Aug 2022 – Present · 3 yrs 9 mos

• Creating reverse engineering/recon tools for hackers to better test

Sep 2021 – Aug 2022 · 11 mos

• Security researcher in the content team.
• Help prioritize the content roadmap.
• Defining what technical content to create.
• Working with the content team to implement new content.
• Analyze data from users to identify content that may need changes.
• Create new challenges for real-life bugs and 0-days, and corresponding blog posts.
• Reviewing existing and new content for quality. Ensuring it's relevant, realistic, and contains correct information that's easy to understand.

Jun 2020 – Sep 2021 · 1 yr 3 mos

• Group Product Manager for the "Build Securely" group, developing the "Sensei" product, a security plugin for IntelliJ. The role involved things such as:
• Learning the product in depth so I
• Finding product-market fit and growing the user base.
• User testing and interviews.
• Demonstrating the product to potential customers.
• Lowering the barrier to entry and time to value for the product.
• Manage the daily operations of the cross-functional team to move as quickly as possible.
• Ensure that the team has what it needs to be productive.
• Keep an up-to-date roadmap that is aligned with company goals.
• Provide status updates to senior management.
• Overhaul value proposition and messaging for the product to be clearer.
• Meet with customers to help them roll out the product in their organization.

Apr 2020 – Jun 2020 · 2 mos

• Product Manager for the technical content for hands-on security challenges in the Secure Code Warrior platform.
• Define what content needed to be created for the initial launch.
• Assist the team in the initial integration.
• Assist in the transition after the acquisition.
• Create guidelines for how new content should be created.

Jan 2019 – Apr 2020 · 1 yr 3 mos

• Working with the team to deliver a great and stable product to generate growth.
• Work with the content team to define what content should be created.
• Make the time to learning as small as possible.
• Reduce friction for onboarding into the platform.
• Work with marketing and sales to increase awareness and help land customers.
• Building towards raising a Seed funding round.
• Facilitate the acquisition by Secure Code Warrior, which closed in March 2020.

Jun 2016 – Apr 2020 · 3 yrs 10 mos

• Co-founder of the Adversary.io platform, which provides technical security training for developers. Developed the original proof of concept platform, which was used to train developers within especially the financial sector in Iceland, at Reykjavik University (Including the Open University, where I was an instructor).
• This effort was rewarded a grant by The Icelandic Centre for Research, which has allowed it to sprawl into a stand-alone product.

Jun 2017 – Jan 2019 · 1 yr 7 mos

• Leading technical service efforts focused on highly technical assessments.
• White box testing
• Code review
• Application Assessments
• Penetration Testing (Internal & External)
• Red teaming
• Web Application Security Assessments
• Forensics
• Incident Response
• Log Management / SIEM work
• Phishing
• Mentor and train junior team members to reach their full potential.
• Create internal tooling to make the team more efficient.
• Built custom systems for Attack Surface Monitoring and automated vulnerability assessments.
• Review reports from other consultants.
• Primarily worked with financial, multi-national, and critical infrastructure clients.

Aug 2014 – May 2017 · 2 yrs 9 mos

• Technical consulting with focus on white box assessments, code review, and similar. Taught OWASP Top 10 at the Open University @ Reykjavik University. Also doing penetration testing, phishing assessment, web application assessments, incident response, forensics, and general consulting on security.

Jan 2014 – Aug 2014 · 7 mos

• Providing technical consultancy, penetration testing, web application assessments, and similar.

Jun 2013 – Jan 2014 · 7 mos · Reykjavik, Iceland

• Focused on technical security of the EVE Online platform, and infrastructure. Working on credit card fraud prevention and anomaly detection. Also working on internal IT security for the various CCP offices.
• All things security.
• Internal & External Security.
• Operate SIEM.
• Manage IPS.
• Incident Response.
• Game Security.
• Code Review.
• Anti-cheating.
• Preventing money laundering, real-money trading, and botting.
• Detecting credit card fraud.
• Built systems to detect insider threats.
• Assist in meeting PCI compliance requirements.

Nov 2012 – Jun 2013 · 7 mos · Reykjavik, Iceland

• Helping to bootstrap many security practices at CCP, within the new security organization.

Aug 2010 – Nov 2012 · 2 yrs 3 mos · Reykjavik, Iceland

• Quality assurance tester focused on special projects requiring very technically demanding testing, and deep understanding of technical implications of subtle changes, and security matters (Exploit testing, cheating, hacking).

Jan 2010 – Jan 2010 · 0 mo