Nicolai Søborg
A good looking picture.
M.Sc. in Information Technology
Open-source enthusiast.
Interested in cyber security and practical cryptology.

Work Experience

04/2022 – ∞
Senior Security Engineer
Azure, infrastructure, python
Mastercard expands open banking reach with acquisition of Aiia.
I did a lot of DevSecOps (Global Admin in Azure, Super Admin in Google Workspace, Slack Workspace Admin, GitHub Admin, 1Password Admin, DNS Admin, …), created a bunch of custom scripts for audit logging, Slack/GitHub bots for alerting, etc
  • Azure Active Directory — hardening, cleanup, management
  • Sentinel — SOC, monitoring
  • Azure Managed HSM — provinsioning, management
08/2021 – 04/2022
Lead Security Engineer
Azure, infrastructure, C#, .NET Core
Spiir became Nordic API Gateway became Aiia and the end of the end of the reversing-era occurred. PSD2 meant new challenges and a ton of new solutions to audit and pentest.
  • ASP.NET Core — API security
  • mTLS, x.509, QWAC/QSeal — Lot's of non-standard TLS fun
  • Internal pentest of homegrown systems
  • Audit implementations of OAuth2
Nordic API Gateway
09/2019 – 08/2021
Reverse Engineer
Frida, jadx, C#, .NET Core
Reverse-engineering mobile bank apps.
  • Decompiling APKs
  • Figuring out custom cryptography/encodings
  • Re-implementing APIs
  • Making internal tools to automate the process
02/2016 – 08/2019
Student helper (DevOps)
Python, Bash, JS, Linux
I mostly automated checks to monitor that everything was running as expected. Did a lot of packaging (bio-)tools to .deb packages. And helped develop an internal tool to search in terabytes of proteins/dna/genomes.
  • Automation using Python3 and bash
  • RESTful Django web service
  • Frontend in React (JavaScript)
  • Distributed big data storage using HBase and Hadoop
  • Purely Linux (Ubuntu) based ecosystem
I've learned a lot of practical debugging/bug-finding on a variation of different live systems.


Master Degree
Technical University of Denmark (DTU)
2017 — 2019
Python3, Java, Linux
The title of my master thesis is “Analyzing the security of IoT devices” in which I wrote about when weaknesses turns into vulnerabilities, using a lot of data from MITRE (CVE, CVSS, CWE & CAPEC).
I had the following courses at DTU during my master:


I have experience working with the following technologies:
  • Python3
  • Linux
  • Azure
  • git
  • C#
  • JavaScript
  • Frida
  • (Bash-)scripting
  • SQL
But am willing to learn new tools, languages, and platforms.

I like fixing bugs / contributing new features to open-source projects. List of projects I've contributed to:
Project Pull Request
Mastodon Fix frame_rate for videos where ffprobe reports 0/0
QubesOS Fix service qubesd not working with some locales
keybase Add .deb GUI dependencies. Fixes #9872 and #17365
mautrix/facebook Auth: redact login command
lynis Check MemoryOverwriteRequest Control
azure-docs Note about Token Store for Claims Mapping to work
azure-docs Defender for Cloud on Management Group Tip
azure-cli [Network] az network dns zone import: Fix alias records cannot be imported
azure-pipelines-tasks AzureFunctionApp@2: Better alias for Service Connection
azure-storage-python Fix "SyntaxWarning: is with a literal."
apkdiff Add --no-debug-info to apktool
tinyproxy Change loglevel for "Maximum number of connections reached"
postmark-dotnet Fix PostmarkInboundMessage.Attachment model
jnitrace Track jstring
MetaMask/eth-phishing-detect Add Privnote phishing sites

Capture-The-Flag (CTF)

In my free time I like to play CTF's. I usually don't do writeups, but once in a while a writeup will be added to my ctf-writeups repo ( Playing as part of team Kalmarunionen. My CTFtime profile ( is pretty up to date.