Our Distinguished Staff of Network Security Consultants


Jonathan G. Gossels, President & CEO


Jonathan is President & CEO of SystemExperts Corporation, a network security consulting firm specializing in IT security and compliance. Jonathan started the company in 1994. He plays an active, hands-on role advising clients in compliance, technology strategies, managing complex programs, and building effective security organizations. Jonathan brings a business focus to this multifaceted work balancing all technical initiatives with business requirements and impact.

Jonathan is frequently quoted on the emerging challenges, as well as best practices in information security in leading publications such as Computerworld, Information Week, CSO Magazine, Wall Street & Technology Magazine, and InfoWorld. He is also a regular contributor to SC Magazine, Information Security Magazine, and the ISSA Journal.

Prior to founding SystemExperts, Jonathan built the Consulting Services operation for OpenVision Technologies (now Veritas). Before that, he was the Director of Business Development and Business Area Manager of Interoperability for the Open Software Foundation (OSF). In that role, Jonathan initiated and led the Distributed Computing Environment (DCE) project from its inception through its three major releases.

Jonathan has served on the editorial Advisory Board of Information Security Magazine, as technical advisor to Dateline NBC, and has been a guest on CBS news radio.

Jonathan is a graduate of Yale University and MIT’s Sloan School of Management.


Brad C. Johnson, Vice President


Brad Johnson is Vice President of SystemExperts Corporation and has been a leader of the company since 1995. He has participated in seminal industry initiatives including the Open Software Foundation (OSF), X/Open, the IETF, and has published many articles on open systems, Internet security, security architecture, ethical hacking and web application security.

Brad developed the signature methodologies underlying SystemExperts’ wide range of testing services. He also developed analytical approaches that enable our clients to use web application assessments, penetration testing, compliance audits, and architectural analysis to improve their effective level of security at the lowest possible cost.

On a day to day basis, Brad continues to advise clients on all aspects of information security. That includes leading teams of application vulnerability testers, participating in compliance reviews, or taking charge of a client’s application development project that has gone off-the-rails.

Brad is frequently quoted in business and technical publications such as SC Magazine, Wall Street and Technology, ISSA Journal, Computerworld, and Dark Reading. He has also served as a technical advisor or contributor to Dateline NBC, Information Security Magazine, Internet World, ISSA, and CNN.

Prior to SystemExperts, Brad held senior technical software research and development positions at OSF, Digital Equipment Corporation, Data General, and Bell Laboratories. Brad holds a Bachelor of Arts degree in Computer Science from Rutgers University and a Master of Science degree in Applied Management from Lesley University.


Paul B. Hill, Senior Consultant

Paul Hill has worked with SystemExperts as a principal project consultant for more than twelve years assisting on a wide range of challenging projects across a variety of industries including higher education, legal, and financial services. He joined SystemExperts full time in March 2012 and coordinates the SMARTday practice.

Paul joined the IT Department of the Massachusetts Institute of Technology in 1991. During his tenure, he has played a leadership role in the evolution of identity services for the Institute and the industry as a whole. He is also recognized as one of the industry’s foremost experts in Microsoft technology.

Paul was responsible for the evolution of MIT’s identity services. He led the project to design, deploy, maintain, and support MIT’s Shibboleth infrastructure. He also extended MIT’s central authorization management system, known as Roles. The support included consulting with business teams on campus, working with multiple teams to improve and enhance MIT’s LDAP system, and to improve and streamline the provisioning of new hires and new students.

Paul built and led the team responsible for the creation and development, initial deployment, and ongoing operations of MIT’s central Windows Active Directory domain. The domain was integrated into MIT’s existing identity services including the campus Kerberos infrastructure and centralized group management and campus DNS. The team worked extensively with Microsoft’s internal developers on Kerberos interoperability issues, and provisioning AD from external sources. The team was also involved in the evolution of the AFS client for Windows and created the first test suite for the AFS client on Windows. He also worked with many colleges and universities and the MIT Kerberos team to resolve cross-real interoperability issues.

Paul was also involved in the creation of the Kerberos Consortium, including the development of the initial business plan. He also played a leading role in the development of Internet2 specifications, including ongoing participation in the Middleware Architecture Committee for Education, particularly the MACE Privilege Management and Access working group (MACE-PACCMAN).

Paul continues to participate in the IETF; he served as Steering Committee Chair of the Calendaring and Scheduling Consortium and contributed to several of the drafts created by the calendaring and scheduling working group.

