Istanbul, Türkiye
As a Security Engineer striving to specialize in Incident Response, Threat Hunting, and Digital Forensics, I focus on optimizing security operations, enhancing threat detection and response efficiency, and developing security automation strategies. I excel in fast-paced environments, swiftly identifying security threats and orchestrating proactive defense measures. Expertise & Technical Skills: - Incident Response & Threat Hunting - Digital Forensics - Attack Frameworks: MITRE ATT&CK, Cyber Kill Chain - Security Technologies and Automation: SIEM, SOAR, WAF, IPS/IDS, EDR, Sandbox, NDR, Honeypot, CloudTechnologies - Scripting & Automation: Python, Bash, PowerShell - Detection Rule Development: Sigma,YARA,Osquery https://snynr.medium.com/ https://cyberdefenders.org/accounts/profile/snynr
- Analytical and investigative abilities with hands-on experience on cyber security incident response and response automation strategies, and ability to work to tight guidelines and under high pressure in the context of cyber incidents, - Good understanding and hands-on experience with common security systems, including WAF, IPS/IDS, EDR, DLP, authentication systems, content filtering, etc. -Provide support to Incident Response teams in swiftly identifying, responding to, and mitigating security breaches and incidents. Determine the types of breaches, assess their impacts, and intervene in incidents. -Conduct post-incident analysis to ascertain damage and provide recommendations to prevent similar incidents in the future. - Experience working with Threat modeling operational threat intelligence, and attack framework standards (e.g., MITRE ATT&CK) -With a good understanding of the Cyber Kill Chain and pervasive threat attack methods and remediation, - Experience developing detection logic for enterprise SIEM systems and with exploitation techniques and use case development, - Experience in the detection and response to malicious activity using log data and alerts from cybersecurity solutions, systems, and network devices, - Experience extracting and analyzing forensic artifacts across Windows, Mac, and Linux operating systems, - Perform in-depth analysis for alerts, anomalies, errors, intrusions, malware. - Developing and suggesting solutions to reduce false positives - Assist with the identification of potential vulnerabilities and the compilation of recommendations to manage identified risks
Joining the Locked Shields Exercise as Threat Hunter in NATO Blue Team. During two days more than 2000 participants from 32 nations practised the protection of national IT systems and critical infrastructure under the pressure of a large-scale cyberattack at the annual live-fire cyber defence exercise Locked Shields. In addition to protecting numerous cyber-physical systems the participating teams practiced tactical and strategic decision making, cooperation and the chain of command in a crisis situation where they also had to tackle forensic and legal issues and respond to information operations challenges.
- 24x7 monitoring and analysis of critical security alerts for cyber threats - Experience with Security Information and Event Management (SIEM) tools such as Splunk, QRadar, McAfee Siem, or ELK
IT Department