We are inviting EC-Council certified members to participate in the Item writing initiative. Click here for more details.

CEH (PRACTICAL) Scheme Committee

Alessandro Vannini

Alessandro Vannini

Alessandro started using computers when he was 8. All his life rounded around that box with 102 keyboards. He started working in the field when he was 20 years old as a shop manager for a computer and TLC chain in his country. He moved to junior system admin in 2003 for a company and started Microsoft Certification Program. Over the years, he attained 45 Technical Certifications, 8 MVP Awards about Exchange Servers and Windows Servers and founded a Cybersecurity company 17 years ago. In 2016, he reached the CEH. He was always into hacking and pen-testing and getting certified in the same, opened many doors for him. In 2020 he was elected admin of the 1st Ethical Hacking Community of his country and obtained the 1st Pilot under 18 years - Watchguard Wise Program. He continues working in the field everyday and managing community in the night. He has reached out to 41.000 students on hacking courses and 11.200 members on the community.

Ali Maeen

Ali Maeen

Mohammad Ali Maeen is a detail oriented vCISO, Cyber Security Threat Analyst, Digital Forensic Investigator, and Cyber Threat Intelligence Researcher, with a spirit of enthusiasm in the field. His mission is to protect information and infrastructures in cyberspace, increase awareness about the evolving threat landscape, prevent and respond to cyber threats, reduce vulnerabilities and minimize damage from cyber incidents through leveraging proven hands-on experiences and excellent organizational skills.
For more than 15 years, he has been a noteworthy leader in many Cybersecurity domains including but not limited to IT Governance, Security Audits, Risk Management, Incident Response handling, AI-Based Cyber Threat Intelligence Analysis, Red/Blue Teaming, and Professional Security Awareness Trainings. You may know him as an adjunct professor at the ITU San Jose California, but he can also be credited with his contribution as an author in digital forensic magazines, and the keynote speaker at cybersecurity events and his efforts at the academic level of cyber security researches.
Ali has been honored with professional certifications from EC-Council, ISACA, Microsoft, Redhat and many more. Ali holds a Master’s degree in the Cybersecurity and Threat intelligence from University of Guelph and also Masters of engineering degree in Computer Networks and Information Security from Jawaharlal Nehru Technological University and currently reside in Canada.

Andy Spencer

Andy Spencer

Andy Spencer is a Principal Cyber Security Analyst working in the National Health Service. With thirty years within the field of IT, the last five with a focus on security, he has a long and wide area of experience. Third line systems engineering through to penetration testing, systems design and strategy through to threat analysis and mitigations. Having fulfilled differing roles over his time he brings a range of experiences to the committee. Away from work Andy is an avid participant in capture the flag tournaments and maintains a blog sharing technical security write-ups aimed at all levels of ability.

Armen Baghdasaryan

Armen Baghdasaryan

Armen Baghdasaryan is an experienced information security professional with a demonstrated history of working in the public and private administration. He’s been responsible for information security in several companies, including Picsart, Central Bank of Armenia, Grant Thornton Armenia.
Skilled in information security, risk management, incident management, penetration testing, cloud computing and etc., Armen has implemented programs, policies and procedures that refer to the processes and methodologies involved with ensuring the safety and privacy of critical data.
He also advised managers responsible for information security of large local and international companies, and also acted as an expert on the following topics: “Information security governance”, “Information risk management”, “Information security incident management”, “Information security program development and management”, “Information risk management”, “Security compliance”.

Cristian Cornea

Cristian Cornea

Senior Penetration Tester & Security Researcher providing highly technical offensive security assessments for various clients over the globe, through his startup, Zerotak Security. Also, contributing for the community with technical blog posts, where thousand of InfoSec people read them on a daily basis. Speaker at multiple security conferences, including DefCamp, HEK.SI, HackTheZone, RSTCon. Holds several certifications from the industry - CEH, ECIH, OSCP, OSWE, OSEP, CPTC, and more.

