Celal K.

Google, Mandiant ๐Ÿ›ก๏ธ ๐Ÿ’ป โ›ˆ Cloud Security Architect & Incident Remediation | MEng-EE | CISSP | CCSP | GCIH | CEH | AWS SAP | AWS CSAA | GCP Sec | SSCP | Security+ | Network+ | AWS CSS | Azure Sec

Dallas-Fort Worth Metroplex

About

I was born in the Netherlands, raised in Turkey, and mastered in the USA. I have a Bachelor's degree in Electronics Engineering and a Master's degree in Electronics Engineering. I have 11 years of leadership experience and 8+ years of cybersecurity and cloud experience. I am seeking opportunities for full-time or long-term careers in cybersecurity and cloud security. I am a passionate, forever learner, and a team player. Open to relocation with assistance. Specialty: Incident Response and Remediation, Data-Network-Web-Application-Cloud Security, Penetration Testing, Digital Forensics, Cloud (AWS, Azure, GCP), Data Analysis-Modeling. Certifications: Microsoft Security Fundamentals, CompTIA Network + & Security +, (ISC)ยฒ SSCP, CISSP, CCSP, Certified Ethical Hacker v10 (CEH), Splunk Core Certified User, AWS Certified Solutions Architect-Associate, AWS Certified Security-Speciality, AWS Certified Solutions Architect-Professional, GCP Security. Tools: Wireshark, Nmap, Kali Linux, Metasploit, Burp Suite, HackTheBox, OWASP ZAP, SQLmap, John the Ripper, aircrack-ng, dvwa, Tenable Nessus, Snort, Splunk, IDA Pro, PuTTY, AWS, Autopsy, GRR, Volatility, IBM QRadar, OSINT, McAfee-EDR, Cisco SourceFire, Akamai-WAF, Zscaler, ServiceNow, Palo Alto Networks Firewall PAN-OS 9.0, Cortex XDR 2.0, Firewall VM-Series in Public Cloud and AWS, Demisto Fundamentals-NG SOC, Steampipe, Prowler, CloudSplaining, ScoutSuite. Used all these tools at work and in my lab, practiced with more than 900 labs with these tools and more. Programming: C/C++, Python, Assembly, PowerShell, Bash, JavaScript, Matlab, HTML. Strengths: Hard-working, dedicated, energetic professional, highly skilled, technology-focused, detail-oriented servant leader. Strong analytical thinking, creative problem-solving skills, and technical skills. Able to work effectively in a group and as a leader. Excellent communication skills, strong work ethic, initiative, and interpersonal skills. If you would like to reach out to me, you may do so through LinkedIn, we can talk, and connect, and I can share some jokes with you!:)

Experience

  • Google (Full-time ยท 3 yrs 9 mos)
    • Senior Incident Response and Remediation Consultant & Cloud Architect
      Nov 2023 - Present ยท 2 yrs 9 mos

      โ— Conduct comprehensive AWS, Azure, M365, GCP security assessments to identify misconfigurations and enhance cloud security posture โ— Lead incident response and remediation efforts, focusing on remediation ensuring swift recovery from security breaches โ— Conduct Active Directory assessments to identify the common attack vectors โ— Do Okta Security Assessment โ— Lead Disaster Recovery Assessments to help clients to be well prepared for ransomware for on prem and cloud โ— Review IAM and PAM protocols to strengthen access controls and mitigate risks across platforms

    • Incident Response and Remediation
      Nov 2022 - Nov 2023 ยท 1 yr 1 mo

      โ— AWS Security Assessments, Active Directory Security Assessments, Incident Response and Remediation, IAM and PAM Review, Azure & Microsoft 365 Security Assessments, GCP & Google Workspace Assessments, and Ransomware Engagements.

  • Incident Response and Remediation at Mandiant (now part of Google Cloud)
    Feb 2022 - Present ยท 4 yrs 6 mos

  • Cloud Security Senior Consultant at Deloitte
    Nov 2020 - Feb 2022 ยท 1 yr 4 mos

  • Information Security Analyst-Data Modeler at Engineering & Computer Simulations
    Jan 2020 - Sep 2020 ยท 9 mos

    โ— Provided technical skills and knowledge to manage project work, secured network, database, data, application, and cloud. Worked on having Principles of CIA (Confidentiality, Integrity, and Availability). Detected, eradicated, recovered Cloud Security incidents end to end. โ— Utilized RBAC, MFA, IAM (IDAM), Active Directory for Azure & AWS Gov, and LM systems. In-depth knowledge in information security concepts (HTTPS, TLS, Identity Federation protocols such as SAML, XML, OAuth2.0). Managed Identity and Access provisioning lifecycle. โ— Worked at Security Operations Center to do incident response, threat hunting activities including cyber threat analysis support, research, recommend relevant remediation and mitigation. Monitored incoming-outgoing-internal traffic logs with Splunk for potential security incidents; identify and act on anomalous network activity, and deep traffic packet analysis with Wireshark. Update-document logs/playbooks/runbooks and tune rules. Collaborated with Incident Response team to provide targeted Threat hunting reports for ongoing engagements based on work performed on the enterprise. โ— Provided knowledge of security tools such as FW, NIDS/NIPS, HIDS/HIPS, SIEM, AV, EDR, data encryption, and security analysis tools. Implemented NIST CSF, NIST SP 800-53, Risk Management Framework (RMF), FISMA, FedRAMP. โ— Kept up to date on emerging vulnerability and threat trends. Understanding of threat analysis model, STRIDE, Cyber Kill Chain. Detect, respond, mitigate, and report on cyber threats/incidents that may impact the environment. Vulnerability Assessment and Threat Management of infrastructure. Able to perform shift work in a 24x7 operating environment. โ— Worked closely with resources from our client's development, data architecture, and business units to create an integrated model spanning multiple lines of business and subject areas within the operational database and data warehouse. Developed data models for large enterprise data domains.

  • Security/Data Analyst, Director of Instructional Software, Testing, GT at School of Science and Technology-Central Office
    Aug 2018 - Jan 2020 ยท 1 yr 6 mos

    โ— Worked on Network, Systems, Communications & Application Security, Access Controls, Identity and Access Management (IAM), Risk Monitoring, Analysis, Incident Response, and Recovery. โ— Implemented Texas Cybersecurity Framework (TCF), NIST, and used the Incident Response Team Redbook, protected PII, FERPA, HIPAA. Audited network infrastructure, hardware, applications of campuses/district. โ— Monitored, analyzed, and reported on security logs using SIEM-Snort, along with pfSense firewall, to work with IT staff to remedy email spam issues using the campus spam filter, on anti-virus software solutions and malware-related issues. โ— Worked with Network Engineer-System Admin to identify network security issues and recommend solutions and/or implement solutions. Used SFTP to roster students and staff. โ— Purchased, Monitored, Supported, and analyzed the usage of Instructional Software and Materials. Implement Clever SSO Integration between Student Information System and Instructional Software and Automatic Rostering. โ— Performed Data Analysis of district assessments, State tests, computerized adaptive tests, instructional programs usage of 50,000 users with Advanced Excel methods.