Burak Çınar
Verified Expert in Engineering
DevSecOps Architect and Developer
Burak is a cloud architect with deep expertise in DevOps and IT security. He is driven by a passion for aligning technology initiatives with business objectives. Burak is known for resolving challenging problems and delivering results that improve the company's IT infrastructure and security.
Portfolio
Experience
Availability
Preferred Environment
Amazon Web Services (AWS), Azure, DevOps, DevSecOps, Cybersecurity, Security Architecture, IT Security, CISSP, Cyber Defense, Enterprise Cybersecurity
The most amazing...
...project I've implemented is a cybersecurity analytic platform in under one month, creating visibility for one of the biggest eCommerce systems in Turkey.
Work Experience
Lead Security Systems Engineer
EPAM Systems
- Led key security initiatives in application migration and digital transformation with robust application security ensured by integrating advanced tools and methodologies.
- Conducted comprehensive security engineering tasks, focusing on application-level security, leading to a 25% reduction in vulnerability incidents through rigorous access control and security audits.
- Collaborated with DevOps teams to embed security into the development lifecycle, emphasizing the importance of preventing and responding to application security threats.
- Oversaw the full project security lifecycle, emphasizing the development of secure application architectures, leading to a 35% improvement in compliance with industry security standards.
- Played a key role in communicating complex security concepts, aiding in pre-sales discussions, and delivering specialized training, resulting in a 15% increase in team proficiency in application security protocols.
Senior Security Engineer
Arizona State University
- Designed and implemented a highly secure AWS and Azure infrastructure, incorporating robust security practices and technical controls.
- Developed and executed incident response plans to enhance system security.
- Strengthened data protection in the cloud, implementing encryption and other security controls, reducing data breaches by 40%.
- Managed stakeholder relationships in an international setting, ensuring alignment on security initiatives and strategies.
- Integrated security tools in the DevSecOps pipeline, specifically GitHub, AWS CodePipeline, and Snyk.
- Administered and maintained various Linux distributions, ensuring system reliability, security, and efficiency.
- Troubleshot issues ranging from deployment to application functionalities using Cloudwatch logs and SIEM tools like Datadog and ELK.
- Developed a custom Python script leveraging the Qualys API to automate the data extraction process, reducing manual effort by 60% and ensuring timely updates to the inventory system.
- Collaborated with cross-functional teams to identify and resolve complex data inconsistencies, resulting in a 95% reduction in data discrepancies between Qualys and the internal inventory solution.
- Implemented a robust monitoring and alerting system for the Qualys data pipeline, enabling proactive identification and resolution of issues, minimizing downtime, and ensuring data integrity.
Senior Security Specialist
BCG
- Managed security automation tools using AWS security services to automate security controls.
- Improved an application security program by introducing technical standards fostering secure development practices.
- Developed a Terraform script for security automation across more than 460 public cloud accounts.
- Managed IAM processes for over 460 public cloud accounts, improving user access management efficiency by 25%.
- Executed a secure cloud migration strategy, mitigating potential risks and ensuring a smooth transition with zero downtime.
- Implemented robust security measures for multi-cloud environments, increasing overall security posture and reducing incidents by 35%.
- Developed detailed documentation and training materials for the Qualys data pipeline, facilitating knowledge sharing and enabling other developers to contribute to the project effectively.
- Conducted an in-depth analysis of Qualys data to identify trends, patterns, and potential security risks, providing actionable insights to the security team for proactive vulnerability management.
- Mentored junior developers on Qualys integration best practices and provided technical guidance.
Head of Engineering
Domino's Pizza
- Led the successful migration of the company's on-premises infrastructure to AWS, enhancing scalability, security, and cost savings.
- Utilized expert knowledge in security design to implement end-to-end security solutions, resulting in a 35% improvement in overall data security and loss prevention capabilities.
- Managed and maintained a multi-server infrastructure across three data centers, resulting in a 15% increase in system efficiency and reliability. Coordinated with on-site support teams to ensure optimal server performance and uptime.
- Enhanced system security by 35% and cut vulnerability exposure by 50% through robust patching of operating systems and applications across server fleet, ensuring a secure, compliant IT environment.
- Orchestrated a complex migration of physical datacenter infrastructure to cloud environments (Azure and AWS), ensuring a scalable, cost-efficient transition with improved data accessibility and system resilience.
- Designed and deployed a secure and highly available wireless LAN architecture using Aruba and Fortinet solutions, supporting over 10,000 users across multiple sites and reducing wireless-related incidents by 50%.
- Diagnosed and resolved a critical network outage affecting a global eCommerce platform, minimizing downtime to less than two hours and preventing potential losses of over $1 million.
- Developed and executed a comprehensive configuration management, vulnerability assessment, and patch management strategy for over 1,000 network devices, ensuring 99.9% uptime and compliance with industry standards.
Cybersecurity Engineer
Domino's Pizza
- Developed a DevSecOps culture with CI/CD in the entire development-to-production chain using Snyk, Trivy, and Docker Bench for Security.
- Used Harden on the AWS cloud environment to comply with NIST, CIS Benchmarks, and PCI.
- Completed a senior project in authentication security that cut the security risk of a working website by 70%.
- Implemented a vulnerability management program, reducing the instances of known vulnerabilities by 95%.
- Managed the corporate firewall, improving the response time to implement changes by 50% over a year. Optimized the existing ruleset to decrease its length by 65%, making error-free maintenance easier.
- Built and maintained hardened operating system images following industry standards and benchmarks, such as the CIS and OpenSCAP ecosystems.
