Syndis is a leading information security company helping to defend organizations by providing bespoke services and innovative security solutions in the global market.

Research is central to the Syndis vision and is considered core to the innovative approaches supplied to our clients. We develop our own technologies and methodologies to ensure the highest level of service for our clients who have the most demanding security needs.

Our customers include tech companies, financial institutions, multinationals, entertainment industry, gaming companies, organizations of national critical infrastructure and government. They are local Icelandic companies and international organizations with turnover ranging from less than 1 million USD per month to more than 1 billion USD per month.

Our clients have invested greatly in building up their defenses without the assurance that their systems are set up correctly or if they invested in technologies that are truly serving their security needs. What differentiates our services is that we stress-test the defenses of our clients by simulating real-world attack operations where a malicious team is trying to penetrate the defenses.

Our training is a new service offering designed to raise the security awareness of your employees to increase the level of security during software development and to raise our client organization’s security posture.


To drive security innovation for tomorrow's premier organizations.


By leading research in offensive security, developing bold technologies and applying these to counter real-world threats.

Theódór R. Gíslason

Valdimar Óskarsson

Globetrotting CEO

Valdimar Óskarsson has joined Syndis as a CEO. He holds an M.Sc. in Information Technology/Security and has extensive experience in the field of security and information security management. Another native Icelander, Valdimar has been living abroad since 2002, spending a decade in Denmark where he worked for Betware (now Novomatic) as an operational manager, Sensa as a consultant, and nSense as a PCI Qualified Security Assessor (QSA). Valdimar was appointed as CSO of the Betsson Group in Malta in 2012. In 2015, he became CISO at Transfast, which is a US based money transfer company with offices across the globe. We are excited to welcome Valdimar on board.

Theódór R. Gíslason
Co-founder & CTO

Information security professional, with 16 years of experience in information security

Theódór has over 18 years of working professionally in the space of offensive information security with his interests focusing on penetration testing, exploit development, offensive tooling and vulnerability research. Theódór has performed security assessments, penetration testing, incident response, and security consulting for many of large global organizations, including financial, government, and other technology oriented companies. Theódór currently leads the operations team at Syndis and is helping to drive the Syndis vision forward.

He is a popular instructor and speaker in Iceland, having for instance taught university-level technical computer security courses at both the University of Iceland and Reykjavik University between 2012-2015. Theódór has also presented at various conferences on state-of-the-art topics relating to information security.

Prior to co-founding Syndis, Theódór worked for Capacent, TERIS, and KPMG, where he performed technical offensive security consulting and assessments.

Björn Símonarson

Björn Símonarson
Principal Researcher

Senior information security professional, focusing on forensics and new technologies

Björn has a B.Sc. in Electronics Engineering with emphasis on embedded systems, low-level programming and RF technology. He has multiple years of experience in systems engineering on air defense and military communication systems and in security, both in private and government sector. He served as an INFOSEC and COMSEC officer and represented Iceland in various security working groups and accreditation boards during his time as a government employee.

His experience in information security ranges from defensive security on military networks to penetration testing of some of the largest organizations in Iceland, including financial, telecommunications and government.

Charlie Eriksen

Charlie Eriksen
Principal Security Engineer

Information security professional with focus on development, coding genius.

Charlie has spent his last few years doing application security in the gaming industry, and spent countless hours doing security research against both open and closed source applications. He has worked with major vendors on vulnerabilities he has discovered during his research. He has already presented at multiple conferences, including Nordic Security Conference. He has also done work on anomaly detection in video games and related systems, which he has presented about.

He has also done work on incident response situations relating to malware attacks, system breaches, and denial of service attacks for various organizations.

Ýmir Vigfússon

Ýmir Vigfússon, PhD
Co-Founder & Chief Science Officer

Professor in residence, security educator and system builder.

Ýmir is Assistant Professor of Mathematics and Computer Science at Emory University and Assistant Professor of Computer Science at Reykjavik University. He leads the research strategy of Syndis. Ýmir obtained a PhD in Computer Science from Cornell University in 2009, where his dissertation was nominated for the ACM Doctoral Dissertation award, and worked as a research scientist at IBM Research on innovations in distributed systems.

