Defending Azure and M365, CRTO, OSCP, complemented by a BEng in Digital Security, Forensics, and Ethical Hacking, he has also previously held CREST and CHECK certifications. When he’s not hacking all the things, Andy can be found traversing the scenic roads of Scotland, capturing its raw beauty through his lens. His photographs share snapshots that juxtapose the complexity of urban city night photography with the tranquility of nature, showcasing his ability to find balance in the midst of chaos.

Brendan Hohenadel (he/him)
N. America Adversarial Engineering Lead
Ontario, Canada

Brendan got his beginning in desktop support before moving over to security, first as defense before switching sides for offensive security. His current focus is malware development and payload delivery, as well as scouring enterprise networks for vulnerabilities, misconfigurations, and loot. Brendan has a bachelor’s degree in Computer Science and CISSP, OSCP, and OSCE certifications. He has presented at DefCon416, BsidesTO, and has participated in C3X. In his spare time, Brendan enjoys practicing a variety of martial arts, reading comic books, playing video games, and gardening.

JD Mitchell (he/they)
Project Management Lead
Oregon, United States

JD is an accomplished project manager with nearly 10 years of experience managing and leading projects across various contexts, including research, assessment development, linguistics, education, and cybersecurity. He uses his interdisciplinary experience to inform his practices around management, documentation, communication, strategizing, creating sustainable processes, and supporting clients and colleagues. At Lares, JD leads the Project Management Office and works closely with project managers, engineers, and clients to ensure the successful completion of security services. He graduated with a BA and MA in Applied Linguistics from Portland State University (Portland, OR) and holds a Project Management Professional (PMP) certification. Before joining Lares in 2023, he was a Project Manager at Portland Public Schools, Inclusion Researcher at the University of Wisconsin-Madison, and taught ESL, academic writing, and cultural studies in various academic settings.

Chris Pritchard (he/him)
Principal Adversarial Engineer
England, United Kingdom

Chris has worked in a range of industries, most notable of which are Critical National Infrastructure (CNI), and leading edge design and manufacturing (Dyson). Doing so has given Chris a very varied array of knowledge, from penetration testing robot vacuum cleaners, to designing and testing secure ICS/OT networks. During Chris’ time at Dyson, he was involved in developing the global security team and performing internal penetration testing. Chris was also heavily involved with securing the design of Dyson’s current and future internet connected appliances, and corresponding smartphone applications. Chris is an Adversarial Engineer (aka penetration tester) at Lares which involves him acting and thinking like a genuine attacker to compromise client networks. Chris’ skill set also includes Social Engineering, and he has successfully gained access into CNI, Airports and Casinos, which are regarded as some of the most secure facilities in the industry. Chris has been lucky enough to have spoken at DefCon twice, and many different BSides' across the country.

David Storie (he/him)
Principal Adversarial Engineer
Ontario, Canada

Dave got his start in IT working as a Systems Administrator learning to deploy, manage and maintain enterprise networks before pivoting to offensive security. Dave has performed a variety of security testing throughout his career with the majority of his security career focused on conducting full scale Red Team operations. He holds OSCP and OSCE certifications and has spoken at BSides Toronto and multiple student groups in the Greater Toronto Area about working in Information Security.

Lares Engineering Team

Louai Abboud (he/him)
Senior Adversarial Engineer
Ontario, Canada

Louai started his career hunting cybercriminals as a Threat Hunter at Bell Canada before transitioning into his current role as an Adversarial Collaboration Engineer at Lares. He specializes in purple teaming, detection engineering, threat hunting, and incident response. An avid programmer, Louai loves to automate everything at work (much to the merriment and jubilation of his teammates) and in life (as proof, he uses an electric toothbrush). Louai also loves solving problems with data and common sense, and is a big Jupyter ecosystem enthusiast. Finally, Louai believes in giving back to the cybersecurity community by contributing to meetups and events such as ISSessions, C3X, and SecTor. Outside of work, Louai loves to dance, travel, listen to music, write poetry, play poker, and hang out with his outrageously beautiful but undeniably annoying friends whom he loves very, very much.

