trym.cloud / labs
$ cat /cv.md  ·  updated 2026-05-23

Trym Håkansson

Senior Cybersecurity Consultant · Spirhed Norway AS · Moss, Norway

Download CV (PDF) Get in touch
01 · Contact

Reach

02 · Summary

What I do

Senior Cybersecurity Consultant at Spirhed Norway. Advises on, designs and implements Microsoft security solutions — runs PoCs and technical pilots across the Microsoft security platform, and shapes methods for more accessible, value-driven security monitoring.

Before Spirhed, built Crayon's Managed Detection and Response service from scratch and led the security operations team for 6 months. Two years of hands-on cloud security consulting before that: forensic investigations, identity security deployments, and KQL hunting in Microsoft Sentinel and Defender XDR.

03 · Experience

Roles

April 2026 – Present Moss, Norway — here now

Senior Cybersecurity Consultant · Spirhed Norway AS

  • Advises on, designs and implements Microsoft security solutions for Norwegian customers.
  • Runs PoCs and technical pilots across the Microsoft security platform (Sentinel, Defender XDR, Entra, Intune).
  • Builds concepts and methods for more accessible, value-driven security monitoring.
September 2025 – March 2026 Moss, Norway

Lead, Security Operations · Crayon

  • Built Crayon's MDR service from zero — offering, onboarding, multi-tenant operations.
  • Designed multi-tenant security infrastructure across Azure and M365 Lighthouse.
  • Led incident response for enterprise clients, coordinating SOC and IT teams during active threats.
March 2025 – September 2025 Norway

Security Engineer · Crayon

  • Ran incident response and threat hunts across Microsoft Sentinel, Defender XDR, and Defender for Identity in hybrid environments.
  • Wrote KQL hunting queries for forensic analysis. Identified and contained advanced threats across customer tenants.
  • Built detection automation that cut response time and reduced false positives.
October 2023 – March 2025 Grålum

Cloud Security Consultant · Crayon

  • Handled incident response using Defender XDR and Microsoft Sentinel to contain active threats.
  • Built KQL detection queries that reduced false positive rates across customer environments.
  • Ran forensic investigations with Microsoft Purview and delivered reports that stakeholders actually acted on.
  • Deployed phishing-resistant MFA and automated IAM policies with Terraform.
October 2022 – September 2023 Grålum

Support Consultant · Crayon

  • Technical support and troubleshooting for Microsoft 365 and Azure environments.
  • Improved issue handling processes and built internal knowledge documentation.
  • Worked with senior engineers to resolve complex escalations faster.
January 2022 – October 2022 Moss, Norway

IT Consultant · Byggfakta Group

  • Supported and maintained IT hardware/software for internal and external users.
  • Improved documentation and case escalation processes.
July 2021 – January 2022 Sarpsborg, Norway

IT Consultant · Viken fylkeskommune

  • Operated, troubleshooted, and supported school and office IT environments.
  • Implemented AV solutions and configured networks for educational purposes.
August 2017 – August 2019 Moss, Norway

Information Technology Trainee · Østfold fylkeskommune

  • First-line IT support and operations at Malakoff High School.
  • Two years of first-line IT support across a large high school.
04 · Skills

Stack

  • Microsoft Security architecture
  • Microsoft Sentinel
  • Defender XDR
  • KQL
  • Incident Response
  • Threat Hunting
  • MDR service design
  • Azure Security
  • Identity & access (Entra ID)
05 · Certifications

Credentials

  • Microsoft Certified: Security Operations Analyst Associate (SC-200)
  • Microsoft Certified: Azure Fundamentals (AZ-900)
  • NSM ICT Security Principles (Norwegian National Security Authority)
  • Vocational Certificate in ICT Services
06 · Education

Schooling

Østfold University College — Information Technology (2020–2021)