Istanbul, Istanbul, Türkiye
Expert Security Engineer bringing 5 years of expertise in cyber security area. Effectively manage assignments and team members. Dedicated to self-development to provide exceptions-exceeding service with vast experience in effective operations.Displays outstanding knowledge and practical expertise to provide exceptional all-around services.
- Coordinating and conducting event collection, log management, event management, compliance automation, and identity monitoring activities using the Qradar and Splunk platforms - Creating SIEM&SOAR use-cases, correlation rules dashboarding and playbooks by using Splunk - Solid understanding of networking and linux OS & Windows and security domains such as Mail, DNS etc. - Experienced in NDR&NTA solutions - Deep knowledge of Deception technologies such as Attivo and responsible for creating new use cases for deception. - Part of Detection Engineering Team - General Knowledge of purple teaming - Deep knowledge in capacity planning, optimization and architecture of SIEM solutions - General Knowledge on scripting language like python - Responsible of Data pipeline, parsing routing filtering out by using Regex
- Provide for the operational management of security products and services, third-party connections, patching, certificate management, identify access management, and provide support to the Identity & Access Management team - Manage the CyberArk AAM and Conjur module projects - Responsible of administration CyberArk PAM module - Performing several PoCs such as Conjur and implementation of it to DevOps environment - Maintaining PAM solutions and improvement of daily basis tasks.
Provide for the operational management of security products and services including firewalls, networks, third-party connections, encryption technologies, patching, certificate management, anti-virus, email security controls, intrusion detection systems, intrusion prevention, virtual private networks, and identify access management. Determine security baseline configurations and practices for operating systems, web applications, mobile applications, client endpoints, servers, network, identity and access, data usage and security operations and security controls to reduce attack surface and to ensure the confidentiality, integrity, and availability of corporate data. Provide content creation and policy tuning for multiple security detection and alerting tools, including CISCO ISE, McAfee, Symantec DLP, Symantec Datacenter Security, Splunk, Imperva,etc. Provide support to the Identity & Access Management team (Cyberark)
Consultancy in risk assessments Knowledge about information security solutions Assisting customers for regulatory compliances