Istanbul, Türkiye
Most security problems aren’t technical. They’re organizational. 15+ years in IT Operations and Information Security and the pattern is consistent: things go wrong faster where ownership is blurry, context is missing and decisions take too long. I lead Identity Governance and Security Operations, and the part I find most valuable isn’t the detection or the response itself. It’s the clarity that comes after: understanding why something happened, who was responsible and what needs to change so it doesn’t happen again. What I care most about is the translation layer. Turning complex identity and security data into language that Legal, Compliance, HR and leadership can actually use. That’s where security either builds trust or loses it. Day to day, that means working across Cloud IAM, Microsoft Sentinel, KQL, Entra ID and Zero Trust architectures to keep identity and access controls sharp, auditable and aligned with business risk. I work well under pressure and communicate clearly across functions. My goal has always been to build systems that catch problems early, not just respond to them well.Currently pursuing CISM and CISSP. Looking to grow into roles where security strategy, governance and operational leadership come together.
Lead identity centric threat detection and threat hunting activities across cloud and hybrid environments, identifying malicious behaviors tied to compromised identities, privilege abuse and lateral movement. Design and operationalize identity based detections using Microsoft Sentinel, Defender for Identity and KQL driven analytics, significantly improving signal quality while reducing alert noise. Strengthen identity governance and access controls by improving access review processes, identity hygiene and lifecycle management (joiner/mover/leaver); directly reducing identity related attack surface. Collaborate with cloud security and security operations teams to translate identity findings into actionable remediation guidance, influencing detection logic, security controls. Partner with HR, Legal and Compliance stakeholders to align identity controls with regulatory requirements, governance objectives and enterprise audit readiness. Reduced insecure NTLM authentication and mitigated cleartext LDAP binding vulnerabilities to strengthen overall security posture.
Led infrastructure and endpoint operations across multiple locations, supporting 450+ users while ensuring system availability, endpoint security and business continuity in a distributed enterprise environment. Strengthened Active Directory operations and service management workflows, improving identity lifecycle processes and significantly reducing operational friction and recurring support demand. Played a key role in regional cyber recovery efforts during the 2017 NotPetya ransomware attack, supporting containment and recovery activities and restoring business operations five days ahead of other EMEA teams, becoming the first fully recovered operation in the region. Contributed to incident driven recovery planning and execution, gaining hands-on experience in large scale disruption scenarios, cross-team coordination, and operational resilience under crisis conditions. Improved warehouse and operational efficiency by modernizing RF terminal systems and integrating automated asset tracking solutions, supporting secure and reliable logistics operations.
Supported secure operation of Windows Server infrastructure, including patch management and endpoint security enforcement, contributing to system hardening and risk reduction. Led the migration of legacy Windows Server 2003 environments into production, strengthening security posture through improved configuration management, Group Policy enforcement and baseline compliance controls. Configured VLANs and RADIUS authentication to strengthen network segmentation and improve secure access controls.
Managed core enterprise services including DNS, DHCP and Active Directory, ensuring availability, secure configuration and reliable identity services across multiple departments. Implemented and maintained secure VPN connectivity and enterprise print services, supporting stable operations and protected remote access. Oversaw backup and recovery processes using HP backup systems and off-site cold storage, ensuring data integrity, recoverability and business continuity readiness.
Delivered enterprise end user support for 600+ users, consistently meeting SLAs and achieving a top 2 global MTTR ranking across distributed service desk teams. Supported software licensing compliance and contributed to analyst onboarding and technical training, reinforcing operational standards and knowledge consistency.