Timothy McKenzie

Co-Founder

Denison, Texas, United States12 yrs 1 mo experience
Highly Stable

Key Highlights

  • Over 30 years in IT and Information Security.
  • Founder of 3L337 Consulting, specializing in penetration testing.
  • SANS Principal Instructor, mentoring future cybersecurity professionals.
Stackforce AI infers this person is a Cybersecurity Expert specializing in penetration testing and security consulting.

Contact

LinkedIn

Skills

Core Skills

Penetration TestingPurple TeamVulnerability AssessmentAdversary Emulation

Other Skills

Security AuditsSecurity ManagementPublic SpeakingConsultingEthical HackingWeb Application SecurityIT Security Best PracticesEthical HackerMalware AnalysisCompliancePCI DSSHIPAAGLBANetcatVulnerability Management

About

With over 30 years of experience in Information Technology and Information Security, Timothy McKenzie is the founder and principal consultant of 3L337 Consulting, LLC. His company specializes in network and web application penetration testing, Red Team exercises, and Purple Team breach and attack simulations. His mission is to help organizations strengthen their security posture by exposing critical vulnerabilities and demonstrating the business impact of sophisticated adversaries. After over a decade building secure networks and systems, Timothy shifted his focus to penetration testing, exploit development, and adversary emulation. He has become known for his ability to stealthily operate within enterprise environments, using his diverse IT background to find and exploit security gaps. His work spans industries like finance, healthcare, and government, with a focus on post-compromise activities. As a SANS Principal Instructor, Timothy teaches SEC588: Cloud Penetration Testing and SEC542: Web Application Penetration Testing and Ethical Hacking, having co-authored the latter. He’s been committed to mentoring and sharing his expertise throughout his career, both in IT and Information Security. He says, “there’s not much value in putting information in my head if I am not going to share it with those around me. Teaching opens the door to offering what I know to others.” In addition to teaching and consulting, Timothy frequently speaks at security conferences and contributes to shaping the future of cybersecurity through his involvement with the GIAC Advisory Board. He holds numerous certifications, including OSCP, GXPN, GPEN, GWAPT, GAWN, GWEB, and GPYC. Timothy has led many Red Team engagements, helping clients identify critical weaknesses and bypass security defenses. He also designs tailored Red and Purple Team attack scenarios, ensuring organizations can address both technical and business risks. Passionate about giving back, Timothy has volunteered to teach penetration testing to high school students and continues to foster the next generation of cybersecurity professionals. Follow me on twitter: @timboloman

Experience

Sans institute

2 roles

SANS Principal Instructor and Co-Author SEC542: Web Application Penetration Testing

Promoted

Sep 2024Present · 1 yr 6 mos

SANS Certified Instructor and Co-Author (SEC542)

Jan 2020Sep 2024 · 4 yrs 8 mos

  • I enjoy passing on knowledge to others, and SANS provides excellent courseware and venues to share my experiences, knowledge and the course material.

3l337 consulting

Owner / Principal Penetration Testing Consultant

Jul 2022Present · 3 yrs 8 mos · United States · Hybrid

  • As the lead Red Team consultant and founder of 3L337 Consulting, LLC, Timothy specializes in orchestrating Purple Team breach and attack simulations, leading scenario-based Red Team exercises, and conducting network and web application penetration tests. His mission is to collaborate with highly skilled offensive security teams to expose vulnerabilities and demonstrate the potential impact of determined, sophisticated adversaries.
  • Throughout his career, Timothy has led many Red Team engagements, uncovering critical weaknesses across client environments. His technical expertise has allowed him to breach organizations protected by various security controls, demonstrating how adversaries can bypass defenses to gain unauthorized access to sensitive systems.
  • In addition to penetration testing, Timothy has developed attack profiles and led the design of tailored Red and Purple Team attack scenarios, helping organizations understand both technical and business-level risks. He has worked with clients to translate these findings into actionable security improvements, ensuring they are better prepared for future threats.
  • Timothy's expertise is supported by numerous industry-recognized certifications, including GPEN, GWAPT, GXPN, GAWN, GPYC, and GWEB. He is a frequent speaker at events such as ISSA, ICBA, and others. Timothy also serves as a member of the GIAC Advisory Board, contributing his insights to the field of cybersecurity.
  • Since 2013, Timothy has been committed to sharing his knowledge through the SANS Institute. As a SANS Principal Instructor, he teaches SEC588: Cloud Penetration Testing and SEC542: Web App Penetration Testing and Ethical Hacking, the latter of which he co-authors. Timothy is passionate about mentoring, both in and out of the classroom, and believes that “there’s not much value in putting information in my head if I am not going to share it with those around me. Teaching opens the door to offering what I know to others.”
Penetration TestingPurple Team

Trustwave

Penetration Testing Principal Consultant

Feb 2021Jul 2022 · 1 yr 5 mos · Everywhere

Secureworks

Red Team / Penetration Tester

Jun 2014Dec 2020 · 6 yrs 6 mos

United american insurance company

Penetration Tester / Senior IT Security Manager

Aug 2012Jun 2014 · 1 yr 10 mos · McKinney, TX

  • Lead Penetration Testing and Vulnerability Assessment
  • Consult with the business concerning secure application and system implementation
  • Contributor to PCI, GLBA, HIPAA, and SOX Compliance
  • Developed and maintain Information Security Policy

Education

Western Governors University

Bachelor of Science - BS — Computer and Information Systems Security/Information Assurance

Feb 2007Aug 2007

Stackforce found 100+ more professionals with Penetration Testing & Purple Team

Explore similar profiles based on matching skills and experience

Prerna Bansal

Prerna Bansal

Senior Product Security Engineer

at Adobe

Noida, India10 yrs 9 mos exp
Application SecurityThreat ModelingVulnerability Management
Akash Singh

Akash Singh

Security Consultant

at Emirates NBD

Dubai, United Arab Emirates3 yrs 8 mos exp
Information Security
Deepak Saini 🇮🇳 🕉️ 🚩

Deepak Saini 🇮🇳 🕉️ 🚩

Founder of Hacksentrypro

at Hacksentrypro

Jaipur, India5 mos exp
CybersecurityEthical Hacking
Nitin Bhamare

Nitin Bhamare

Senior Security Engineer

at GoDaddy

Thane, India10 yrs 9 mos exp
AZ

Ahmad Zia

Application Security Analyst

at SISA

Bengaluru, India2 yrs 1 mo exp
Tushar Verma

Tushar Verma

SME - R&D Exposure Management

at NST Cyber - Your Trusted Enterprise CTEM Partner

South Mumbai, India3 yrs 9 mos exp
Application SecurityCloud Security
satyam lohomi

satyam lohomi

Analyst

at Capgemini

Navi Mumbai, India0 mo exp
Penetration Testing
Haider Ali

Haider Ali

Penetration Tester

at Secure Purple

Lahore, Pakistan1 yr 8 mos exp
Penetration TestingWeb Application SecurityEthical Hacking