Ahmet Han

Cyber Security Defense Senior Consultant

Istanbul, Türkiye

About

Highly motivated and results-oriented cybersecurity professional with 9 years of experience in technical security. Possesses a strong background in Digital Forensics & Incident Response, Threat Hunting, Cloud Security, and OT Security. Leverages an adaptive security approach to proactively address emerging threats. Key Skills: • Vulnerability Assessment & Penetration Testing: Kali Linux, Sqlmap, OWASP, Metasploit • Network Security: Pfsense Firewall, Snort, Suricata, SELKS, Ossec, Security Onion, NSM • Endpoint & Network Detection & Response: Fireeye HX, Crowdstrike Falcon, Symantec, Microsoft Defender for Endpoint, Vectra, Darktrace, Fireeye NX, PX, Web APT • Security Information & Event Management (SIEM): HP Arcsight, IBM Qradar, Azure Sentinel • Database Auditing: Imperva, IBM Security Guardium • Cyber Threat Intelligence (CTI): Shodan, ZoomEye, Twitter, Censys, DeepWeb, OpenCTI • Vulnerability & Threat Management (VTM): Tenable Security Center, Qualys VMDR, Nessus, Acunetix, Defender For Cloud, Claroty,Bizzy • Microsoft Azure Cloud Security: Azure, Defender for Cloud Apps, Azure Active Threat Protection (AATP), Cloud Application Security Broker (CASB), Microsoft Defender for Cloud (MDC), Microsoft Defender for Identity (MDI), Microsoft Endpoint Manager (MEM), Microsoft Defender for Endpoint (MDE) • Security Orchestration, Automation, and Response (SOAR): Palo Alto XSOAR, Arcsight SOAR, IBM Resilient • Digital Forensics & Incident Response (DFIR): Volatility, Encase, Autopsy, KApe, Falcon, Redline • Reverse Engineering & Malware Analysis: x64dbg, IDA Pro, WinDbg • OT & ICS Cybersecurity: ICS, SIS, PHD, DCS, Historian, Claroty • Enterprise Security Architecture & Products: Palo Alto Firewall, Forcepoint Proxy, VPN, Privileged Access Management (PAM), Zero Trust Network Access (ZTNA), Intrusion Prevention System (IPS) Areas of Interest: • Threat Hunting activities and anomaly detection using TTPs, MITRE ATT&CK, Advisory Emulations, EQL, Red Teaming • Static & Dynamic Malware Analysis (Wireshark, Sysinternals, Fiddler, PE Explorer, PE Studio, PEiD, ApateDNS, NetworkMiner, OllyDbg, PeBear, CFF Explorer) • Independent research in cybersecurity areas like malware, intrusion detection, policy development, security audits, regulations, threat hunting, and cyber defense & incident response • Proof of Concept (POC) for various cybersecurity products (Deception, UEBA, SIEM, EDR, ATP, EPP, NDR, SOAR, CTI, Attack & Breach Tools, Incident Response) "If you know your network and your systems, you need not fear the result of a hundred cyber battles." - Sun Tzu

Experience

  • Tüpraş (4 yrs 5 mos)
    • Cyber Security Defense Senior Consultant
      Oct 2024 - Present · 1 yr 10 mos

    • Cyber Attack Monitoring & Defense Senior Consultant
      Mar 2022 - Present · 4 yrs 5 mos

  • Member of the Board at ISACA-Istanbul
    Feb 2016 - Present · 10 yrs 6 mos

    * Student Member & Supporter

  • Cyber Incident Response Expert, Cyber Security Defence Mgmt. at Vodafone Turkey at Vodafone
    Mar 2020 - Mar 2022 · 2 yrs 1 mo

    Cyber Incident Response & Management, Threat Hunting, Security Analysis, Vulnerability & Threat Management, Cyber Threat Intelligence, SOC Development,

  • Kuveyt Türk Bank (4 yrs 10 mos)
    • IT Cyber Security Engineer
      Jun 2016 - May 2020 · 4 yrs

      Cyber Security Emergency Response Team * Cyber Security Incident Monitoring & Management & Handling & Analysis, * Vulnerability & Threat Management, * Security Analysis & Threat Hunting, * IT Security Audit, * Information Security, * Security Administration,

    • Jr. Information Security Specialist
      Aug 2015 - Jun 2016 · 11 mos

      Information Technology Security Management Department * Support Managed Security Services with security tools & devices level 1&2 operations( McAfee Epo, Citrix, Trend Micro DDI, Nessus, Mcafee NSM, Hp Arcsight ESM&Logger) * Support CERT&&(SOME) Team Development Process * Auditing & Monitoring Security Logs ( Hp – Argsight Logger, ESM, ADP,ATD,Command Center) * Understanding Enterprise Information Security Process * IT Security Incident Monitoring & Management * Following Specific Financial Cyber Threats , Providing CTI and handling specific security cases,

  • Compulsory Military Service at TSK (Türk Silahlı Kuvvetleri)
    Feb 2019 - Jul 2019 · 6 mos

    Border Line Security in North Cyprus U.K Sovereign Base Area