M. Alparslan Akyıldız

Cyber Security Group Manager

Ankara, Türkiye

About

Driving security strategy across application, cloud, DevSecOps, and critical infrastructure domains. I lead multidisciplinary security teams covering Application Security, DevSecOps, Cloud Security, Compliance, Red Team, and SOC, with a strong focus on AI-driven security automation. My work centers on building AI-enabled red team operations, AI-integrated CI/CD security pipelines, and cloud-native application protection (CNAPP) architectures that scale across complex enterprise and national environments. I have hands-on and leadership experience in critical infrastructure security, including aviation and maritime cyber security, where cyber risk directly intersects with safety, geopolitics, and national resilience. I participated in CWIX as a National Cyber Lead, and contributed to NATO Locked Shields by designing digital forensics scenarios, translating real-world threats into high-impact defensive exercises. Beyond operations, I focus on strategic threat understanding—particularly APT profiling, state-level threat behavior, and AI-automated offensive security—to help organizations move from reactive defense to proactive, intelligence-driven security posture. I am the author of six published books and the creator of five Udemy courses, aimed at bridging the gap between deep technical expertise and strategic security thinking. Certifications: CISSP, CCSP, ISO 27001 Lead Auditor, ISO42001 Lead Auditor, GPEN, GREM, OSWP, CEH, ECSA, LPT, eCPPTv2, CCNA, CCNP, THP Languages: English (fluent), Russian (intermediate), Arabic (basic) Outside of cybersecurity, I work on creative disciplines including novel writing, diorama design, and music, believing that strong security leadership requires both analytical rigor and creative thinking. Cyber security is not just a technical challenge — it is a leadership, decision-making, and resilience problem.

Experience

  • NATO Center of Excellence-Defense Against Terrorism, Academic Consultant and Lecturer at NATO
    Jan 2026 - Present · 7 mos

  • Cyber Security Group Manager at HAVELSAN
    Dec 2024 - Present · 1 yr 8 mos

    Driving security strategy across application, cloud, DevSecOps, and critical infrastructure domains. I lead multidisciplinary security teams covering Application Security, DevSecOps, Cloud Security, Compliance, Red Team, and SOC, with a strong focus on AI-driven security automation. My work centers on building AI-enabled red team operations, AI-integrated CI/CD security pipelines, and cloud-native application protection (CNAPP) architectures that scale across complex enterprise and national environments. I have hands-on and leadership experience in critical infrastructure security, including aviation and maritime cyber security, where cyber risk directly intersects with safety, geopolitics, and national resilience. I participated in CWIX as a National Cyber Lead, and contributed to NATO Locked Shields by designing digital forensics scenarios, translating real-world threats into high-impact defensive exercises. Beyond operations, I focus on strategic threat understanding—particularly APT profiling, state-level threat behavior, and AI-automated offensive security—to help organizations move from reactive defense to proactive, intelligence-driven security posture. I am the author of six published books and the creator of five Udemy courses, aimed at bridging the gap between deep technical expertise and strategic security thinking. Certifications: CISSP, CCSP, ISO 27001 Lead Auditor, ISO42001 Lead Auditor, GPEN, GREM, OSWP, CEH, ECSA, LPT, eCPPTv2, CCNA, CCNP, THP Languages: English (fluent), Russian (intermediate), Arabic (basic) Outside of cybersecurity, I work on creative disciplines including novel writing, diorama design, and music, believing that strong security leadership requires both analytical rigor and creative thinking. Cyber security is not just a technical challenge — it is a leadership, decision-making, and resilience problem.

  • Cyber Security Unit Manager at T.C. Cumhurbaşkanlığı Dijital Dönüşüm Ofisi
    Aug 2023 - Dec 2024 · 1 yr 5 mos

  • CTO Advisor at Barikat Siber Güvenlik
    Mar 2023 - Jun 2023 · 4 mos

  • T.C. Cumhurbaşkanlığı (5 yrs 8 mos)
    • Cyber Security Threat Intelligence Manager
      Apr 2021 - Jan 2023 · 1 yr 10 mos

      I worked in the Cyber Threat Intelligence (CTI) department as a Cyber Threat Intelligence Manager, where I led and executed end-to-end cyber threat intelligence operations to proactively defend organizational infrastructures against advanced cyber threats. My core responsibilities included profiling APT groups, investigating sophisticated threat actors, and developing detailed Tactics, Techniques, and Procedures (TTPs) to better understand adversary behavior. I actively conducted and managed incident response and cybercrime investigations, supporting both strategic and operational security decision-making. I was responsible for planning, executing, and overseeing threat hunting and compromise assessment activities, as well as managing and contributing to malware analysis, botnet analysis, and botnet infrastructure mapping processes. In parallel, I worked extensively with SOC platforms, contributing to their operation, optimization, and management. To strengthen detection and prevention capabilities, I designed and executed adversary simulations to generate actionable Indicators of Compromise (IoCs) and enhance defensive mechanisms. I regularly produced strategic, tactical, and operational cyber threat intelligence reports, delivering timely and actionable insights on current and emerging adversaries. Through this role, I developed strong expertise in cyber attack methodologies, red teaming techniques, and intelligence-driven security operations, enabling proactive risk mitigation and informed security strategy development.

    • Cyber Security Consultant
      Oct 2018 - Apr 2021 · 2 yrs 7 mos

      I worked as a Cyber Security Consultant, providing strategic and technical advisory services to organizations to help them strengthen their cybersecurity posture and align security initiatives with business objectives. In this role, I advised senior management and security teams on the design, development, and implementation of cybersecurity policies, strategies, and governance frameworks, supporting the creation of comprehensive cybersecurity policies, standards, and procedures in line with international best practices and regulatory requirements. I actively contributed to cyber risk management activities, helping organizations identify, assess, and mitigate cyber risks, and supported decision-makers in defining security roadmaps and long-term cybersecurity strategies. My consultancy work also included guidance on incident response planning, security awareness, and organizational readiness against emerging cyber threats. In addition to consultancy activities, I delivered lectures, workshops, and hands-on training sessions for technical and non-technical audiences. These trainings covered a wide range of topics including cybersecurity fundamentals, threat landscape awareness, secure systems, incident response, and modern attack techniques, aiming to improve both technical capabilities and security culture across organizations. Through this role, I gained strong experience in communicating complex cybersecurity concepts to diverse stakeholders, bridging the gap between technical teams and executive leadership, and contributing to the development of sustainable, policy-driven cybersecurity programs.

    • Malware Analyst & Incident Response Expert
      Jun 2017 - Oct 2018 · 1 yr 5 mos

      I worked as a Malware Analyst, specializing in the analysis of malicious software through reverse engineering and advanced malware analysis techniques. In this role, I analyzed a wide range of malicious artifacts to understand their behavior, capabilities, and impact on target systems. I performed both static and dynamic malware analysis on various file types, including document-based malware (Office files, PDFs), Windows executables, and Linux binaries. My analysis focused on identifying execution flows, persistence mechanisms, evasion techniques, command-and-control (C2) communications, and malicious payload delivery methods. I have hands-on experience using industry-standard reverse engineering and debugging tools such as radare2, Ghidra, OllyDbg, Immunity Debugger, WinDbg / Win64Dbg, and Scylla, along with other supporting analysis frameworks and utilities. I regularly used these tools to unpack protected binaries, bypass anti-analysis techniques, reconstruct import tables, and extract actionable indicators. Additionally, I designed and set up a dedicated malware analysis laboratory, creating isolated and controlled environments for safe analysis. This lab supported dynamic execution, behavioral monitoring, memory analysis, and network traffic inspection, enabling comprehensive end-to-end malware investigations. Through this role, I developed strong expertise in malware internals, reverse engineering methodologies, evasion techniques, and threat actor tooling, contributing directly to threat intelligence, incident response, and proactive defense capabilities.