Mark Arnold (he/him)
VP of Advisory Services
Massachusetts, United States

Mark Arnold has a 15+ cybersecurity career, serving 8 of those years in leadership roles. As a transformational leader, Mark has built security teams and programs, authored maturity model blueprints to optimize risk management processes, and implemented security domain practices at large enterprises and service providers. Mark’s areas of interest include cloud security, threat intelligence, and vulnerability research, nation-state attack methods and related activities (e.g. information operations and disinformation campaigns) and their collective impact on nations and society. Mark recently completed an executive education cohort on the intersection of cybersecurity and technology at Harvard’s Kennedy School.

Jamie Borskey (they/them)
Adversarial Engineer
Washington, United States

Jamie has been a security consultant since 2012, and focused on manual secure code review since 2014. They studied language and literature as an undergraduate. Close reading and context are more important to interpreting poetry and source-code than authors’ intention. Barthes argues, assigning a single interpretation to a text "is to impose a limit on that text." Dullien argues software intends to define a finite set of reachable computational states. However, regardless of intention, defects in code can provide for “weird machines” that expand the set of reachable computational states. Secure code review is the practice of discovering defects that may be used to reach unintended computational states via exploitation.

Ben Goodman (he/him)
Adversarial Engineer
Tennessee, United States

Ben got his start in computer repair before working his way into IT Support and Network Administration. Ben spent roughly eight years working general IT in the retail, energy, and healthcare sectors before discovering the world of offensive security. He jumped in with both feet aggressively pursuing and achieving the OSCP and never looking back. Ben has close to a decade of collective testing experience, resulting in a well-rounded skill set for almost any engagement. In his free time, Ben enjoys spending time with his family, hitting the gym, and pursuing his plethora of geeky hobbies such as Dungeons and Dragons and miniature painting.

Kaitlyn Hall (she/her)
Project Manager
Colorado, United States

With over five years in management, Kaitlyn possesses a robust skill set acquired from both managerial and sales roles. Specializing in process optimization and client relationship management, she is dedicated to ensuring exceptional client experiences. As a member of the Lares Team, Kaitlyn collaborates closely with the engineers to uphold cybersecurity project deadlines and ensures smooth project execution from inception to completion. A graduate with a BA in World Literature, Kaitlyn augmented her academic achievements with minors in various disciplines. As a guest lecturer, she has spent time both in classrooms and presenting her writing at various symposiums. Prior to joining Lares, she was the General Manager of Continental Divide Winery in the mountains of Colorado.

Lee Kagan (he/him)
Consultant
Ontario, Canada

Lee is specialized in research and analysis to assist organizations in assessing security controls, training customer internal offensive and defensive engineers, and security program maturation exercises and assessments. He is experienced in offensive tool development, threat hunting, detection engineering, evasion and bypass research, malware analysis, Active Directory security, Microsoft Windows internals & security, and Microsoft Azure security.

Lomar Lilly (he/him)
Adversarial Engineer
Jamaica

Lomar brings a wealth of expertise across diverse areas in Cybersecurity, such as threat modeling, malware analysis, reverse engineering, wireless infrastructure exploitation, and penetration testing of networks, web, and mobile applications. Making the transition from a Software Engineer to a seasoned Cybersecurity professional, Lomar holds a Masters in Cybersecurity and proudly boasts certifications such as OSCP, LPT, and PNPT. Lomar is passionate about the work he is doing and enjoys giving clients peace of mind through his expertise.

Neil Lines (he/him)
Senior Adversarial Engineer
England, United Kingdom

Neil Lines is an offensive security, red team specialist, with over ten years’ experience in performing internal, external infrastructure, web application, social engineering, and red team engagements. Before specializing in security Neil worked for over four years in IT engineering roles including desktop, networking support and design. Neil regularly performs guest lectures on penetration testing and has spoken at many security conferences. Over the years Neil has collected over nine industry recognized IT certifications from the likes of CREST, Tigerscheme, EC-Council and Cisco.