With more than 16 years of experience in computer security, Ýmir is a pioneer in offensive exploitation of computer software. He invented various techniques to leverage security vulnerabilities in software, and wrote many of the first "Format string" and "Heap overflow" exploits. His TEDx talk on why he teaches people how to hack went viral in 2014. Ýmir has published over 30 academic articles, holds 4 patents and loves cats. His professional web site is

Rich Smith

Rich Smith

Information security expert, leader in offensive research.

Rich has worked professionally in the space of offensive security for over 10 years where his research has been focused on the areas offensive tooling and framework design, post-exploitation strategies along with continual vulnerability research and exploit development. In addition to his research, Rich performs consulting and attack services across a range of verticals including National Security, Financial, Technology, and the Entertainment industry.

Prior to co-founding Syndis, Rich led the Attack Technology Division at Kyrus Tech (DC), held a Vice President role at Morgan Stanley (NY) as the lead cyber-threat specialist, was a senior researcher at Immunity Inc (FL) and led the Research In Offensive Technologies and Threats group at Hewlett-Packard's European Labs (UK). He is currently the Director of Security at DUO security Inc.


Hörður Ellert Ólafsson

Marketing, branding and business guru.

Hörður has a 10 years of entrepreneurial and consultancy experience in Iceland, Scandinavia and South Africa. Hörður has consulted for a variety of organizations, both domestic and international, ranging from government, to small NGO's, to startups and large companies within the creative, technology, and sustainability industries.

Hörður studyed Entrepreneurial Leadership at the KaosPilots, Denmark. Hörður's education focused on Creative Project Leadership, Creative Business Design, Creative Process Design and Creative Leadership.


Bergsteinn Karlsson
Security Engineer

Security Engineer

Bergsteinn has worked in law enforcement for the past decade both as a patrol officer and as a detective. His experience ranges from local to internationally cooperative cases in fields such as narcotics, cyber and organized crime. 

He has in recent times been more involved cybercrime investigations. His work for the police has given him a valuable insight into the workings of the legal administration and judicial system in addition to a comprehensive understanding of criminal mentality. As a first responder he learned to deal with critical situations and work under pressure whilst having to keep his composure.

Bergsteinn has a B.Sc. in Computer Science from Reykjavik University where he was first introduced to Syndis through their security course TOOR.


Hlynur Óskar Guðmundsson
Security Developer

Iceland's CTF co-grand master

Hlynur is a Research-based Computer Science student at Reykjavík University and a Full Stack Developer. He is one of the founders and organizers of the highly successful hacking competition, IceCTF that is hosted annually. He creates interesting security challenges to get people excited about Computer Security and develops a safe environment for people to explore software and how it breaks. Hlynur is currently developing an educational platform that teaches developers to be more security aware.

Prior to joining Syndis, Hlynur worked as a System Administrator for Governmental Agencies and as a Web Developer at a Telecommunications company.







James Elías Sigurðarson
Security Engineer

Iceland's CTF co-grand master

James is a Computer Science and Discrete Mathematics student at Reykjavík University
and a Full Stack Developer. James has over 7 years of experence in IT and Web Development, ranging from roles as a Systems Administrator to managing and developing critical systems.
He is one of the founders and organizers of the highly successful hacking competition, IceCTF that is hosted annually. He creates interesting security challenges to get people excited about Computer Security and develops a safe environment for people to explore
software and how it breaks. James is currently developing an educational platform that
teaches developers to be more security aware.

Heiðar Karl Ragnarsson
Security Engineer

Security Engineer

Heiðar will be completing his B.Sc. degree in Computer Science at Reykjavik University in the Spring. He is also a part of the Adversary team that is developing an educational platform for training developers to adopt a richer security mindset while designing systems and writing code. 

Heiðar has been heavily involved in offensive information security community over the past few years. His focus is on the offensive side of security, ranging from penetration testing to code reviews to participating, playing and organizing security competitions, including IceCTF.