Syndis is a leading information security company helping to defend organizations by providing bespoke services and innovative security solutions in the global market.

Research is central to the Syndis vision and is considered core to the innovative approaches supplied to our clients. We develop our own technologies and methodologies to ensure the highest level of service for our clients who have the most demanding security needs.

Our customers include tech companies, financial institutions, multinationals, entertainment industry, gaming companies, organizations of national critical infrastructure and government. They are local Icelandic companies and international organizations with turnover ranging from less than 1 million USD per month to more than 1 billion USD per month.

Our clients have invested greatly in building up their defenses without the assurance that their systems are set up correctly or if they invested in technologies that are truly serving their security needs. What differentiates our services is that we stress-test the defenses of our clients by simulating real-world attack operations where a malicious team is trying to penetrate the defenses.

Our training is a new service offering designed to raise the security awareness of your employees to increase the level of security during software development and to raise our client organization’s security posture.


To drive security innovation for tomorrow's premier organizations.


By leading research in offensive security, developing bold technologies and applying these to counter real-world threats.

Theódór R. Gíslason

Theódór R. Gíslason
Co-founder & Head of Operations/CEO

Information security professional, with 16 years of experience in information security

Theódór has over 16 years of working professionally in the space of offensive information security with his interests focusing on penetration testing, exploit development, offensive tooling and vulnerability research. Theódór has performed security assessments, penetration testing, incident response, and security consulting for many of large global organizations, including financial, government, and other technology oriented companies. Theódór currently leads the operations team at Syndis and is helping to drive the Syndis vision forward.

He is a popular instructor and speaker in Iceland, having for instance taught university-level technical computer security courses at both the University of Iceland and Reykjavik University between 2012-2015. Theódór has also presented at various conferences on state-of-the-art topics relating to information security.

Prior to co-founding Syndis, Theódór worked for Capacent, TERIS, and KPMG, where he performed technical offensive security consulting and assessments.

Iris Kristjansdottir

Íris Kristjánsdóttir
Head of Business Development

Business Development Leader, focusing on Managed Security Services

Iris has over twelve years' experience in Information technology, starting as a Web Developer in London before relocating to Iceland, where she worked at Opin kerfi for ten years as an Account Manager in Hosting and Service solutions.

During her time Iris has developed a profound understanding of the challenging confluence of technical and business requirements and takes pride in seamlessly transferring customer ideas into commercially viable solutions.

Iris holds a B.Sc. in Business Science from Reykjavik University and is an IPMA Certified Project Manager.



Björn Símonarson

Björn Símonarson
Principal Researcher

Senior information security professional, focusing on forensics and new technologies

Björn has a B.Sc. in Electronics Engineering with emphasis on embedded systems, low-level programming and RF technology. He has multiple years of experience in systems engineering on air defense and military communication systems and in security, both in private and government sector. He served as an INFOSEC and COMSEC officer and represented Iceland in various security working groups and accreditation boards during his time as a government employee.

His experience in information security ranges from defensive security on military networks to penetration testing of some of the largest organizations in Iceland, including financial, telecommunications and government.

Charlie Eriksen

Charlie Eriksen
Senior Security Engineer

Information security professional with focus on development, coding genius.

Charlie has spent his last few years doing application security in the gaming industry, and spent countless hours doing security research against both open and closed source applications. He has worked with major vendors on vulnerabilities he has discovered during his research. He has already presented at multiple conferences, including Nordic Security Conference. He has also done work on anomaly detection in video games and related systems, which he has presented about.

He has also done work on incident response situations relating to malware attacks, system breaches, and denial of service attacks for various organizations.

Ýmir Vigfússon

Ýmir Vigfússon, PhD
Co-Founder & Chief Science Officer

Professor in residence, security educator and system builder.

Ýmir is Assistant Professor of Mathematics and Computer Science at Emory University and Assistant Professor of Computer Science at Reykjavik University. He leads the research strategy of Syndis. Ýmir obtained a PhD in Computer Science from Cornell University in 2009, where his dissertation was nominated for the ACM Doctoral Dissertation award, and worked as a research scientist at IBM Research on innovations in distributed systems.

With more than 16 years of experience in computer security, Ýmir is a pioneer in offensive exploitation of computer software. He invented various techniques to leverage security vulnerabilities in software, and wrote many of the first "Format string" and "Heap overflow" exploits. His TEDx talk on why he teaches people how to hack went viral in 2014. Ýmir has published over 30 academic articles, holds 4 patents and loves cats. His professional web site is

Rich Smith

Rich Smith

Information security expert, leader in offensive research.

Rich has worked professionally in the space of offensive security for over 10 years where his research has been focused on the areas offensive tooling and framework design, post-exploitation strategies along with continual vulnerability research and exploit development. In addition to his research, Rich performs consulting and attack services across a range of verticals including National Security, Financial, Technology, and the Entertainment industry.

Prior to co-founding Syndis, Rich led the Attack Technology Division at Kyrus Tech (DC), held a Vice President role at Morgan Stanley (NY) as the lead cyber-threat specialist, was a senior researcher at Immunity Inc (FL) and led the Research In Offensive Technologies and Threats group at Hewlett-Packard's European Labs (UK). He is currently the Director of Security at DUO security Inc.

Hörður Ellert Ólafsson

Marketing, branding and business guru.

Hörður has a 10 years of entrepreneurial and consultancy experience in Iceland, Scandinavia and South Africa. Hörður has consulted for a variety of organizations, both domestic and international, ranging from government, to small NGO's, to startups and large companies within the creative, technology, and sustainability industries.

Hörður studyed Entrepreneurial Leadership at the KaosPilots, Denmark. Hörður's education focused on Creative Project Leadership, Creative Business Design, Creative Process Design and Creative Leadership.

Bergsteinn Karlsson
Security Engineer

Cybercrime investigator #1.

Bergsteinn has worked in law enforcement for the past decade both as a patrol officer and as a detective. His experience ranges from local to internationally cooperative cases in fields such as narcotics, cyber and organized crime. 

He has in recent times been more involved cybercrime investigations. His work for the police has given him a valuable insight into the workings of the legal administration and judicial system in addition to a comprehensive understanding of criminal mentality. As a first responder he learned to deal with critical situations and work under pressure whilst having to keep his composure.

Bergsteinn has a B.Sc. in Computer Science from Reykjavik University where he was first introduced to Syndis through their security course TOOR.

Hlynur Óskar Guðmundsson
Security Developer

Iceland's CTF co-grand master

Hlynur is a Research-based Computer Science student at Reykjavík University and a Full Stack Developer. He is one of the founders and organizers of the highly successful hacking competition, IceCTF that is hosted annually. He creates interesting security challenges to get people excited about Computer Security and develops a safe environment for people to explore software and how it breaks. Hlynur is currently developing an educational platform that teaches developers to be more security aware.

Prior to joining Syndis, Hlynur worked as a System Administrator for Governmental Agencies and as a Web Developer at a Telecommunications company.

James Elías Sigurðarson
Security Developer

Iceland's CTF co-grand master

James is a Computer Science and Discrete Mathematics student at Reykjavík University
and a Full Stack Developer. James has over 7 years of experence in IT and Web Development, ranging from roles as a Systems Administrator to managing and developing critical systems.
He is one of the founders and organizers of the highly successful hacking competition, IceCTF that is hosted annually. He creates interesting security challenges to get people excited about Computer Security and develops a safe environment for people to explore
software and how it breaks. James is currently developing an educational platform that
teaches developers to be more security aware.