Meet Our Practitioners
Our team of highly qualified and certified Practitioners have decades of combined assessment, infrastructure, and web application testing experience.
Ben Card
CISO/CTO
Benjamin Card started his career as a Military Intelligence Special Agent in the United States Army, serving in Baghdad, Iraq and USAG, Brussels, Belgium. He went on to become a security focused consultant for PricewaterhouseCoopers (now PwC) in Washington, DC, specializing in everything from compliance audits to computer forensics to penetration testing. Mr. Card went on to become the CISO for Sirsi Corporation (dba, SirsiDynix) for nearly a decade, leading the organization to NIST SP 800-53 accreditation, ISO 27001 certification, and FedRAMP authorization before once again becoming involved in consulting with Webcheck Security. With Webcheck, Mr. Card calls upon his extensive experience to provide Fractional Information Security Officer (FISO) and penetration testing services to a wide range of customers, assisting them with rapid maturation of their security programs.
Nathan Smith
Pen Test Manager
Nathan Smith is a passionate penetration tester and data security analyst. He has held corporate positions and has tested for over a decade. Nathan’s certifications include the OSWP, CEH Forensics, CEH, CCNA, and multiple other certifications. He has a Masters in Information Security, Assurance and a Bachelors in Computer Science; Networking. He also is passionate about teaching, trains promising penetration testers and is in charge of the Webcheck Internship Program.
Brad Lewis
Practitioner, Forensics
With CISSP, OSCP, GPEN, GWAPT, GCIA,CEH +9 additional certifications, Brad Lewis is one of our most credentialed testers and is a Cyber Weapons and Tactics instructor for the Washington Air National Guard. His career in the Air Force and Air National Guard spans 17+ years and includes Cyber Warfare Operations and Cyber Security Specialist positions. Brad also holds AWS Academy Accredited Educator, Cloud Practitioner certifications, certifications in Forensic Analysis, and is an Adjunct Professor of Cyber Security for the University of Maryland. He also has obtained a Master's of Science in Cyber Security Studies and a Bachelor's in Information Systems Security.
Lori Crooks, PM, CISSP, CISA, CISM
CISO
Lori’s deep background includes having managing security and assurance assessment teams at growing cyber firm, A-LIGN, including but not limited to PCI, FISMA, FedRAMP, Penetration Tests, HIPAA, ISO 27001, SOC1 and SOC2. She also served as a Center of Excellence lead for PCI, FISMA and FedRAMP, as well as conducting quality reviews of HIPAA, ISO 27001, SOC1 and SOC2 reports. For a DoD contractor, Lori has:
-
Developed the Governance, Risk and Compliance Program based on NIST 800-53 and 800-171
-
Written the Information Security Policy, and associated policies/procedures
-
Performed DFARS/NIST 800-171 self-assessments on all sites and hubs
-
Worked closely with Project Management Office and Infrastructure & Operations Team to gather audit evidence and develop Plan of Action of Milestones (POA&Ms)
-
Evaluated all evidence provided to meet the NIST 800-171 controls
-
Created the System Security Plan (SSP) Template for NIST 800-171
-
Assisted in completing the first SSP for the DoD contractor
-
Performed DoD contractor’s first annual risk assessment
Lori has broad and deep knowledge of multiple cyber frameworks and subscribes to the Webcheck Way – meaning helpful customer communication and professionalism in all documentation and consulting.
Jeremy Tillery
Practitioner
Jeremy Tillery, CEH, is recognized by his peers as a growing force in the information security field. He is noted for his ability in both penetration testing and social engineering. Jeremy’s passion for penetration testing constantly keeps him busy developing new skills and continuing to explore new vulnerabilities. At United Online Inc., he has been a driving member of the policy and compliance team, working on both their annual PCI compliance and internal policies for risk and security awareness.
A strong believer in pursuing excellence, Jeremy ensures that his team and clients receive the best he has to offer. Due to this work ethic, he has been able to grow many long-term relationships amidst an ever-changing industry environment. Currently, Jeremy holds a certification as both a Certified Ethical Hacker and COMPTIA Security+ CE. Jeremy is happiest with his wife Connie raising their beautiful daughter Carly.
Ricardo Calderon
Practitioner
Security Certified Practitioner Ricardo graduated from La Salle University with a Master's of Science in Cybersecurity. He has experience with Red and Blue team operations. He has attained the Offensive Security Certified Professional (OSCP), and the Practical Network Penetration Tester (PNPT) certifications.
Daniel Schuyler
CISO
Dan Schuyler has been working in Information Security and Compliance for over 10 year and has experience conducting cybersecurity assessments (CIS, NIST, ISO 27001, etc.) for organizations in many sectors including healthcare and financial services. Mr. Schuyler has experience with many different information security compliance standards including PCI-DSS, ISO 27001, SOC 2, HITRUST and FedRAMP. He has a Bachelors degree in Cybersecurity and Information Assurance and holds several cybersecurity certifications including the Systems Security Certified Practitioner (SSCP).
David Jensen
Practitioner
David is passionate about security and has experience performing penetration tests on A/V, IoT & embedded devices, networks, as well as Health Care infrastructures. His certifications include OSCP, CISSP, CHFI, CEH & Security+. His academic background consists of a Bachelor’s in Computer Science as well as a Masters in Cybersecurity & Information Assurance. He also helped write the 2021 Computer Hacking Forensics Investigator (CHFI) & Certified Ethical Hacker (CEH) certification exams. David currently serves as a Senior Penetration Tester and takes pride in the integrity of his work.
When David isn’t at work, he enjoys being outdoors, scuba diving and the occasional lazy day.