Hongtao Wu

Hongtao Wu

Hongtao Wu has over 24 years of Information Technology and Information Security experience. He is currently the Chief Information Security Officer for a Bank in New York City, responsible for all aspects of information security including: the design and implementation of security solutions, conducting security assessments, security awareness, data protection, internal investigations, compliance with regulatory requirements as well as aligning operational procedures with information security best practices. Hongtao Worked with various firms such as IBM, Morgan Stanley, United Nations and other investment banking, commercial banking etc. He also holds numerous industry certifications including CEH, CISSP, CCSP, ITIL etc., and has his M.S in Computer Science from New York University and B.S. in Physics.

Jeff Fox

Jeff Fox

Jeff Fox holds a degree in Information Technology from Strayer University. He has over 30 technical certifications, including every Microsoft Certified System Engineer (MCSE) offered by Microsoft, from Windows NT 4.0 to 2016. Other certifications held by Mr. Fox include the Certified Ethical Hacker (CEH) with the Master designation, CompTIA PenTest+, Cisco Certified Network Professional (CCNP), Novell Certified Network Engineer (CNE), and VMware Certified Professional (VCP). For over 30 years, Mr. Fox has supported small, medium, and large businesses, with significant experience in network troubleshooting, network design and implementation, cybersecurity, and systems integration. Currently, Mr. Fox works for a successful information technology and cybersecurity consulting firm serving the DC-metro area. Mr. Fox is a veteran of the United States Navy, where he specialized in computer security and cryptography.

Matt Draws

Matt Draws

Matt Draws is a Security Architect and SOC Lead for a large healthcare organization. He is also a hacker, security researcher, and active member of his local cybersecurity groups including ISSA, ISACA, and ISC2.
Matt Draws maintains certifications including CISSP-ISSAP, CCSP, OSCP, CEH Master, CHFI, CISM, CISA, CRISC, and GPEN. He received his Master’s in Cybersecurity and Information Assurance. He is also a drone enthusiast.

Matthew Rowland

Matthew Rowland

Matthew Rowland is the Director of Application Security at Plex Systems. In his current role he is responsible for all aspects of application and product security including security testing, security architecture, and ensuring proper security practices at each stage in the secure software development lifecycle. He has over 15 years of experience in various technical roles within software development and information security. Throughout his career he has worked in many of the domains of information security and specializes in application security and security architecture.
Mr. Rowland holds a BS and MS in Computer Information Systems and several certifications including C|EH, Security+, AWS Solutions Architect, and CISSP.

Randall Joyce

Randall Joyce

Dr. Randall Joyce is an instructor at Murray State University in the Cybersecurity & Network Management program, where he lectures students in the areas of cybersecurity, virtualization, and wireless. Randall holds an M.S in Health Informatics from Northern Kentucky University, M.S. in Telecommunications Systems Management from Murray State University, and B.S. in Telecommunications Systems Management from Murray State University. Randall has also recently completed his Ed.D in P-20 and Community Leadership with STEM Specialization from Murray State University. Randall also has several industry certifications such as Certified Ethical Hacker (CEH) Master, Computer Hacking Forensic Investigator (CHFI), AWS CCP, and CCNA. Some of his research interests are in digital forensics, wireless security, and cyber operations.

TimothyRobinson

Roeland van Zeijst

MSc B.ICT CISSP CISM CIPP/E C|EH (Master)

Roeland van Zeijst committed his first ethical hack in 1984, as a 9-year-old – for charity. Many years later, he graduated cum laude in the field of Artificial Intelligence, after having initiated the Netherlands’ first direct-access internet provider. He boosted innovation at the Amsterdam police force, where he implemented its interactive citizens’ alert network. From 2012, Roeland co-developed the renowned multi-stakeholder strategy of the Dutch National High-Tech Crime Unit, which has become a key player in combating advanced international cybercrime. In Singapore, Roeland facilitated the global development of the INTERPOL Cyber Fusion Centre. Subsequently, he helped to fine-tune the cyber security efforts of the Dutch National Police, working with public and private partners from the Netherlands, EU, NATO and further abroad to increase their cyber-crisis capabilities. Since 2021, Roeland spearheads Dutch law enforcement's National Cybercrime Program as its program manager. He is still an ethical hacker and a cybercrime-fighting superintendent in Amsterdam.

