Home About IIA Staff

IIA Staff

Chief IT Security Officer

Paul Howell (CISM, CISSP) is the chief information technology security officer at the University of Michigan, and directs the Office of Information and Infrastructure Assurance. He is a graduate of the University of Michigan in Computer Science, with a master’s degree in Information Security from Eastern Michigan University. Paul has more than 20 years of computer and network security experience.

IT Security Staff

Matt Bing is the incident response coordinator for the university. Matt received his master’s in computer science from Grand Valley State University in 2000 where he studied intrusion detection and large-scale logging infrastructures. He then moved to Ann Arbor to work as a security engineer at Anzen Computing. In 2001, Anzen was acquired by NFR Security in Rockville, MD. At NFR, Matt developed and implemented intrusion detection systems. Matt is also an EnCase certified examiner and won the FIRST Capture the Flag contest in 2006.

Kevin Cheek is a university security analyst working in Managed Security Services since 2008. Kevin has been working for the University of Michigan since 1994. He spent ten years with the division of Molecular Medicine and Genetics, performing computer support and systems administration, and five years at the School of Public Health as a systems administrator and security administrator.

Esther Friedmann is the university security policy and compliance program manager, responsible for information security policies, regulatory compliance and IT security planning. Esther holds a Bachelor of Science in applied mathematics from the University of Tel Aviv, Israel. Before joining U-M in 1999, Esther was a director of application services at Computer Sciences Corporation in Los Angeles, and she held various positions at Hughes Electronics. Prior to her work with IIA, Esther managed the MPRIME (eResearch) project and was an assistant director at the MAIS Financial Systems Division.

Rick Getchell is a senior university security analyst on the technical services team. He is currently leading network attack recognition at the university. Since joining the security group in 2006, Rick has also been responsible for the university-wide vulnerability scanning efforts, and led the development of what is now IIA Managed Security Services from its inception to becoming a production offering. Prior to joining the team, Rick was security/network administrator and director of desktop support at the U-M School of Dentistry, where he began at U-M in 1998. Rick received his B.A. degree from Cornerstone University in 1991.

Dawn Isabel is the university ethical hacker.  She is responsible for university-wide vulnerability scanning efforts and developing a penetration testing service that will be offered to units within the university.  Dawn received a master's in computer science and engineering from the University of Michigan in 2003, and a bachelor’s in electrical engineering from Wayne State University in 2000. Before coming to U-M, Dawn worked for Ford Motor Company as the team lead for the Computer Incident Response Team (CIRT).

Nick Lewis (CISSP, GCWN) is a senior university security analyst who provides university-wide risk assessments. Nick received his master of science in information assurance from Norwich University in 2005, and both his master's (2002) and Bachelor of Arts (2000) in telecommunications from Michigan State University. Prior to joining U-M in 2009, Nick worked at the Children's Hospital Boston, the primary pediatric teaching hospital of Harvard Medical School, as well as for Internet2 and Michigan State University.

Matt Sabourin (CISSP, GCFA) is a university security analyst working in Managed Security Services. Matt received a Bachelor of Science in computer and information science at the University of Michigan - Dearborn and a Master of Science in information assurance at Norwich University. Matt joined the security team in 2008 after four years of work with the University of Michigan Health System in MCIT as an identity management analyst and a systems programmer/analyst.

Douglas Sawyer is a firewall engineer responsible for implementing and managing a virtual firewall infrastructure for units on the Ann Arbor campus. Douglas started his IT career in the Silicon Valley during the mid-1980s and has worked at a variety of corporations in a variety of roles.

Kirk Soluk is an information systems security manager with IIA, where he works on intrusion detection, incident response, vulnerability analysis, and security assessments. Kirk also serves as the IIA technical services team lead, which encompasses vulnerability management, attack detection and mitigation, risk management, technical education, security strategies, and consulting. Kirk is an EC-Council Certified Security Analyst (ECSA) and Licensed Penetration Tester (LPT). Kirk graduated from the U-M College of Engineering in 1987, and earned a master's degree in computer science from Michigan State University. Prior to joining U-M in 2004, Kirk worked at Microsoft for 11 years. He began as an infrastructure consultant, then became a program manager in the Windows Core Security group where he was responsible for improving the default out-of-box security for Windows. He was also responsible for the development of several Windows security management tools including Security Templates and the Security Configuration Wizard, for which he received three patents.

Jeff Tomaszewski (CISSP) is a university security analyst where he works in Managed Security Services. Jeff earned a Bachelor of Science in computer information systems from Saginaw Valley State University and a master's in liberal studies from Eastern Michigan University in information security. Prior to joining the Managed Security Services group, Jeff was on staff at the U-M ITCS Network Operations Center and Merit Network, Inc. where he served in many roles over the past eleven years. Jeff holds certifications from GIAC in forensics and IPS.

Kim Wheeler is the IIA office senior administrative assistant. She has a Bachelor of Science degree from Eastern Michigan University. Kim joined U-M in 1994 and has worked in MAIS User Services, where she was a computer system consultant at the MAIS Help Desk, and in User Services administration.