Highly skilled and experienced Penetration Tester and Application Security professional with a proven track record of conducting penetration testing, vulnerability assessments, and red team assessments on various systems and applications. Holds a Associate degree in Cyber Security from Bilgi University and has 3 years experience in the field. Strong analytical and problem-solving skills with the ability to think creatively to find unique solutions to complex security issues.

Skilled in identifying and exploiting vulnerabilities, creating realistic attack scenarios, and evading detection. Strong ability to collaborate with the blue team to improve the overall security posture of the company and provide detailed reports on assessment results. Proficient in using source code analysis tools like Fortify, Checkmarx and other open-source tools to identify and remediate vulnerabilities in software applications. Strong knowledge of industry-standard tools and techniques for penetration testing including network security, web and mobile applications, social engineering, DDoS, and red team operations.

One of the most important issues for me is team communication and support. For this, I always try to be a good, helpful and experienced team player. I also share what I’ve learned by writing articles on my personal blog, and I spend time learning more.


Turkish Airlines Technology – Penetration Test and Application Security Specialist
(May 2022 – Now)

[+] Penetration Tests
• Conducting penetration testing and vulnerability assessments on various systems and applications.
• Identifying and exploiting vulnerabilities in the company’s systems, networks, and applications.
• Planning and executing red team assessments to test the effectiveness of the company’s security defenses.
• Creating and using realistic attack scenarios that simulate the actions of real-world attackers.
• Attempting to evade detection and gain unauthorized access to sensitive data and systems.
• Collaborating with the blue team (i.e. the defensive team) to improve the overall security posture of the company.
• Providing detailed reports on the results of the assessments, including recommendations for improving security.

[+] Application Security
• Using source code analysis tools like Fortify, Checkmarx and other open-source tools to identify and remediate vulnerabilities in software applications.
• Conducting security assessments on software applications using automated tools and manual methods.
• Collaborating with the development team to ensure that security is integrated into the software development process.
• Continuously monitoring and testing applications to identify and remediate vulnerabilities in a timely manner.
• Providing guidance and training to other members of the organization on secure software development practices.

[+] Others
• Developing and implementing security controls to mitigate identified vulnerabilities.
• Keeping up to date with the latest threats and vulnerabilities to ensure the company is protected against them.
• Collaborating with other members of the IT and security teams to develop and implement security policies and procedures.
• Providing guidance and training to other members of the organization on security best practices.
• Examining new security products and performing PoC process.
• Team Planning and Project Management.

Anadolubank – Cyber Security Specialist
(January 2022 – April 2022)

[+] Offensive Security
• Performing Web Application and Network Penetration Tests
• Performing Red Team Operations
• Planning and Managing Penetration Tests
• Performing Periodic Vulnerability Scanning

[+] Others
• Managing CTI Tools and Taking Actions Intelligences
• Inside Cybersecurity Consultancy
• Accompanying the teams in aspects of cybersecurity and secure development
• Proactively working to establish and maintain a knowledge base about new vulnerabilities
• Examining new security products and performing PoC process

Lostar Information Security – Cyber Security Specialist
(March 2020 – January 2022)

[+] Penetration Tests
• Web Application Security
• Network Security
• Mobile App Security (Android & IOS)
• Red Team Operations
• Business Logic Vulnerabilities
• DDoS Attacks
• Social Engineering Attacks (by Physical, E-Mail and Phone)
• Wi-Fi
• BDDK, SPK Tests

[+] Audits
• End-user PC Audit
• Active Directory Audit
• Firewall Audit
• E-Mail Gateway Audit
• Server and PC Hardening

[+] Others
• Project Management
• Team Planning
• Educations

Vertiv – Intern IT Support Specialist
(June 2019 – August 2019)

• Helpdesk Support
• Migration to Microsoft OneDrive Project Developer and Execution

Emerson Network Power – Intern IT Long Term
(September 2016 – June 2017)

• Helpdesk Support
• Hardware & Software Support
• Migration Projects
• Microsoft Office365 Project Tracking and Execution


Anadolu University
Bachelor’s Degree – Management Information Systems
(September 2020 – Now)


Istanbul Bilgi University
Associate Degree – Cyber Security
(September 2018 – June 2020) (3.06 GPA)

[+] Penetration Tests
• Network Security
• Web App Security
• Mobil App Security
• Business Logic Vulnerabilities
• DDoS
• Social Engineering

[+] IT Security Products (How it works & How to use it)
• Firewall
• Antivirus
• Proxy
• Anti Spam Gateway
• Log Management (SIEM)

[+] Software Language
• Python
• C++

[+] Others
• End-user Security
• OWASP Top 10 (2013 – 2017)
• Network (TCP&UDP, OSI Layers, Network Topologies and etc.)
• Information Technologies (NGN, VoIP, 4G&5G, Internet Infrastructure and etc.)

Certificates / Badges

Offensive Security Certified Professional (OSCP)
Qualification ID: Credential.net – OSCP

Cybrary – Mobile App Security
Qualification ID: CC-297c5527-d64a-48b6-bdff-ef94a23d55bc
Verification URL: Cybrary Verify Certificate

Micro Focus – Fortify SAST Specialist
Qualification ID: Credly – SAST Specialist

ICSI – Certified Network Security Specialist (CNSS)
Qualification ID: Credential.net – CNSS

Hacktrick’22 – Active Directory Security Assessment
Qualification ID: None

Turkish Cyber Security Cluster – 2020 Winter Camp – Web Application Security
Qualification ID: None

Bogazici University – 2020 Winter Camp – Offensive Cyber Security
Qualification ID: None

IBM – Cybersecurity Fundamentals
Qualification ID: Credly – Cybersecurity Fundamentals

WordPress.com'da bir web sitesi veya blog oluşturun

Yukarı ↑

%d blogcu bunu beğendi: