Ankara, Türkiye
Driving security strategy across application, cloud, DevSecOps, and critical infrastructure domains. I lead multidisciplinary security teams covering Application Security, DevSecOps, Cloud Security, Compliance, Red Team, and SOC, with a strong focus on AI-driven security automation. My work centers on building AI-enabled red team operations, AI-integrated CI/CD security pipelines, and cloud-native application protection (CNAPP) architectures that scale across complex enterprise and national environments. I have hands-on and leadership experience in critical infrastructure security, including aviation and maritime cyber security, where cyber risk directly intersects with safety, geopolitics, and national resilience. I participated in CWIX as a National Cyber Lead, and contributed to NATO Locked Shields by designing digital forensics scenarios, translating real-world threats into high-impact defensive exercises. Beyond operations, I focus on strategic threat understanding—particularly APT profiling, state-level threat behavior, and AI-automated offensive security—to help organizations move from reactive defense to proactive, intelligence-driven security posture. I am the author of six published books and the creator of five Udemy courses, aimed at bridging the gap between deep technical expertise and strategic security thinking. Certifications: CISSP, CCSP, ISO 27001 Lead Auditor, ISO42001 Lead Auditor, GPEN, GREM, OSWP, CEH, ECSA, LPT, eCPPTv2, CCNA, CCNP, THP Languages: English (fluent), Russian (intermediate), Arabic (basic) Outside of cybersecurity, I work on creative disciplines including novel writing, diorama design, and music, believing that strong security leadership requires both analytical rigor and creative thinking. Cyber security is not just a technical challenge — it is a leadership, decision-making, and resilience problem.
Driving security strategy across application, cloud, DevSecOps, and critical infrastructure domains. I lead multidisciplinary security teams covering Application Security, DevSecOps, Cloud Security, Compliance, Red Team, and SOC, with a strong focus on AI-driven security automation. My work centers on building AI-enabled red team operations, AI-integrated CI/CD security pipelines, and cloud-native application protection (CNAPP) architectures that scale across complex enterprise and national environments. I have hands-on and leadership experience in critical infrastructure security, including aviation and maritime cyber security, where cyber risk directly intersects with safety, geopolitics, and national resilience. I participated in CWIX as a National Cyber Lead, and contributed to NATO Locked Shields by designing digital forensics scenarios, translating real-world threats into high-impact defensive exercises. Beyond operations, I focus on strategic threat understanding—particularly APT profiling, state-level threat behavior, and AI-automated offensive security—to help organizations move from reactive defense to proactive, intelligence-driven security posture. I am the author of six published books and the creator of five Udemy courses, aimed at bridging the gap between deep technical expertise and strategic security thinking. Certifications: CISSP, CCSP, ISO 27001 Lead Auditor, ISO42001 Lead Auditor, GPEN, GREM, OSWP, CEH, ECSA, LPT, eCPPTv2, CCNA, CCNP, THP Languages: English (fluent), Russian (intermediate), Arabic (basic) Outside of cybersecurity, I work on creative disciplines including novel writing, diorama design, and music, believing that strong security leadership requires both analytical rigor and creative thinking. Cyber security is not just a technical challenge — it is a leadership, decision-making, and resilience problem.
I worked in the Cyber Threat Intelligence (CTI) department as a Cyber Threat Intelligence Manager, where I led and executed end-to-end cyber threat intelligence operations to proactively defend organizational infrastructures against advanced cyber threats. My core responsibilities included profiling APT groups, investigating sophisticated threat actors, and developing detailed Tactics, Techniques, and Procedures (TTPs) to better understand adversary behavior. I actively conducted and managed incident response and cybercrime investigations, supporting both strategic and operational security decision-making. I was responsible for planning, executing, and overseeing threat hunting and compromise assessment activities, as well as managing and contributing to malware analysis, botnet analysis, and botnet infrastructure mapping processes. In parallel, I worked extensively with SOC platforms, contributing to their operation, optimization, and management. To strengthen detection and prevention capabilities, I designed and executed adversary simulations to generate actionable Indicators of Compromise (IoCs) and enhance defensive mechanisms. I regularly produced strategic, tactical, and operational cyber threat intelligence reports, delivering timely and actionable insights on current and emerging adversaries. Through this role, I developed strong expertise in cyber attack methodologies, red teaming techniques, and intelligence-driven security operations, enabling proactive risk mitigation and informed security strategy development.
I worked as a Cyber Security Consultant, providing strategic and technical advisory services to organizations to help them strengthen their cybersecurity posture and align security initiatives with business objectives. In this role, I advised senior management and security teams on the design, development, and implementation of cybersecurity policies, strategies, and governance frameworks, supporting the creation of comprehensive cybersecurity policies, standards, and procedures in line with international best practices and regulatory requirements. I actively contributed to cyber risk management activities, helping organizations identify, assess, and mitigate cyber risks, and supported decision-makers in defining security roadmaps and long-term cybersecurity strategies. My consultancy work also included guidance on incident response planning, security awareness, and organizational readiness against emerging cyber threats. In addition to consultancy activities, I delivered lectures, workshops, and hands-on training sessions for technical and non-technical audiences. These trainings covered a wide range of topics including cybersecurity fundamentals, threat landscape awareness, secure systems, incident response, and modern attack techniques, aiming to improve both technical capabilities and security culture across organizations. Through this role, I gained strong experience in communicating complex cybersecurity concepts to diverse stakeholders, bridging the gap between technical teams and executive leadership, and contributing to the development of sustainable, policy-driven cybersecurity programs.
I worked as a Malware Analyst, specializing in the analysis of malicious software through reverse engineering and advanced malware analysis techniques. In this role, I analyzed a wide range of malicious artifacts to understand their behavior, capabilities, and impact on target systems. I performed both static and dynamic malware analysis on various file types, including document-based malware (Office files, PDFs), Windows executables, and Linux binaries. My analysis focused on identifying execution flows, persistence mechanisms, evasion techniques, command-and-control (C2) communications, and malicious payload delivery methods. I have hands-on experience using industry-standard reverse engineering and debugging tools such as radare2, Ghidra, OllyDbg, Immunity Debugger, WinDbg / Win64Dbg, and Scylla, along with other supporting analysis frameworks and utilities. I regularly used these tools to unpack protected binaries, bypass anti-analysis techniques, reconstruct import tables, and extract actionable indicators. Additionally, I designed and set up a dedicated malware analysis laboratory, creating isolated and controlled environments for safe analysis. This lab supported dynamic execution, behavioral monitoring, memory analysis, and network traffic inspection, enabling comprehensive end-to-end malware investigations. Through this role, I developed strong expertise in malware internals, reverse engineering methodologies, evasion techniques, and threat actor tooling, contributing directly to threat intelligence, incident response, and proactive defense capabilities.