Joshua Knox
Cybersecurity Technologist & Evangelist · Speaker · Builder
I’m a Principal Cybersecurity Strategist at Horizon3.ai, where I work at the intersection of offensive security, AI research, and enterprise infrastructure. My job is to think like an attacker — and to help organizations understand what they’re actually defending against.
I’ve been doing this work for about twelve years. I’ve been speaking for thirty.
The Career Arc
Every chapter loaded the next one.
Ministry came first — I was preaching at 16, became a national extemporaneous speaking champion in high school, then spent years as a youth pastor and school principal. That’s where the communication muscle was built: how to read a room, make hard things accessible, hold an audience.
Teaching came next. I built a coding program from scratch at a small school — Java in year one, Python in year two, three full classes by year three including A+ and Unity/C#. That’s when I stopped being someone who talked about technology and became someone who taught it.
The tech career started from the bottom on purpose. Tier 1 help desk. Service delivery manager inside a year. Then I infiltrated a professional services company — hired as a training manager, maneuvered into internal IT, earned clearance, became a billable engineer. Not a career path. A strategy.
From there: Carbon Black taught me adversarial thinking. VMware/Tanzu gave me scale and federal context. And Horizon3.ai brought it together — offensive security, AI, and keynotes.
Each position taught me exactly what the next one required. I didn’t figure that out until I looked back.
Speaking
I’ve been on stage since before most of my peers were in the industry. National speaking champion, 30+ years of public speaking, and I still find it the one place where the scoreboard works correctly — the audience has to follow the whole thread, no interruptions, and the feedback is immediate.
Current conference schedule:
- RSAC 2026 — San Francisco, March 23–26
- ISSA Chicago — April 9, 2026
- GPC 2026 — Orlando, April 15–17
Previous: Chicago Cybersecurity Summit 2026 keynote — Proving Cyber Resilience: Measuring Outcomes, Not Effort.
Writing
The blog is where I work through ideas in public. Offensive security tradecraft, AI infrastructure, whatever I’m building. If it breaks in an interesting way, it ends up here.