Gökay Akın

Detection & Incident Response Team Lead @ Turkish Technology | Splunk Architect | Cyber Struggle Ranger

Türkiye

About

Experience

  • Turkish Technology (1 yr 10 mos)
    • Cyber Security Incident Response Team Lead
      Feb 2026 - Present · 6 mos

    • Security Detection Engineer Team Lead
      Oct 2024 - Present · 1 yr 10 mos

  • Cyber Security Architect at SoftwareOne Turkey
    May 2024 - Oct 2024 · 6 mos

  • Hepsiburada (3 yrs 2 mos)
    • Cyber Defence Center Team Lead
      Sep 2023 - May 2024 · 9 mos

    • Senior Cyber Security Engineer
      Jan 2023 - Sep 2023 · 9 mos

    • Cyber Security Engineer
      Apr 2021 - Feb 2023 · 1 yr 11 mos

      - Reviewing existing rules and developing new scenarios by performing scenario analysis in accordance with MITRE ATT&CK Framework. - Developing rules with CDC Engineers to reduce false positive and false negatives. Management and maintenance of SIEM tools (Splunk, Splunk ES) - Experience in integrating with application logs and aggregators such as Cribl Creating rules, reports, trend reports and use cases on SIEM products in order to detect current threats and attacks. - Analyzing threat information collected from logs, IPS/IDS, intelligence reports and other sources. - Importing logs from other security products and all log sources within the company to SIEM products and troubleshooting the problems. - Working in coordination with the teams managing the relevant log source to import new log sources into SIEM. - Management and maintenance of EDR tools - Following global and local security events through cyber intelligence services and digital channels - Taking an active role in incident response processes.

  • Cyber Security Specialist at SoftwareONE Turkey
    Sep 2020 - Mar 2021 · 7 mos

    - To analyze the logs of the customers and to develop rules according to the mitre att&ck framework. - Experience in scripting language Python, bash and powershell. Improvements were made as needed. - Integration Splunk Threat Intel Management with external sources - Build, customize and deploy Splunk apps as per internal customer needs - Create data retention policies and perform index administration, maintenance and optimization - Supported customers by managing log management processes. - Research, analyze and understand log sources utilized for the purpose of security (such as operating systems, firewalls, anti-virus products and proxies ) - Performs all administration, management, configuration, testing, and integration tasks related to the Splunk. - Creating notable events for these situations after Investigate cyber security incidents and threats

  • Cyber Security Analyst at KKB Kredi Kayıt Bürosu
    Feb 2019 - Sep 2020 · 1 yr 8 mos

    - 7x24 Experience using current monitoring technologies such as:Splunk, ArcSight - SIEM content Analysis, Development and Testing - Basic understanding of cyber landscape and typical threat vectors - EDR Management (Carbon Black & FireEye HX) - Creating & Testing new rules for cyber threats - Scripting for vulnerability management - Vulnerability and Patch Management with NeXpose, Nessus - Incident Management - Workflow and Playbook preparation