Darryl MacLeod (he/him)
vCISO
Nova Scotia, Canada

Darryl worked in various IT support roles before moving over to security, where he currently focuses on strategic cybersecurity leadership, risk assessments, security program development, and incident response solutions. Darryl holds CISSP, CISA, CISM, Associate CCISO and PCIP certifications. He has presented at numerous conferences, including BSides St. John’s, GoSec, and Texas Cyber Summit. He sits on the Board of Directors for AtlSecCon and was the lead organizer for BSides Cape Breton.

Nick Maike (he/him)
Adversarial Engineer
Michigan, United States

Nick is a skilled hacker with a passion for cybersecurity. He enjoys all things security related including Active Directory attacks, external penetration testing, web and cloud testing, malware development, EDR evasion, social engineering, and more. He loves learning new things and honing skills. Outside of work, he is a dedicated strength athlete and enjoys being outside. Nick has a bachelor's degree in Information Security and Intelligence and holds several certifications including the OSCP and OSEP.

David Manuel (he/him)
Associate Adversarial Engineer
Scotland, United Kingdom

David has spent many years building a career in cyber security. Whilst cutting his teeth on delivering Cyber Essentials Plus certifications to companies across the UK, David was busy honing his Appsec and Infrastructure testing skills before moving full time to penetration testing roles. David also co-hosted a security podcast with Andy Gill for a number of years. Enthusiastic about hacking, learning and helping organizations improve their security posture, David works hard to deliver exceptional service. Outside of security he is an avid photographer and amateur musician.

Aidan Mitchell (he/him)
Senior Adversarial Engineer
England, United Kingdom

Aidan has worked across both offensive and defensive security disciplines for almost a decade. This included several years in the fintech space, exposed to the rapidly changing world of DevOps, containerisation, and cloud security. His focus in recent years has been on developing effective tradecraft for targeting cloud- and SaaS-native enterprises. He works to a mantra of building before you break, spending considerable time developing, implementing, and deploying the technologies used by the industry to guarantee an intimate familiarity with the problems that clients face.

Teresa Parish (she/her)
Project Manager
Colorado, United States

Teresa is a certified Project Management Professional (PMP) with over 15 years’ experience in project management and coordination with a focus on IT/IS/Healthcare industries. She enjoys establishing excellent working relationships with clients, employees, vendors, and contractors. She works to provide clients with the necessary support from project initiation to delivery, ensuring customer success. She is also highly adaptable and focused on results, with a proven record of achieving successful projects. Previously, she was a Project Coordinator at Alternative Technology and Arrow Electronics and a Project Manager at Solutions II and Cappella Living Solutions before joining Lares in 2018.

Raúl Redondo (he/him)
Senior Adversarial Engineer
Madrid, Spain

Raúl is a specialist in offensive security with more than 7 years of experience. While he has experience in various fields, such as web and mobile audits, social engineering campaigns and cloud pentests (AWS, Azure, GCP), he has specialized in red/purple team projects, being passionate about Windows and Active Directory. Raúl holds several certifications, including Xintra's Attacking and Defending Azure and M365, CRTO, OSCP, OSWE, OSEP, OSWP, among others. He also serves as an associate professor in Master's Degree in Cybersecurity and Information Security from Castilla-La Mancha University. He consistently aims to add extra value to projects by thinking outside the box. Raúl enjoys spending time with his family, practicing sports, playing video games, watching movies, and hiking.

Mike Sanders (he/him)
Associate Adversarial Engineer
South Carolina, United States

Mike left a career in logistics to transition into cybersecurity. Before joining Lares, he combined his two passions, cybersecurity and travel, by collecting bug bounties while traveling the world. He has a bachelor’s degree in cybersecurity and an OSCP certification and enjoys the challenge of constantly learning new techniques to stay relevant in the field. In his free time, Mike enjoys exploring new cities, scuba diving, 3D printing, cooking, and hanging out with his dog Milo.

