About

I am a Cyber Security Engineer operating on the principle: “To learn defense, one must master offense.” I bridge low-level system understanding with enterprise-scale defense architectures.

The Architectural Frontier Link to heading

Security starts at the hardware level. By mastering Assembly and C, I use granular system knowledge to design Security Observability strategies that turn hardware limits into defensive advantages.

From Offensive Roots to Enterprise Defense Link to heading

Starting in Red Team operations, I scaled this adversarial mindset into defensive engineering:

  • Incident Response: Neutralizing complex threats in financial sectors.
  • Threat Hunting: Converting intelligence into proactive defense.
  • Hardening: Optimizing resilience and system integrity.

Engineering Digital Sovereignty Link to heading

My focus is The Ubuntu Sovereign Stack—architecting an open-source enterprise alternative for total data autonomy, integrating:

  • Automated Orchestration: Self-healing environments.
  • Unified IAM: Secure, open-source directory services.
  • Full-Stack Observability: Deep visibility via SIEM.

Experience Link to heading

Cyber Security Engineer @ Arma Bilisim (Oct 2025 - Present) Link to heading

  • Strengthened enterprise security using SIEM, XDR, EPP, and DLP.
  • Led threat hunting with open-source tools.
  • Supported incident response through automation, log analysis, and forensics.

SOC Analyst @ Garanti BBVA Technology (Dec 2024 - Nov 2025) Link to heading

  • Monitored and analyzed security events via SIEM and XDR platforms.
  • Conducted threat detection and response across endpoints and networks.

MDR Analyst @ ADEO Cyber Security (Sep 2023 - Aug 2024) Link to heading

  • Managed network security using Wazuh, Sentinel, and Defender XDR.
  • Implemented DLP and EDR solutions to prevent data breaches.
  • Performed log analysis and vulnerability assessments.

Intern IT Services & Security @ Consulta (Apr 2023 - Sep 2023) Link to heading

  • Assisted in IT infrastructure and system security operations.
  • Supported Linux hardening and Exchange server tasks.
  • NPM Supply Chain Analysis: Analyzing dependency networks to identify risks using Centrality metrics.
  • ApiGoat: Deliberately vulnerable REST API for teaching OWASP Top 10 API Security.
  • MCP Agentic Security: Research on Model Context Protocol and agent interoperability risks.
  • WebVuln Runner: Docker-based TUI for deploying penetration testing environments.
  • ANKA UAV Software: Autonomous flight control for Teknofest 2022.
  • Nalburdeposu E-Commerce: Full-stack platform with payment integration.

Technical Arsenal Link to heading

Security Operations Link to heading

  • SentinelOne Singularity, Microsoft Defender XDR, CrowdStrike Falcon, Palo Alto Cortex XDR, Wazuh, Splunk, Elastic Stack.

Vulnerability & Assessment Link to heading

  • OpenVAS, Nuclei, Nmap, Metasploit, Burp Suite, OWASP ZAP, Wireshark.

Cloud & Infrastructure Link to heading

  • Proxmox VE, Docker, Samba (AD), Ansible, Node.js, Python, PowerShell & Bash.

Continuous Training Link to heading

  • TryHackMe: Top 1% Rank in offensive security simulations.
  • LetsDefend: Specialized in SOC alerting and incident response.
  • HackerRank: Regular algorithmic problem solving.