Summary
I'm a security engineer and full-stack developer driven by
curiosity and a strong will to understand how things work at
every layer. My day-to-day revolves around helping teams
write more secure software, enabling scanning and detection
tooling, responding to incidents, and performing hands-on
security testing. Outside of work, I build tools, experiment
with Rust, and explore creative technical projects.
Experience
Manager — Bekk Consulting AS
2025–present · Oslo
-
Lead security development initiatives across
multiple teams and products.
-
Support teams with incident response, vulnerability
assessment, and security testing.
-
Drive adoption of automated code scanning,
dependency scanning, and secret scanning.
-
Train engineers and build organisational security
competence.
Senior Consultant — Bekk Consulting AS
2019–2024 · Oslo
-
Implemented automated security scanning and
monitoring across multiple codebases and platforms.
-
Performed offensive security testing and deep
technical vulnerability assessments.
-
Designed and developed internal tools to improve
security visibility and posture tracking.
-
Provided security guidance to high-impact,
high-availability product teams handling critical
workloads.
-
Drove security culture and competency building
across teams as a Security Champion.
Consultant — Bekk Consulting AS
2019–2022 · Oslo
-
Delivered full-stack development across backend,
frontend, cloud services, and DevOps pipelines.
-
Took responsibility for secure development practices
within product teams and cross-team forums.
-
Built and maintained systems with strict
requirements for uptime, performance, and privacy.
-
Supported product teams in threat modeling, secure
implementation, and operational reliability.
-
Worked autonomously in cross-functional teams to
ship features and improve developer experience.
Developer — Inligo AS
2018–2019 · Oslo
-
Developed internal and external web applications
across modern frontend and backend stacks.
Summer Intern — Bekk Consulting AS
2018 · Oslo
-
Built a production-grade Android TV application
using Kotlin.
-
Collaborated closely with designers and developers
to refine user experience and functionality.
-
Practiced modern CI workflows and collaborative
software delivery in a professional environment.
Projects
turbo-bible
Rust · MIT/Apache-2.0
A Turbo Vision–styled Bible reader for the
terminal, shipping eleven translations across seven
languages. Instant full-text search, side-by-side
compare panes with word-level diff highlighting,
cross-references, and a full vim keymap — fully
offline, with the King James Version embedded in the
binary. Installs via curl, Homebrew, or cargo.
- Rust
- TUI
- SQLite FTS5
- Vim Keymap
Minimal, distroless container base images built with
Nix — no shell, no package manager, and a
non-root user in every image. Covers JVM, Python, and
Node runtimes plus nginx, Redis, and compiled-binary
bases, with musl by default and glibc one tag away.
Every image is keyless-signed with cosign and ships a
CycloneDX SBOM attestation. A varde is
Norwegian for a cairn: the smallest stack of stones
that marks the trail.
- Nix
- Containers
- Distroless
- Supply-Chain Security
The mathemagical programming language. Abacus is an
experimental, interpreted functional programming
language with a pleasant REPL. Features include
pattern-matched function definitions, persistent REPL
environment with history, and helpful diagnostics that
pinpoint exactly where evaluation failed.
- Rust
- Interpreter
- REPL
- Functional Programming
Core Skills
Programming
- Rust
- Kotlin
- Java
- TypeScript / JavaScript
- Python
Tools & Platforms
- GitHub
- GitHub Advanced Security
- GitLab
- Burp Suite
- Docker
- Kubernetes
- Nix
- AWS
- GCP
- Datadog
Security & Methodologies
- Ethical Hacking
- Secure Development Practices
- Threat Modeling
- Incident Response
- Vulnerability Research
- Product Development
- Agile
- Cloud Security Fundamentals
Security Research
Discovered and responsibly disclosed an open redirect
vulnerability (CWE-601) in DataHub's authenticate
endpoint. The unvalidated redirect_uri parameter
allowed triple-slash payloads to bypass relative-path
restrictions and redirect authenticated users to
attacker-controlled sites. Fixed in DataHub v1.5.0.
- Responsible Disclosure
- CWE-601
- Open Redirect
Discovered and responsibly disclosed an open redirect
vulnerability (CWE-601) in DataHub's
BasePathRedirectFilter. Unsanitised path parameters
allowed attackers to craft URLs that redirected users
to untrusted sites. Fixed in DataHub v1.4.0.3.
- Responsible Disclosure
- CWE-601
- Open Redirect
Education
MSc in Computer Science
2017–2019 · University of Oslo
Thesis:
Investigation of x64 glibc heap exploitation
techniques on Linux
BSc in Computer Science
2013–2017 · University of Oslo