“Andrew is an exceptional leader who brings a wealth of technical expertise to the table. In a field as complex as cybersecurity, having a leader who truly understands the subject matter is a significant advantage. Andrew doesn’t just manage; he hones in on the technical challenges alongside his team, leveraging years of experience to solve problems directly. Working under Andrew was a highlight of my career. It all started with the unique experience of helping interview and making decisions about hiring the person I would be reporting to. Though this is a process that many industries and companies go through, and something I have done before, it is always refreshing to be able to provide that input. In the technical world, it is rare to find a leader who is also an expert practitioner. Andrew bridges that gap perfectly. He possesses a deep, hands-on understanding of cybersecurity and IT, allowing him to "lead from the trenches" and provide direct, high-level support to his team. His leadership style is highly personalized; he takes the time to understand individual strengths and tailors his mentorship and feedback accordingly. I learned a ton from Andrew, both from building up my technical skills to developing leadership experience that I consider invaluable. I would not hesitate to work with Andrew again in the future and any team would be lucky to have him as a leader.”
About
I'm an information security and AI professional who thrives on solving complex problems…
Activity
-
Due to popular demand here is my 𝗖𝗼𝗱𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 𝗦𝘁𝗮𝗰𝗸 I've used them all. Claude Code has one superpower none of the others match:…
Due to popular demand here is my 𝗖𝗼𝗱𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁 𝗦𝘁𝗮𝗰𝗸 I've used them all. Claude Code has one superpower none of the others match:…
Liked by Andrew Johnson, MBA, GSE, OSEE
-
AI Survival Guide (2026), in plain language Most people talk about AI like it’s a wave you either ride or get crushed by. This blueprint makes it…
AI Survival Guide (2026), in plain language Most people talk about AI like it’s a wave you either ride or get crushed by. This blueprint makes it…
Liked by Andrew Johnson, MBA, GSE, OSEE
-
Stop wasting hours trying to learn AI. I have already done it for you. With one list. Zero confusion. And no fluff 📹 Videos: 1. LLM Introduction:…
Stop wasting hours trying to learn AI. I have already done it for you. With one list. Zero confusion. And no fluff 📹 Videos: 1. LLM Introduction:…
Liked by Andrew Johnson, MBA, GSE, OSEE
Experience
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
-
Western Governors University
-
-
Andrew is currently completing his Master's in Data Science, applying his cybersecurity and leadership experience to the study of artificial intelligence, machine learning, and data-driven decision-making.
His coursework builds the foundational skills that underpin large language models (LLMs), AI security, and applied data analytics. These capabilities complement his technical foundation and leadership experience. Through this program, Andrew is expanding his ability to help…Andrew is currently completing his Master's in Data Science, applying his cybersecurity and leadership experience to the study of artificial intelligence, machine learning, and data-driven decision-making.
His coursework builds the foundational skills that underpin large language models (LLMs), AI security, and applied data analytics. These capabilities complement his technical foundation and leadership experience. Through this program, Andrew is expanding his ability to help organizations adopt AI technologies responsibly while maintaining strong security and governance standards -
-
-
-
Licenses & Certifications
-
Offensive Security Exploitation Expert (OSEE)
Offensive Security
Issued -
GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
GIAC Certifications
IssuedCredential ID 239 -
-
-
-
Offensive Security Certified Expert (OSCE)
Offensive Security
Issued -
Offensive Security Certified Professional (OSCP)
Offensive Security
Issued -
-
-
Courses
-
Corelan Live - Win32 Exploit Development Bootcamp
-
-
Offensive Security - Advanced Web Attacks and Exploitation
-
-
Offensive Security - Advanced Windows Exploitation
-
-
SANS 660 - Advanced Penetration Testing, Exploits, and Ethical Hacking
-
Languages
-
Japanese
Elementary proficiency
-
English
Native or bilingual proficiency
Organizations
-
American MENSA
-
-
InfraGard
-
-
OWASP
-
Recommendations received
19 people have recommended Andrew
Join now to viewMore activity by Andrew
-
These types of practical exercises are invaluable.
These types of practical exercises are invaluable.
