Lee Anderson has worked in IT since 2005 and cybersecurity since 2009, with experience spanning threat and vulnerability management, adversary emulation, red teaming, and security awareness. He has helped establish internal red teams at large organizations and has spent much of his career focused on the human side of security—particularly social engineering, ethical practice, and behavior change.

His work includes leading and influencing phishing simulation and awareness efforts, advocating for non-punitive approaches that emphasize learning and reporting over blame, and helping shift organizational security culture toward more human-centered outcomes. He holds a Master’s degree in Information Systems Management and a second one in Learning Experience Design and Educational Technology. He is particularly interested in how mindset, judgment, and inner development influence long-term impact in cybersecurity.

Outside of traditional security work, he volunteers in community education efforts and explores experiential approaches to teaching security concepts to non-technical audiences (e.g., tabletop game design).