Andrew Lyons
Junior Penetration Tester & Security Researcher | Aspiring Adversary Emulations Operator
About Me
I'm a 17-year-old with a background in offensive security that started at 10 years old. Throughout these years, I've actively participated in Capture The Flag (CTF) competitions, ranking in the top 10%. To further develop this interest, I've attended Cybersecurity conferences such as BSides.
I took an internship at an Offensive Weapons Development, Research and Education company at the age of 14, contributing to projects and programs at this company for over 2 years. I was also received education from the Metropolitan Police's Cyber Crime Unit (CCU). Understanding the core fundamentals of programming as well as ethical hacking, I aspire to become an Adversary Emulations Operator
Education & Certifications
Extended Diploma in Webapp, Mobile App, & Game Development
Uxbridge College, 2023-2024
Skills & Expertise
Technical Skills
- Penetration Testing
- Windows/Linux Exploitation
- Privilege Escalation
- Digital Forensics
- Malware Analysis
- Network Engineering
- C2 Infrastructure Development
- Virtual Environment Setup
- Security Research
Professional Experience
Junior Penetration Tester
Mar 2025 - Present
Cisco
- Engaged in enumerating and exploiting both Active Directory & Linux infrastructure, specifically covering bases such as Privilege Escalation, Pivoting, maintaining persistence and defense evasion
- Gained exposure to malware analysis and threat intelligence, including risk assessment and correlating attack data with real-world TTPs using the MITRE ATT&CK framework
- Developed a comprehensive understanding of Wireshark through analysing PCAP files to identify malicious activity and extract key indicators of compromise (IOCs)
- Learned a variety of techniques for filtering, pattern matching, and protocol analysis to efficiently evaluate network traffic
- Designed, built, and configured Lab Environments to replicate enterprise-level Active Directory and Linux Systems
- Mentored in Red Team Operations, developed hands-on experience with offensive security methodologies
Junior Software Analyst
Jan 2025 - Mar 2025
Cisco
- Team Lead for the development of Network Engineering tools over the Webex platform
- Gained hands-on experience fulfilling the responsibilities of a Network Engineer, leading the installation and setup of WANs
- Shadowed the troubleshooting process for enterprise networks utilising Cisco Meraki Infrastructure
- Learned Presales Consulting skills by proposing Cisco infrastructure and solutions to clients
Security Researcher
Feb 2022 - Dec 2024
Cosmodium CyberSecurity
- Participated in a high-ranking CTF team, consistently placing in the top 2-5% throughout CTFs
- Conducted bug bounty research, documenting vulnerabilities on the company site
- Performed web application penetration tests
- Developed security tools for both red and blue team operations
- Wrote Blogs/Guides on Red Team topics such as Open-Source Intelligence and OPSEC