Kayhan Kayihan

Co-Founder at RSU

Istanbul, Türkiye

About

Insightful, results-driven, energetic and academically trained Information Security Analyst over 8 years of successful career in the IT. Demonstrated hands-on experience on penetration testing, vulnerability scan & management, system hardening & patching. In-depth knowledge of cyber security principles, vulnerability remediation, risk assessment according to vendors best practices. Involve large-scale projects proactively in enterprise environments to perform mission critical services, provided the opportunity to gain a deep technical background. Goal-oriented and dedicated team player, prioritizing tasks according to project needs and manage deadlines.

Experience

  • Co-Founder at RSU Consultancy
    Feb 2021 - Present · 5 yrs 6 mos

  • Member at Komünite.com.tr
    Jul 2024 - Present · 2 yrs 1 mo

  • Penetration Tester at Securewise
    Jan 2019 - Dec 2025 · 7 yrs

  • Parttime Lecturer at Marmara University
    Oct 2021 - Feb 2022 · 5 mos

  • Lostar Bilgi Güvenliği (5 yrs 6 mos)
    • Cyber Security Department Manager
      Jan 2020 - Jan 2021 · 1 yr 1 mo

    • Cyber Security Consultant
      Aug 2015 - Dec 2019 · 4 yrs 5 mos

       Involved and managed 60+ projects to performed penetration tests according to OWASP Test Guide v4, PTES v1, OSSTMM v3 on various Web Applications, core network and infrastructure gears and SCADA/ICS devices for client’s entire organizations.  Executed periodically scan for clients, evaluated vulnerability assessments and generated reports for organizations arrange be agreement.  Performed systems (Windows, Linux), databases (Oracle, MS SQL), security products such as antispam gateway, proxy, endpoint security products and network devices hardening evolution according to CIS security benchmark guide via Tenable Nessus Professional.  Developed hardening parameters with bash scripting and PowerShell for RedHat, Windows and MSSQL servers.  Managed vulnerability scanning processes, developed systems and applications to secure for PCI DSS. e.g. identified vulnerabilities with Qualys and created remediations into change control procedure.  Provided technical consultancy on application design, architecture control and system performance optimization via growing technologies.  Implemented vulnerability management processes and managed tools to identify vulnerabilities, track their remediations and solutions for clients.  Identified and classified cyber security vulnerabilities and worked on mitigation plans with system owners, ensure plans are documented understood and tracked the results of the plan executed.  Completed +50 Distributed Denial of Service (DDoS) and social engineering tests.  Presented weekly vulnerabilities key performance indicator (KPI) reports to clients such as number of open critical/high vulnerabilities, closed vulnerabilities, accepted vulnerabilities and vulnerabilities reopen rates.  Designed, implemented and managed vulnerability management process and vulnerability scanner products such as Nexpose, Tenable Security Center, Nessus and Qualys for financial and insurance companies.  Analyzed some cyber security incidents for clients.