Felipe Solferini (he/him)
Senior Adversarial Engineer
England, United Kingdom

Felipe’s core skills involve web application, API, infrastructure, compiled application and hardware/IoT penetration testing, with a good understanding of cryptography, electronics and “the binary world”. He has a BSc in Computer Science, and an MSc in Cyber Security and Forensics, and holds multiple certifications such as OSCP and OSCE. He enjoys finding creative and sometimes overly engineered solutions to challenging problems.

Steve Spence (he/him)
Senior Adversarial Engineer
Northern Ireland, United Kingdom

Steve is an experienced adversarial security engineer and penetration testing team leader. Having worked across multiple high-profile sectors such as, GOV, Defence, FinTech, Banking, Medical and Health Insurance, resulted in accumulating over 15+ years of security experience, spanning physical security breaches, cyber security and social engineering. Steve regularly helps develop and deliver targeted penetration testing, scenario-based engagements, while working alongside ‘in-house’ security teams to help mature their security posture. Steve has also attained/held a number of industry recognized security certifications from the likes of ITIL, CompTIA, SANS, Tiger Scheme and GCHQ. In addition to his day-to-day responsibilities, Steve has volunteered at well-known security conferences, such as 44Con, BSides and SteelCon in order to give back to the security community.

Paul Stewart (he/him)
Senior Adversarial Engineer
Scotland, United Kingdom

Paul has over 12 years of experience in IT system administration and transitioned to the security space after gaining Offensive Security Certified Professional (OSCP) in his free time. After several years conducting various offensive engagements in infrastructure and application security, he concentrated his efforts in application security with a keen interest in mobile application security. In his free time, he plays competitive golf.

Luke Turvey (he/him)
Senior Adversarial Engineer
England, United Kingdom

Luke has worked in the security industry since leaving university in 2017 with a bachelor’s degree in Ethical Hacking. He considers himself a generalist hacker and loves to get involved with anything related to breaking security controls. Over the years, he has experienced a wide range of scenarios that have led to tearing apart technologies and finding flaws. This includes flying to different countries and breaking into physical HQs of high value companies. As well as his bachelor’s degree, Luke has certifications from the likes of CREST, AWS, and Offensive Security, to name a few. He also likes to give time to the infosec community and provides free educational content on YouTube. Outside of security, he likes to partake in running events and enjoys being a father.

Alden Vanderspek (they/them)
Adversarial Engineer
Washington, United States

Ravenously curious, driven, and just a little mischievous, Alden began their exploration of hacking at university where they spent their free time collecting bug bounties and teaching others about security. After graduating into an on-prem Red Team, Alden developed a particular talent for compromising anything with a Linux kernel.

Thomas Whitmire(he/him)
Senior Adversarial Engineer
Georgia, United States

Thomas is a highly qualified, trained, and certified ethical hacker with over 10 years of experience in the IT/IS industry. Starting out in the industry researching vulnerabilities affecting millions of Android & iOS devices, Thomas has branched out his skill set over the years to meet the needs of his clients to include network, wireless, and car hacking. Thomas has a bachelor’s degree in Information Security & Assurance and OSCP, and OSCE certifications.

Jonathan Wiggins(he/him)
Adversarial Engineer
Alabama, United States

Jonathan, an inquisitive security enthusiast and penetration tester with over two decades of technical experience, has dedicated the past decade and more to managing, securing, and skillfully navigating through network infrastructure, web applications, servers, and workstations. During this time, he played a pivotal role in leading internal Bug Bounty, Purple Team, and Pentesting programs. His expertise extends to direct experience in pentesting medium to large organizations, covering Network, Active Directory, Azure/AAD, Web Application/API, and social engineering engagements.

Josh Kocher(he/him)
Senior Adversarial Engineer
California, United States

Josh is a software engineer turned hacker who enjoys spending his time analyzing web applications and discovering vulnerabilities. He holds multiple certificates from Offensive Security and a bachelor’s degree in Computer Science from UC Berkeley. In his free time, he can be found playing video games, doing Brazilian jiu-jitsu, or hanging out at the beach with his family.