Shaahid Harris

Shaahid Harris

I, Shaahid Mohamed Harris, am a purpose-driven, highly ambitious and established professional in Cybersecurity. With more than 20 years of insightful experience, I have made a notable impact in the Cybersecurity domain, exhibiting expertise in leading enterprise-level projects, IT security management endeavours and digital transformation projects in various geographies, including the USA, Singapore, Hong Kong and Saudi Arabia. Building a Strong Cyber Risk Aware Culture, ensuring the certain implementation of the Cybersecurity Policy Framework, achieving compliance and implementing robust security awareness programs are the most critical aspects of my current role with INSEAD Business School. As Senior Cyber Security Manager.
Proven success in implementing, operating, managing and ensuring continuous improvement in information security in complex enterprises, utilizing detailed knowledge of security tools, technologies and best practices. Good knowledge of security risk and standards such as PCI-DSS, ISO27002, NIST.
Demonstrating the cyber security knowledge and implementing that in the project was one of the key achievements. And also obtaining the gold standard industry recognized cybersecurity certifications like:-

Security Certifications
  • Certified Professional(Cyber Security) (Australian Computer Society)
  • Certified Information Security Manager
  • Certified Data Privacy Solution Engineer
  • Certified Information Systems Security Professional
  • CREST Practitioner Security Analyst
  • EC-Council Certified Ethical Hacker (Master)
  • EC-Council Certified Ethical Hacker (Practical)
  • EC-Council Certified Ethical Hacker
  • EC-Council Certified Security Analyst (ECSA)
  • Computer Hacking Forensic Investigator (CHFI)
Cloud Certifications
  • AWS-certified-solutions-architect-associate

Timothy Waibel

Timothy Waibel

Tim is a Principal Consultant with Trellix (Formerly McAfee/Intel), an American global computer security software company. He is a retired Law Enforcement Officer where he served as Detective on the drug task force, conducting both computer and cyber forensics investigations. He is a US Government cleared information technology executive with over 20 years in the field across IT and information security and has provided security guidance across many sectors to include: government, banking, energy, education, and healthcare. He has consulting experience performing penetration testing, risk management, digital forensics and incident response, and the sharing of this experience through training and mentorship within the community. Tim is also an adjunct instructor for ThriveDX in multiple areas of cybersecurity. Tim graduated from Carnegie Mellon University / Heinz College Executive Education’s CISO – Chief Information Security Officer program, and holds additional certifications to include; CISM, CISA, CDPSE, PCI-QSA, PCIP, CEH Master, CCSK, and others. Tim serves on the EC-Council Practical Scheme Committee for the CEH (Practical) program as well as Item QAE Item Writer for the ISACA Certified Information Security Manager (CISM) Program.

William Burke

William Burke

William Burke is the Deputy Chief of Vulnerability Evaluations with the Cybersecurity and Infrastructure Security Agency (CISA), where he manages and operates on cybersecurity engagements in support of the Federal Government, State / Local / Tribal / Territorial (SLTT) entities, and Critical Infrastructure / Key Resources (CIKR). Blending his experiences over eighteen years in the intelligence and cyber security fields, he has found a passion for developing impact-driven offensive security programs and personnel. In addition to his work at CISA he has also built and taught graduate level cybersecurity courses, and has been a speaker at multiple conferences and media events to include BlackHat and HBO Vice. He currently holds 12 industry certifications in cybersecurity operations and a M.S. in Security Informatics from Johns Hopkins University.

The specific duties and responsibilities of the SC members include:

  • Approve key policies governing the operation of EC-Council Certification Division.
  • Assuring consistency of decision making as well as the criteria used therein.
  • Serve on appeals and complaints task groups as appointed by the SC Chair.
  • Promote and provide guidance to promote EC-Council certifications.
  • Provide guidance regarding international initiatives supporting EC-Council certifications.
  • Provide guidance to support educational initiatives related to EC-Council certifications.
  • Determine areas of research required to improve EC-Council certifications.
  • Serve on task forces / subcommittees as appointed by the SC Chair.

Note: Next SC scheduled meeting: Sept 2022.

Disclaimer: None of the EC-Council | Scheme Committee members are part of the management team of the International Council of E-Commerce Consultants
(EC-Council) and as such, they should not be construed to be part of the Board of Directors of EC-Council.