Craig has been working in IT security since 1988, holding positions at The Santa Cruz Operation as security architect for SCO UNIX, and at Lutris Technologies as security architect for the Enhydra Enterprise Java Application Server. He joined Symbian in 2002, working in product management and strategy.

A member of The Open Group Security Forum (originally the X/Open Security Working Group) since 1993, sitting on the Steering Committee since 1999, he has contributed to several published security standards. These include XBSS (baseline system security requirements), XDAS (distributed audit) and XSSO (single sign-on). He has also participated in standards work within POSIX, IETF, the Java Community Process, and the Open Mobile Alliance. He graduated from the University of Warwick with a BSc. in computer science in 1984. He has several patents pending on security-related technologies.

Craig is co-author of The Open Group Technical Guide to Security Design Patterns, ISBN 1-931624-27-5 and lead author of The Open Group Guide to Digital Rights Management.