Open to Work

Yusuf Talha
ARABACI

Cyber Security Engineer | Digital Sovereignty• Cloud-Native Security • Open Source • Data Privacy • Next-Gen SOC • Endpoint Protection • Network Defense

Cyber Security Engineer combining offensive foundations and enterprise SOC experience with digital sovereignty and cloud-native security strategies. Focused on replacing traditional dependencies with open-source, secure, and autonomous infrastructures

View Projects More About Me
Yusuf Talha ARABACI
01.

About Me

I am a Cyber Security Engineer operating on the principle: "To learn defense, one must master offense." I bridge low-level system understanding with enterprise-scale defense architectures.

The Architectural Frontier

Security starts at the hardware level. By mastering Assembly and C, I use granular system knowledge to design Security Observability strategies that turn hardware limits into defensive advantages.

From Offensive Roots to Enterprise Defense

starting in Red Team operations, I scaled this adversarial mindset into defensive engineering:

  • Incident Response: Neutralizing complex threats in financial sectors.
  • Threat Hunting: Converting intelligence into proactive defense.
  • Hardening: Optimizing resilience and system integrity.

Engineering Digital Sovereignty

My focus is The Ubuntu Sovereign Stack—architecting an open-source enterprise alternative for total data autonomy, integrating:

  • Automated Orchestration: Self-healing environments.
  • Unified IAM: Secure, open-source directory services.
  • Full-Stack Observability: Deep visibility via SIEM.

Goal

Building a resilient and sovereign digital infrastructure designed to eliminate vendor lock-in, prioritizing supply chain security and automated compliance through an integrated open-source ecosystem.

Career Objective

Relocating to Tallinn, Estonia (Q1 2026) to contribute to Europe’s most advanced digital society.

Cloud-Native Security Digital Sovereignty

Quick Stats

  • Experience 3+ Years
  • Focus Blue Team / SOC
  • Location Turkey
  • Status Available
02.

Where I've Worked

Cyber Security Engineer @ Arma Bilisim

İzmir, Türkiye · Remote
Oct 2025 - Present
  • Strengthened enterprise security using SIEM, XDR, EPP, and DLP.
  • Led threat hunting with open-source tools.
  • Supported incident response through automation, log analysis, and forensics.
Network Security XDR +7 skills

SOC Analyst @ Garanti BBVA Technology

Remote
Dec 2024 - Nov 2025
  • Monitored and analyzed security events via SIEM and XDR platforms.
  • Conducted threat detection and response across endpoints and networks.
  • Collaborated on forensic investigations and reporting.
TCP/IP Cybersecurity +6 skills

MDR Analyst @ ADEO Cyber Security

Ankara, Türkiye · Hybrid
Sep 2023 - Aug 2024
  • Managed network security using Wazuh, Sentinel, and Defender XDR.
  • Implemented DLP and EDR solutions to prevent data breaches.
  • Performed log analysis and vulnerability assessments.
Ndr Wazuh +10 skills

Intern IT Services & Security @ Consulta

Istanbul, Türkiye · On-site
Apr 2023 - Sep 2023
  • Assisted in IT infrastructure and system security operations.
  • Supported Linux hardening and Exchange server tasks.
  • Contributed to security awareness and documentation.
Help Desk SysAdmin +6 skills
03.

Technical Arsenal

Security Operations
SentinelOne Singularity
Autonomous AI EDR
Microsoft Defender XDR
Integrated Threat Protection
CrowdStrike Falcon
Cloud-based Endpoint Protection
Palo Alto Cortex XDR
Cross-Layer Detection & Response
Wazuh
Unified XDR & SIEM
Splunk
Corporate SIEM Solution
Elastic Stack
Log Management & Analytics
Vuln & Assessment
OpenVAS
Vuln Scanning & Management
Nuclei
Template-based Vuln Scanner
Nmap
Network Discovery & Scanning
Metasploit Framework
Exploitation Tool
Burp Suite
Web App Security Testing
OWASP ZAP
Open Source Web Proxy
Wireshark
Deep Packet Inspection
Cloud & Infrastructure
Kubernetes & Docker
Container Orchestration & Runtime
Prometheus & Grafana
Observability & Monitoring
Ansible
Configuration Management & Automation
Authentik & Samba
Identity & Directory Services
Zimbra CE
Enterprise Email Suite
Python
Automation & Security Tools Development
PowerShell & Bash
Cross-Platform Scripting
04.

Featured Projects

NPM Supply Chain Analysis

Analyzing the dependency network of NPM packages to identify critical nodes and supply chain risks using Centrality metrics.

Python NetworkX Matplotlib

ApiGoat

A deliberately vulnerable REST API designed to teach developers and security testers about the OWASP Top 10 API Security risks.

NodeJS OWASP API Security

MCP Agentic Security

Comprehensive research and security review of the Model Context Protocol (MCP), focusing on agent interoperability risks.

AI Security LLM Research

WebVuln Runner

Docker-based TUI application to easily deploy hazardous web environments (Juice Shop, DVWA, etc.) for penetration testing practice.

Docker Bash/TUI Web-App Security

Spam Mail Detection

Machine Learning model trained to detect Turkish spam emails with high accuracy using NLP preprocessing and KNN classification.

ML/AI KNN Python

ANKA UAV Software

Autonomous flight control software developed for the ANKA team in Teknofest 2022 International UAV Competition.

Python Robotics Autonomous

Fullstack E-Commerce

Complete e-commerce platform with modern frontend and robust backend architecture, featuring payment integration and inventory management.

React Node.js PostgreSQL

Elastic SecOps Mastery

Hands-on Elastic SecOps project featuring SIEM detections, dashboards, ingest pipelines, and SOC workflows built on Elastic Stack.

Elastic SIEM SecOps

Ubuntu Sovereign Stack

Open-source infrastructure stack for digital sovereignty, eliminating vendor lock-in with self-hosted enterprise services on Ubuntu.

Ubuntu Self-Hosted Sovereignty
05.

Latest Articles

Supply Chain Security
Supply Chain Nov 10, 2025

Analysis of Software Supply Chain Security and the npm Ecosystem

Analyzing the Shai-Hulud worm, structural npm vulnerabilities, and the move towards Zero-Trust Execution for software supply chain security.

Read Article
SentinelOne Platform
Cybersecurity Oct 20, 2025

Under the Hood: Deep Dive into SentinelOne Singularity

A technical deep dive into Autonomous SOC, Purple AI, kernel-level EDR architecture, and XDR capabilities.

Read Article
Cloud Strategy
Cloud Strategy Sep 19, 2025

Microsoft’s Cloud-First Strategy and Data Privacy

The State of On-Prem Products, Identity Management, and Data Sovereignty concerns in Microsoft's ecosystem.

Read Article
Agentic AI
Agentic AI Dec 19, 2025

The Agentic Frontier: The Rise of Autonomous AI

Exploring the shift from RAG to Autonomous Agentic AI, the architecture of autonomy, and the critical security threats facing these systems.

Read Article
Silicon Logic
Deep Dive Dec 20, 2025

Silicon Logic: From Metal to Mastermind

A comprehensive guide to x86 Architecture, Assembly, C Programming, and OS Internals.

Read Article
Research Ongoing

Technical Writeups & Research

A comprehensive collection of threat hunting guides, red team operational drills, and security research (CTI, Deception, DNS, EDR).

View Collection

Continuous Training

TryHackMe

Top 1% Rank in offensive security simulations and CTFs.

LetsDefend

Specialized training in SOC alerting and incident response.

HackerRank

Regular algorithmic problem solving to stay sharp.