Timothy Brush

Tim is founder and owner of ThinkLiquid, an independent consultancy specializing in enterprise and cloud-scale security and operational challenges. Over the past 25 years, Tim has accumulated a broad range of technical and managerial expertise. He has functioned in roles ranging from system administrator to project manager to security architect to CTO. Tim has worked for organizations of all types and sizes, including a large ISP, a development bank, several Silicon Valley start-ups, and a couple online gaming companies. Tim began as a Quality Control Tester with SANS Institute's OnDemand team. His contributions were noticed and he was provided an opportunity to work with SANS' Subject Matter Experts (SMEs). He frequently functions as a Teaching Assistant (TA) for a variety of SANS courses, and is a budding author and instructor.

More About Timothy


Tim’s journey in IT started over 25 years ago and has had a focus on cyber security for nearly as long.  It was the early days of the Internet and while working for a large Internet Service Provider, Tim became fascinated with computer viruses.  He still remembers having a "virus farm" on a number of floppy disks sitting on his desk. He wanted to understand what made each virus tick and how each was able to circumvent the deployed safeguards.  Regardless of Tim’s job title over the years, he has always focused on improving the security posture of his employer.  Whether as an individual contributor or in a leadership role, he’s been responsible for maintaining and securing many of the most critical Unix and Linux systems supporting the businesses he worked in.

There are unique challenges faced by security professionals working for a startup versus a multi-billion dollar global organization. A systematic approach is required to manage thousands of computer systems or tens of thousands of containers, but many of these same techniques may be scaled down to significantly benefit organizations of any size. Tim attempts to distill knowledge gained through his vast experiences to help others manage and secure their digital infrastructure, whether onsite, co-located, or in the Cloud.  Tim has a special affinity for the ever-changing landscape of security and the Cloud.

Tim's addiction to SANS training began after he attended his first course in 2003. "It was the caliber of the instruction and the real-world skills that could immediately be applied when I returned to work", he explains.  He wanted to become part of that world and help develop the next generation of cyber security professionals. Tim has a passion for learning and loves to share his knowledge with others.  He feels fortunate to be a part of the SANS community, which values his knowledge, skillset, and experience in cyber security.

Tim is one of the very few individuals to have achieved the distinctive title of SANS Cyber Guardian for both the red team and the blue team. He is also a member of (ISC)2, the SANS/GIAC Advisory Board, and acts as a subject matter expert and quality assurance tester for SANS OnDemand.  Tim currently holds a CISSP-ISSMP and 15 GIAC Certifications including the highly regarded GIAC Security Expert (GSE #191).

Outside of cyber security, Tim enjoys researching and acquiring new technical gadgets, as well as keeping up with the constant advances in the Cloud. He is deeply committed to his family and greatly enjoys spending quality time with them.