Social Media Links

Experts & Advisors

Josh Lemon

Managing Director

Photograph of Josh Lemon

Level 8, 333 George Street
Sydney NSW 2000, Australia

+61.2.9037.3570 Main
+61.4.0707.2116 Mobile

Get in touch

Josh Lemon is a Managing Director at Ankura, based in Sydney, Australia. He has over a decade of experience working on large and complex security incidents and investigations. Josh has worked with large multinational organisations, government agencies, law enforcement, and local businesses to help them detect, investigate, and eradicate cybercriminals and target threat actors from their networks. He is a leader in performing digital forensics at scale, with geographically dispersed teams and systems, and building security operations teams to hunt advanced threat actors.


Josh is currently a certified instructor for the SANS Institute where he teaches the “Advanced Incident Response and Threat Hunting” (FOR508) and the “Advanced Network Forensics” (FOR572) courses.

Before joining Ankura, Josh was a director at in their international Salesforce Security Response Centre (SSRC) where he headed up the SSRC strategic response and research unit that was responsible for looking at new cutting-edge ways to approach incident response at scale. He was also the CSIRT manager for the Commonwealth Bank of Australia where he built a team of advanced responders that investigated malicious security incidents for local and international operations. Josh previously worked as a managing consult for BAE Systems Applied Intelligence, where he was responsible for all technical cybersecurity services for the Asia Pacific region, including overseeing large and complex incident response and offensive security engagements.

Josh is an active member of the cybersecurity community through his research work and presentations at international conferences, providing support to opensource projects, and through his advisory role to BSides Sydney.

  • Masters of Information Technology , University of Technology Sydney
  • GIAC Reverse Engineering Malware (GREM)
  • GIAC Certified Network Forensic Analyst (GNFA)
  • GIAC Certified Forensic Analyst (GCFA)
  • GIAC Defending Advanced Threats (GDAT)
  • GIAC Certified Penetration Tester (GPEN)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Python Coder (GPYC)
  • Certified Instructor at the SANS Institute
  • Advisory role to BSides Sydney

Thought Leadership

Let’s Connect

We solve problems by operating as one firm to deliver for our clients. Where others advise, we solve. Where others consult, we partner.

I’m interested in
I need help with