Shared by Andrew Johnson, MBA, GSE, OSEE
-
We just released a paper on Model Context Protocol security - joint work with Herman Errico (Vanta) and Shanita Sojan (Darktrace). As MCPs get…
We just released a paper on Model Context Protocol security - joint work with Herman Errico (Vanta) and Shanita Sojan (Darktrace). As MCPs get…
Liked by Andrew Johnson, MBA, GSE, OSEE
-
Semgrep is free. Prowler is free. ScoutSuite is free. OWASP Amass is free. Burp Community is free. Wazuh is free. Keycloak is free. Gitleaks is free.…
Semgrep is free. Prowler is free. ScoutSuite is free. OWASP Amass is free. Burp Community is free. Wazuh is free. Keycloak is free. Gitleaks is free.…
Liked by Andrew Johnson, MBA, GSE, OSEE
-
Daniel and Clint are great, and this is a fantastic project. If you're interested in what practical AI looks like and how you could be leveraging it…
Daniel and Clint are great, and this is a fantastic project. If you're interested in what practical AI looks like and how you could be leveraging it…
Shared by Andrew Johnson, MBA, GSE, OSEE
-
Microsoft's production AI security stack costs $0 to copy. Yet enterprises pay consultants $200K for worse. I mapped Azure's documented AI…
Microsoft's production AI security stack costs $0 to copy. Yet enterprises pay consultants $200K for worse. I mapped Azure's documented AI…
Liked by Andrew Johnson, MBA, GSE, OSEE
Other similar profiles
Explore more posts
-
Certified Threat Modeling Professional (CTMP)
Most organizations treat incident response (IR) as a checklist. But attackers don’t follow checklists. That’s where threat modeling comes in—giving IR teams the ability to: 🔍 Spot attack paths before adversaries use them 📊 Simulate attacker behavior across the kill chain ⚡ Prioritize high-impact risks 🛡️ Build defenses that adapt as threats evolve 👉 Read more from OWASP’s Threat Modeling resources: https://lnkd.in/gFBEcsy9 📌 If you like our posts, follow Certified Threat Modeling Professional (CTMP). We regularly create & share tips/resources & content on DevSecOps, Container Security, Threat Modeling, Cloud Native, & more. #ThreatModeling #IncidentResponse #CyberSecurityStrategy #ProactiveDefense #TripwireInsights
1 Comment -
CVERiskPilot
CVERiskPilot Beta 2.0 is live. We built CVERiskPilot to help security teams turn raw vulnerability exports into evidence-backed, reviewable remediation decisions without overstating certainty. Beta 2.0 includes: - Multi-tenant authenticated workflows - Uploads for JSON, SARIF, CSV, and XLSX - Findings triage and deep review - Remediation ticket workflows - Executive reporting - Billing and release-readiness foundations - Auditor-facing self-assessment and evidence-tracking views What matters most to us is trust: - Clear tenant isolation boundaries - Reviewable workflows - Advisory AI, not black-box automation - Evidence-oriented operations and release discipline This is still beta, and we’re treating it like beta: real workflows, real hardening, real feedback loops. If you lead vulnerability management, platform security, or security operations and want early access or want to help shape the product, we’d love to connect. #CyberSecurity #VulnerabilityManagement #AppSec #SecurityOperations #DevSecOps #SaaS #B2B #BetaLaunch
-
The Cyber Security Hub™
Download Pentera Labs Report - revealing three new critical injection points in the ingress-nginx controller, building on Wiz’s IngressNightmare CVE. These overlooked vulnerabilities could let attackers hijack traffic, spoof headers, or reach unauthorized backend services - They exist in one of the most widely used ingress controllers in Kubernetes, putting countless environments at risk. This research highlights how small misconfigurations can lead to major exposure in modern cloud-native architectures. What’s Inside: ✅ 3 new injection vulnerabilities in ingress-nginx ✅ How attackers find and exploit CVEs in open source ✅ Actionable tips to secure your Kubernetes environment https://lnkd.in/eHtX6EdP
1 Comment -
ID Dataweb
Manual access reviews, shared credentials, and outdated provisioning tools. Still sound familiar? Legacy IAM workflows aren’t built for today’s cloud-first, hybrid workforce. They’re slow. They’re error-prone. And worst of all—they leave gaps wide open for insider threats. Modern workforce identity starts with automation. The kind that verifies who is getting access, why they need it, and when to revoke it—all without the bottlenecks. Here’s what it takes to move from static identity to dynamic trust: Read more: https://hubs.la/Q03qG7d20 #IdentityManagement #WorkforceSecurity #ZeroTrust #AccessControl #IDDataweb
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content