Busra Ugur

Detection Engineer & SOC Analyst | Threat Hunting & Adversary Emulation | Sigma Rule Development | MITRE ATT&CK Research

Türkiye

About

Github: https://github.com/busraugurx SOC Analyst with hands-on experience in threat detection, incident analysis, and detection engineering, focused on building practical, high-signal detections rather than theoretical rules. - I actively develop Sigma detection rules mapped to MITRE ATT&CK techniques, validating them through Atomic Red Team adversary emulation and real Windows telemetry (Sysmon, Event Logs). My work emphasizes fileless attack detection, PowerShell abuse, registry-based execution, and process-level behavioral analysis. - Experienced with SIEM platforms such as Splunk and Wazuh, I am comfortable analyzing large-scale logs, identifying suspicious patterns, and translating attacker behavior into actionable detection logic. I enjoy working close to the technical core of security operations where adversary behavior meets logs, rules, and alerts. - My background includes enterprise and consultancy environments, contributing to incident response, security monitoring, cyber maturity assessments, and detection use case development. I value structured methodologies (MITRE ATT&CK, Blue Teaming) but prioritize hands-on testing and continuous improvement. - Currently focused on strengthening my expertise in detection engineering, adversary emulation, and blue team operations, while consistently publishing technical work on GitHub and sharing learnings with the cybersecurity community.

Experience

  • Security Operations Center Analyst at SOCRadar® Extended Threat Intelligence
    Jun 2026 - Present · 2 mos

  • SOC Analyst at InfinitumIT
    Feb 2025 - May 2025 · 4 mos

  • Cyber Security Analyst at KPMG Turkiye
    Sep 2023 - Jul 2024 · 11 mos

  • Cyber Security Analyst at PurpleBox, Inc.
    Jul 2023 - Aug 2023 · 2 mos

  • Web Developer at Mava
    Jun 2022 - Aug 2022 · 3 mos