homepage
Open menu
Contact Sales

Timothy McKenzie

As the lead Red Team consultant and founder of 3L337 Consulting, LLC, Timothy specializes in orchestrating Purple Team breach and attack simulations, leading scenario-based Red Team exercises, and conducting network and web application penetration tests. His mission is to collaborate with highly skilled offensive security teams to expose vulnerabilities and demonstrate the potential impact of determined, sophisticated adversaries.

Timothy's expertise is supported by numerous industry-recognized certifications, including GPEN, GWAPT, GXPN, GAWN, GPYC, and GWEB. He is a frequent speaker at events such as ISSA, ICBA, and others. Timothy also serves as a member of the GIAC Advisory Board, contributing his insights to the field of cybersecurity.

Since 2013, Timothy has been committed to sharing his knowledge through the SANS Institute. As a SANS Principal Instructor, he teaches SEC588: Cloud Penetration Testing and SEC542: Web App Penetration Testing and Ethical Hacking, the latter of which he co-authors. Timothy is passionate about mentoring, both in and out of the classroom, and believes that “there’s not much value in putting information in my head if I am not going to share it with those around me. Teaching opens the door to offering what I know to others.”

More About Timothy
Specialties
Headshot of Timothy McKenzie

Profile

With almost 30 years of experience in Information Technology and Information Security, Timothy McKenzie is the founder and principal consultant of 3L337 Consulting, LLC, a company specializing in network and web application penetration testing, Red Team exercises, and Purple Team breach and attack simulations. His mission is to help organizations strengthen their security posture by exposing critical vulnerabilities and demonstrating the business impact of sophisticated adversaries.

After over a decade spent building secure networks and systems for financial, government, and manufacturing organizations, Timothy transitioned his focus to penetration testing, exploit development, and adversary emulation. Over the past decade or so, he has become known for his ability to stealthily operate within enterprise environments, using his diverse IT experience to identify and exploit gaps in security programs. His work has spanned industries such as finance, healthcare, government, and intellectual property-heavy organizations, with particular expertise in post-compromise activities.

Timothy’s Role in Offensive Security
As a SANS Principal Instructor, Timothy teaches SEC588: Cloud Penetration Testing and SEC542: Web Application Penetration Testing and Ethical Hacking, having co-authored the latter. Timothy has been committed to mentoring and sharing his expertise throughout his career, both in IT and Information Security. He believes, “there’s not much value in putting information in my head if I am not going to share it with those around me. Teaching opens the door to offering what I know to others.” His ability to articulate complex security concepts in a business context makes him an effective communicator to both technical teams and executive leadership.

In addition to his teaching and consulting work, Timothy is a frequent speaker at security conferences such as ISSA and ICBA, where he shares insights gained from his front-line experiences. He has also contributed to the GIAC Advisory Board, helping to shape the future of cybersecurity. Timothy holds numerous industry certifications, including OSCP, GXPN, GPEN, GWAPT, GAWN, GWEB, and GPYC.

Accomplishments and Real-World Impact
Throughout his career, Timothy has led many Red Team engagements, uncovering critical weaknesses across client environments. His technical expertise has allowed him to breach organizations protected by various security controls, demonstrating how adversaries can bypass defenses to gain unauthorized access to sensitive systems.

One notable success involved a large financial institution that had previously avoided Red Team compromise in their Linux environment. Timothy and his team gained an initial foothold, but it was Timothy who discovered a vulnerability in a custom wrapper enforcing role-based access. This exploit allowed him to escalate privileges and gain control over the entire Linux environment within hours.

In addition to penetration testing, Timothy has developed attack profiles and led the design of tailored Red and Purple Team attack scenarios, helping organizations understand both technical and business-level risks. He has worked with clients to translate these findings into actionable security improvements, ensuring they are better prepared for future threats.

Commitment to Mentorship and Education
Timothy is passionate about giving back to the security community. Beyond his professional work, he has volunteered to teach penetration testing to high school students and is committed to fostering the next generation of cybersecurity professionals. His commitment to security is not just about finding and exploiting vulnerabilities—it’s about sharing that knowledge and helping others grow.

Professional Affiliations and Education
Timothy has a bachelor of science degree in information technology from Western Governor's University and holds dozens of certifications including GPEN, GWAPT, GXPN, GAWN, GPYC, and GWEB. He is a faculty member of the SANS Technology Institute, an NSA Center of Academic Excellence in Cyber Defense and multiple winner of the National Cyber League competition. Timothy is a frequent speaker at ISSA, ICBA and other forums and a member of the GIAC Advisory Board.

With a career that blends technical expertise, real-world experience, and a passion for education, Timothy McKenzie is dedicated to advancing both the security industry and the professionals within it.

ADDITIONAL CONTRIBUTIONS BY TIM MCKENZIE:

WEBCASTS

Shall We Play A Game? - NTX ISSA, May 2019

Web Application Scanning Automation, October 2018