About
Cybersecurity professional specializing in penetration testing and security research, focused on identifying high-impact vulnerabilities. Experienced in web application security and translating technical findings into actionable remediation. Internationally recognized for responsible disclosure and trusted to assess complex systems.
Experience
Penetration Tester — Oslo Municipality CSIRT
Jan 2024 - Dec 2024
• Performed web application and API penetration testing.
• Validated and retested vulnerabilities using OWASP and CVSS.
• Planned and executed phishing simulations with GoPhish and M365.
• Investigated security events in Microsoft Sentinel using KQL.
• Presented findings, risk, and remediation guidance to clients.
• Contributed to reporting workflows and assessment documentation.
• Collaborated with the CSIRT on triage, investigation, and response.
Photographer — Independent
• Commissioned for events, studio, and on-location.
• Advised clients on visual direction and presentation.
• Edited and color-graded using Adobe and DaVinci Resolve.
• Delivered client-ready files with usage guidance.
Professional Development
OSCP — Exam Scheduled
eCPPT — Certified Professional Penetration Tester
eWPT — Web Application Penetration Tester
PEN-200 (OffSec)
Red Team Ops
Virtual Hacking Labs (Basic & Advanced+)
Foundations of Operationalizing MITRE ATT&CK
NSM Grunnprinsipper for IKT-sikkerhet
The Bug Hunter's Methodology
Selected Recognitions
Recognized for responsible disclosure and security research by international organizations including NASA, UN, Mercedes-Benz, Ferrari, Oracle, and Red Bull.
View full list →
- NASA — Letter
- Drexel University — Letter
- Norsk Helsenett — Hall of Fame
- HHS — Hall of Fame
- Ferrari — Hall of Fame
- Philips — Hall of Fame
- Oracle — Security Contributor
- Proofpoint — Hall of Fame
- Nokia — Hall of Fame
- Fastweb — Hall of Fame
- United Nations — Hall of Fame
- EU CERT — Hall of Fame
- Google Hacking Database — Contributor
- BSides Oslo 2025 — 1st Place, Advanced Lockpicking
Skills
Penetration Testing (Infrastructure, Application, Cloud, C2)
Phishing & Social Engineering
Detection & Monitoring (Microsoft Defender for Endpoint, Splunk)
Automation (Bash, Python, PowerShell)
OSINT & Reconnaissance
Physical Security (Access control, RFID)
Reporting & Remediation Validation
Licenses
Motorbike License (Class A)
Skydiving License (A License)
Belay License (Brattkort)
Sports Shooting License
Mountaineering & Glacier Course
Avalanche Safety Course
Languages
Norwegian
English
Arabic
Russian