Kocaeli, Türkiye
I am an engineer who has built his career in the field of cyber security with conscious choices and has a good command of the big picture as well as technical details. After completing my undergraduate studies in Computer Engineering, I continued my academic journey with a master’s degree in Cybersecurity at Marmara University. I began my professional path as a Level 1 analyst and later took on responsibilities at the L2 level, including correlation rule development, alarm analysis, incident response, and coordination with L1 teams. Currently, I work as an assistant cybersecurity specialist in the steel production sector, managing hybrid infrastructures that span both IT and OT systems. Throughout my career, I’ve worked hands-on with a wide range of technologies including SIEM, NDR, EDR, WAF, VPN architectures, attack simulation platforms, DAM, LTM, and vulnerability management tools. I took an active role not only at the operational level, but also in the integration of products into corporate needs. I have made technical contributions to the PoC processes of many different products; in addition, I have laid the groundwork for the long-term success of the selected solutions by taking part in the specification preparations. I have adopted it as a principle to master the interface of every technology I use, as well as its logic, architecture and potential risks. In addition to my technical competence in the projects I participated in, I was also recognized for my solution-oriented approach and high sense of responsibility. Seeing my work generate tangible impact within organizations, and being referenced by other teams, has only deepened my passion for this field.I have a structure that does not leave success in projects to chance; I carefully evaluate every step. To me, cybersecurity is more than a profession—it's a space for innovation, continuous learning, and strategic contribution. My disciplined and curious nature is my greatest strength on this journey. I aim to leave a mark wherever I work and to deliver lasting value to every organization I contribute to.
-Management of F5 BIG-IP ASM, APM, and LTM modules is carried out; responsible for application security, access control, and load balancing operations. -Administration of IBM QRadar SIEM platform is maintained; log collection, correlation rule development, customized dashboards, and alert mechanisms are continuously managed. -Architectural design and sustainability of the SIEM infrastructure are ensured; configuration, integration, and capacity planning are carried out. -Security control testing is conducted via the Picus Security platform; simulation results are analyzed to identify weaknesses and improve defense mechanisms. -Network behavior analysis is performed using the Vectra NDR platform; anomaly detection and threat hunting processes are managed. -Security of industrial environments is ensured through OT NDR solutions like Claroty and ICSFUSION; configuration, monitoring, and maintenance tasks are executed. -Data security is managed through the IBM Guardium platform; data access tracking, sensitivity analysis, and compliance reporting are performed. -Enterprise vulnerability management processes are conducted using the Bizzy cybersecurity platform; detection, prioritization, and reporting of system vulnerabilities are ensured. -Technical specifications are prepared as part of cybersecurity product and project management processes. -Security Operations Center (SOC) projects are planned, deployed, and operated. -Internal cyber incident response processes are coordinated; incident analysis, impact assessment, evidence collection, and response planning are executed. -Manage Proof of Concept (PoC) processes and report outcomes
-Conducted comprehensive work in logging and attack detection, utilizing various tools and techniques to swiftly and effectively identify security breaches. -Efficiently used the Splunk platform for log analysis and correlation tasks. -Created and optimized custom dashboards, search queries, and alerts in Splunk. -Enhanced Splunk's security capabilities through various developments and integrations. -Developed rules and correlations based on the MITRE ATT&CK framework for threat intelligence. -Tested and regularly updated the accuracy and effectiveness of these rules and correlations. -Prepared detailed and regular reports for clients regarding performed work and detected security incidents. Ensured that reports were understandable and actionable. Analyzed alarms that L1 level analysts could not resolve or required deeper investigation. -Conducted thorough analysis of these alarms, identified root causes, and ensured necessary actions were taken. -Actively participated in the version upgrade and maintenance processes of the Splunk product. Planned and executed necessary maintenance and update operations to ensure uninterrupted system functionality. -Used Carbon Black EDR and Vectra NDR products to detect and analyze security incidents. -Evaluated alarms from these tools and determined appropriate measures against threats.
-7/24 Monitoring -Detection of alarms and events consisting of cyber intelligence and security event monitoring tools -Performing Level‑1 analysis by examining suspicious situations and alarms, making notifications in line with SLA times -Fulfilling requests from customers in SOC structure -Providing information security and awareness trainings to customers