Istanbul, Istanbul, Türkiye
Looking for Trouble
I was responsible for managing and overseeing the implementation, positioning, and administration of various security products, including SIEM, EDR, CASB, Proxy, CTI, and AWS Security. This involved configuring and optimizing these solutions to enhance threat detection, incident response, and overall security posture. Additionally, I ensured seamless integration and effective management of these tools to protect the organization's infrastructure and sensitive data.
Managed and optimized SIEM, EDR, and antivirus solutions to ensure comprehensive threat detection and response capabilities. Conducted regular security assessments and audits to identify vulnerabilities and develop strategies for mitigation. Collaborated with cross-functional teams to develop and enforce security policies, procedures, and best practices. Investigated security incidents and coordinated incident response activities to minimize the impact of breaches.
Managed and developed correlation rules for SIEM platforms QRadar and Splunk to enhance threat detection capabilities. Utilized and managed AV solutions, including TrendMicro, to ensure comprehensive endpoint protection. Implemented and managed Container Security Solutions such as Prisma Cloud to secure cloud-native applications and environments. Deployed and managed EDR solutions like CrowdStrike to detect and respond to advanced threats. Utilized CTI solutions like SocRadar,BranDefense to gather and analyze threat intelligence data. Collected and managed Linux logs using tools such as Cribl, Rsyslog, and Auditd to monitor system activities and detect anomalies. Proactively followed cyber threat intelligence sources to stay updated on emerging threats and vulnerabilities. Projects; --- HBScout : Phishing Domain Follower (Status and Records) --- Leaked User Control : Python --- CS News : Python Flask --- Inventory Control Tools : Python
Managed SIEM solutions Qradar and ArcSight, including developing correlation rules to enhance threat detection and response capabilities. Actively followed cyber threat intelligence sources to stay updated on emerging threats and vulnerabilities, facilitating proactive defense measures. Led L1 & L2 teams, providing guidance and mentorship to ensure effective incident response and resolution. Participated as a Purple Team Member, collaborating with Red and Blue Teams to assess and improve overall security posture through simulated attacks and defense exercises.