Timothy McKenzie

As a Principal Consultant for Trustwave, Timothy builds purple team breach and attack emulation capabilities and leads scenario-based Red Team exercises. He works with highly skilled attack teams to breach organizations with the goal of helping the organization understand weaknesses in their security posture, as well as the impact that a determined, sophisticated adversary could make. Timothy holds dozens of certifications including GPEN, GWAPT, GXPN, GAWN, GPYC, and GWEB. He’s a frequent speaker at ISSA, ICBA and other forums and a member of the GIAC Advisory Board.

More About Timothy


For Timothy McKenzie, it all started with an 8th grade science fair project entitled "Which Computer Virus Replicates the Fastest." He wrote three different applications that replicated themselves on a floppy drive and timed how long it took to fill the disk up. While the judges weren’t enthused about rewarding what they considered delinquent behavior, the experience cemented Timothy’s career path to computer security.

Initially working in a system admin role, Timothy always felt responsible for applying the principles of good information security practices to systems he administered. As he learned more, Timothy more direct information security roles, moving to the New Mexico Department of Public Safety in 2003. Since then, he’s held positions at Century Bank, Raytheon, and United American Insurance.

After more than a decade successfully building secure networks and systems for financial, government, service, and manufacturing organizations, Timothy spent the last ten years focused on penetration testing, exploit development, and adversary emulation. He has learned to reverse engineer malware and develop his own exploit code, as well as how to attack organizations without being noticed.

A SANS instructor since 2013, Timothy teaches SEC560: Network Penetration Testing and Ethical Hacking and is co-author of SEC542: Web App Penetration Testing and Ethical Hacking. A mentor both in and out of the classroom, Timothy says “there’s not much value in putting information in my head if I am not going to share it with those around me. Teaching opens the door to offering what I know to others.”

Timothy’s familiarity with designing, implementing, administering, and securing enterprise networks helps him answer a wide array of questions in the classroom and provide background details to help students understand how the concepts they are learning fit into their work environments.

Answering those questions and seeing students apply knowledge from his course to their real world work is Timothy’s favorite part of his role at SANS. “It is so rewarding to see the lightbulbs turn on as the concepts become real to students through practice,” he says, noting that lab time in particular gives students an opportunity to ask questions and dig into how they can apply the information to their work environment.

Timothy’s best advice for students looking for success? Be curious. “Students that want to know more and constantly turn over new rocks to see what is underneath will never stop growing,” he says.

Timothy has a bachelor of science degree in information technology from Western Governor's University and holds dozens of certifications including GPEN, GWAPT, GXPN, GAWN, GPYC, and GWEB. He’s a frequent speaker at ISSA, ICBA and other forums and a member of the GIAC Advisory Board.

Outside of work and teaching, Timothy mentors high school students in his community and manages his small farm in North Texas. He spends most evenings and weekends with his wife, eight kids, foreign exchange students, goats, horses, and donkeys. 



Shall We Play A Game? - NTX ISSA, May 2019

Web Application Scanning Automation, October 2018