Paul attended Syracuse University and later Northeastern University, studying Aerospace and Mechanical engineering.


Nancy B. Zanga, Director of Client Operations

Nancy Zanga serves as the Director of Client Operations for SystemExperts to ensure each project meets and ideally exceeds the client’s expectations.  As the Director of Operations her role is to provide a cohesive flow of communication with the client from the initial inquiry to the final stages of SystemExperts consulting services.

Nancy is a seasoned professional who brings over two decades of experience providing outstanding planning, coordination, and execution of consulting projects.  Clients appreciate her responsiveness, clarity, professionalism, and ability to shepherd multiple projects to successful completion.

Before joining SystemExperts in February of 2012, Nancy worked with a national fundraising-consulting firm for over 15 years.  During her time there, she fulfilled a variety of roles including all coordination and communication between the consulting team and the firm’s clients including The National Geographic Society, Vassar College, Rensselaer Polytechnic Institute, Museum of Fine Arts Boston, Scripps Research Institute, and the New York Public Library.

Nancy resides in New Hampshire and has two daughters.  She also has served on numerous non-profit boards and committees within her community.


Jonathan Shuffler, Head of Network Security Testing

Jonathan Shuffler is an information security advocate and consultant at SystemExperts. Jonathan graduated in 2016 from Pennsylvania State University with a B.S. in Security and Risk Analysis (SRA) – Information Cyber Security (ICS).

At the 2016 “At Large Collegiate Cyber Defense Challenge,” Jonathan led the Pennsylvania State University – Altoona Collegiate Cyber Defense Challenge (CCDC) team to third place, the highest in university history.

For his Senior Capstone Project, Jonathan worked with the University’s Head of Division of Business, Engineering, and Information Sciences and Technology and the Senior Technical Staff Member at IBM to develop an Android application capable of guessing the location of Wireless Access Points using only the pre-existing hardware commonly found in an Android device.

Jason Kite, Consultant


Jason is a consultant at SystemExperts specializing in network security and penetration testing working out of Colorado Springs.  Jason holds a Bachelor of Science in Information Technology from Colorado Technical University and is an Offensive Security Certified Professional (OSCP).

Jason assists students at Colorado Technical University with furthering their education in the IT arena.

Jason enjoys participating in Capture the Flag security competitions and continues to prepare for further certifications.  He has a strong interest in all aspects of security, works with Android rooting and modification, and home networking in his spare time.

Joseph M. Kurfehs, Head of Compliance


Joe is Head of Compliance at SystemExperts focusing on compliance.

Joe brings over 30 years of managerial and technical expertise in IT governance, risk management, security, privacy and regulatory compliance to SystemExperts. He has extensive experience with the implementation of NIST and ISO 27000 standards, as well as compliance with GLBA, PCI-DSS, SOX, HIPAA, 21 CFR Part 11, US-EU Safe Harbor/Privacy Shield, and GDPR.

Just prior to joining SystemExperts, Joe held dual roles as Global Director of Security and Head of Risk and Compliance at Grey Group, Cohn and Wolfe, and GreyHealth Group within WPP, a world leader in marketing communications.

In this position, Joe implemented a global application vulnerability scanning program and a global GRC solution to manage and track risks in all operating groups and offices. This included a third party vendor risk management program, as well as compliance to SOX and GDPR. He also managed the security and compliance program for the world’s largest IT Transformation program during the outsourcing of IT operations to IBM.

Joe has 19 years of full time IT experience in the financial sector with First Investors (2 years) and Prudential Financial (17 years), where he served as Systems Manager – Distributed Systems Security and Architecture. In addition, he has six years’ experience at the world largest immigration law firm, Fragomen, Del Rey, Bernsen & Loewy, LLP, where he served as the Global Information Security Officer, and four years at Princeton HealthCare System, where he served as the Technical Security Officer and Manager of both Information Security and Application Support.

Joe’s IT consulting background includes work for KPMG, Federal Reserve Bank of NY, University Medical Center at Princeton, Bristol Myers Squibb Co, and Horizon Blue Cross Blue Shield.

Joe holds professional certifications for: CISSP, PCIP-QSA, CGEIT, CRISC, CISM, DABCHS, and CHS-III. He holds a Bachelors of Science degree in Management Sciences from Kean University, Union, NJ.

Joe currently resides on the Jersey Shore with his wife and their combined seven kids.