About

I am an IT & Security Engineer operating on the principle: "To learn defense, one must master offense." I have a strong foundation in designing, implementing, and defending enterprise infrastructures. With hands-on experience in systems administration (Linux & Windows Server), network configuration, and virtualization (Proxmox VE, Docker), I build "secure-by-design" architectures that eliminate vulnerabilities from the hardware level up.

I am passionate about digital sovereignty, open-source enterprise solutions, and creating autonomous, self-sufficient IT environments that minimize external dependencies. I bridge the gap between low-level system understanding and enterprise-scale defense architectures.

Experience

IT & Security Engineer

@ Arma Bilişim

Oct 2025 - Present Izmir, Turkey · Remote

Strengthening corporate infrastructure security and business continuity using SIEM, XDR, EPP, and DLP solutions.
Deploying and maintaining scalable virtualized environments with Proxmox VE and containerizing services via Docker.
Conducting proactive threat hunting on networks and systems using open-source tools and custom scripts.
Managing end-to-end incident response and infrastructure optimization processes through automation and digital forensics.

Infrastructure Proxmox Docker AD/Samba SentinelOne

SOC Analyst

@ Garanti BBVA Technology

Dec 2024 - Nov 2025 Istanbul, Turkey · Remote

Monitored enterprise-wide system events 24/7 via SIEM and XDR platforms to ensure the stability and security of critical financial infrastructures.
Performed threat detection and response across endpoints and networks, leading system hardening initiatives (CIS Benchmarks).
Managed incident response workflows, digital forensic investigations, and detailed security reporting.
Collaborated with infrastructure teams to implement security-by-design policies and patch critical vulnerabilities.

SOC Defender XDR Incident Response Log Analysis

MDR Analyst

@ ADEO Cyber Security

Jan 2024 - Jun 2024 Ankara, Turkey · Hybrid

Managed complex network security operations and log management using Wazuh, Sentinel, and Defender XDR architectures.
Implemented end-to-end DLP, EDR, and EPP solutions in enterprise environments to mitigate data exfiltration risks.
Conducted log analysis, vulnerability scanning, and proactive system management to minimize infrastructure attack surfaces.

Defender XDR Cortex XDR SentinelOne CrowdStrike Falcon

IT Services & Security Intern

@ Consulta

Apr 2023 - Sep 2023 Istanbul, Turkey, On-site

Supported IT infrastructure management, help desk support, and server-side security operations.
Assisted in Linux server hardening and Microsoft Exchange server maintenance/management.
Contributed to security awareness training and managed technical security documentation and reporting.

Volunteering

President of Community & OWASP Student Representative

@ BTU Informatics Community & OWASP BTU

Oct 2021 - Sep 2024

Led the largest tech-focused student community at Bursa Technical University, reaching over 500 active members.
Organized large-scale technical training sessions and "Security Day" events to raise cybersecurity awareness across the campus as an OWASP Student Representative.
Networked with industry leaders to coordinate professional webinars, hands-on workshops, and technical site visits for student career development.
Represented the community in university administrative processes, managing budget allocation and administrative collaborations.

Core Member

@ PwnLab.Me

Feb 2021 - Jul 2022

Published technical blog posts and CTF (Capture The Flag) walkthroughs for PwnLab.Me, one of Turkey's leading cybersecurity communities.
Supported community growth strategies and provided technical mentorship through Discord and other social channels.
Contributed to the security ecosystem by conducting in-depth analyses of modern attack vectors and network security implementations.

Scout Leader & Search and Rescue Volunteer

@ TİFAKE (Scouting and Guiding Federation of Turkey)

Jul 2019 - Sep 2024

Actively participated in rescue and humanitarian aid operations within TİFAKE in coordination with AFAD.
Deployed for search and rescue during the February 6th Antakya earthquake and the Bozkurt flood disaster.
Conducted forest fire response in Ovacik and managed humanitarian logistics in various disaster zones.
Maintained leadership roles in scouting, focusing on youth physical and social development.

Technical Expertise & Skills

Offensive Security

This column reflects the "to build defense, one must master offense" vision and the OWASP approach.

Vulnerability Assessment Vulnerability scanning and management with OpenVAS and Nuclei.
Network Discovery Network discovery and topology mapping with Nmap and Masscan.
Web App Security Testing Web/API penetration tests with Burp Suite and OWASP ZAP.
Exploitation Frameworks Vulnerability exploitation and validation with Metasploit Framework.
Security Research Supply chain (NPM) and LLM (Agentic AI) security research.

Defensive Security

Represents corporate SOC/MDR experience and the capability to isolate threats instantly.

Autonomous EDR & XDR Management of SentinelOne, Microsoft Defender XDR, and CrowdStrike Falcon.
SIEM & Log Management Anomaly detection with Wazuh, Splunk, and Elastic Stack (ELK).
Network Traffic Analysis Deep packet inspection (DPI) and network forensics with Wireshark.
Email & Gateway Security Phishing protection with Libraesva and Proxmox Mail Gateway.
Incident Response Threat hunting and proactive cyber incident response.

Systems & Network Infrastructure

The critical column that differentiates a specialist from an analyst: IT and Infrastructure expertise.

Virtualization & Private Cloud Deployment of enterprise virtualization architectures with Proxmox VE.
Enterprise Network Configuration Management of Ruijie & Reyee hardware, VLAN, TCP/IP, and DNS/DHCP.
Identity & Directory Services Identity management with Windows Server (Active Directory), Samba, and LiderAhenk.
Linux Server Administration Installation and hardening of Ubuntu, Debian, and Pardus systems.
Self-Hosted Enterprise Solutions Open-source data sovereignty projects like Nextcloud and Mailcow.

Software & Automation Engineering

The software pillar demonstrating automation of full-stack projects and IT operations.

Containerization Microservice architectures and isolated test environments with Docker.
Configuration Management Infrastructure as Code (IaC) and server automation with Ansible.
Backend & API Development Node.js, Express, and RESTful architecture design (ApiGoat project).
Full-Stack Architecture End-to-end application development with PERN Stack (Postgres, Express, React, Node).
Scripting & Task Automation Security tool development and system automation with Python, PowerShell, and Bash.

Education

M.Sc. in Software Engineering | Karabuk University (2025 - 2027)
- Focus: Scalable systems architecture and supply chain (NPM) security research.
B.Sc. in Computer Engineering | Bursa Technical University (2019 - 2024)
- Focus: Software development and application security.

Continuous Training

TryHackMe: Top 1% Rank in offensive security simulations.
LetsDefend: Specialized in IT operations and SOC incident response.