- Integrated cutting-edge threat and risk protection strategies led to a 50% decline in advanced persistent threats and enhanced overall data security.
- Implemented advanced data protection strategies, leading to a 50% improvement in data classification compliance and a significant reduction in data breaches.
Cloud Security Architect
Koç University
- Enforced automation processes using Ansible and Terraform, reducing deployment time and manual errors.
- Slashed the risk of cyberattacks by 43% using automatic updates and training all 1,450+ employees in information security best practices.
- Increased user security impacting 2,100 employees across six offices by implementing single sign-on and two-factor authentication systems.
- Implemented a new corporate security infrastructure, reducing maintenance costs by 66% annually.
- Administered, deployed, configured, and troubleshot cloud services, including AWS, GCP, and the Microsoft Azure platform.
- Managed SIEM tools, monitored alerts, and performed security incident response activities and log management.
- Managed a diverse portfolio of security solutions, including FortiGate, Check Point, F5 WAF, and Pulse Secure products.
- Upgraded existing security solutions, achieving a 25% increase in data loss detection efficiency and a 20% improvement in prevention mechanisms.
- Collaborated with the IT security team to roll out Azure Information Protection for two client projects, achieving a 90% data classification accuracy rate and enhancing data protection compliance by 55%.
- Revolutionized the DLP architecture, enhancing detection capabilities by 45% and reducing false positives by 30%, thereby streamlining data protection processes.
System Administration Senior Specialist
Koç University
- Supervised the operation and monitoring of all infrastructure, including 24/7 support in Grafana and Prometheus.
- Designed the architecture and deployed, configured, and troubleshot on cloud environments, including AWS, Google Cloud Platform (GCP), and Azure.
- Administered and maintained the infrastructure of roughly 2,000 computers and 440 servers for more than four years. Developed and implemented automated scripts and workflows, reducing manual intervention and speeding up processes.
- Deployed, patched, and monitored high-traffic production Linux, Apache, MySQL, and PHP (LAMP) stacks, NGINX, Varnish, and Squid Proxy according to the runbook and ensured their availability.
- Played a pivotal role in system design, specializing in operating system tuning, web server optimization, and application architecting, leading to a 25% improvement in system response times.
- Implemented performance-tuning measures to optimize system efficiency and resource utilization.
- Developed and optimized Ansible and Terraform scripts for infrastructure automation, leading to a 40% reduction in deployment times and a 25% decrease in manual configuration errors. This contribution significantly streamlined operational workflows.
- Spearheaded a comprehensive Linux troubleshooting and optimization initiative, which improved system performance by 20%.
- Led a center migration project, relocating over 120 physical servers and network devices, achieving a seamless transition with zero downtime and enhanced system performance.
Experience
Cloudflare – Web Application Firewall Transformation
Security Analytic and Automation Platform
This implementation helps protect customer data (fraud detection), mitigates threats faster with automated tasks, proactively identifies external threats, and monitors internal systems.
Secure WordPress Platform
http://www.ku.edu.trAsset Management
Enterprise-wide Vulnerability Assessment and Remediation
KEY ACHIEVEMENTS
Identified and documented over 2,000 vulnerabilities across various systems.
Successfully remediated 95% of critical vulnerabilities within the 1st month.
Established a monthly vulnerability assessment routine, reducing potential risks by 80%.
Skills
Languages
YAML, Bash, SAML, Bash Script, Python 3, Python
Frameworks
Hadoop, Windows PowerShell, .NET, AWS HA
Libraries/APIs
RADIUS
Tools
Amazon CloudFront CDN, Grafana, Terraform, AWS CloudFormation, NGINX, VPN, Amazon EKS, Sumo Logic, Splunk, ELK (Elastic Stack), VMware, Prisma, Twistlock, Kibana, AWS CodeBuild, Helm, Azure Web Application Firewall, Amazon CloudWatch, Apache, Logstash, FirePower, Duo 2FA, Hyper-V, OpenVPN, Confluence, Jira, Azure App Service, GitLab CI/CD, Azure Key Vault, GitHub, Microsoft Teams, Ansible, Suricata, Jenkins, Azure Kubernetes Service (AKS), Git, CircleCI, Vault, Sentry, SonarQube, Amazon Elastic Container Service (Amazon ECS), MongoDB Atlas, Docker Compose, Docker Hub, GitLab, AWS ELB, Amazon Virtual Private Cloud (VPC), AWS CLI, AWS VLC, Amazon Simple Email Service (SES), AWS IAM, Azure DevOps Services, HashiCorp, Nessus, Accunetix Vulnerability Scanner
Paradigms
DevOps, Azure DevOps, Penetration Testing, Serverless Architecture, DDoS, DevSecOps, Continuous Integration (CI), Secure Code Best Practices, Automation, Security Orchestration, Automation, and Response (SOAR)
Platforms
Amazon Web Services (AWS), WordPress, Amazon EC2, Docker, Kubernetes, Azure, Linux, Google Cloud Platform (GCP), Windows, Windows Server, Microsoft, Rapid7, CentOS, AWS Lambda, Databricks, Unix, Burp Suite, New Relic, Duo, Harbor, QualysGuard, AWS NLB, AWS ALB, Amazon, Red Hat Linux, Linux RHEL/CentOS
Storage
Amazon S3 (AWS S3), Azure Active Directory, Datadog, Database Security, EMC DataDomain, Azure Cloud Services, Elasticsearch, Microsoft SQL Server, Databases, Data Centers, Redis, MySQL, Data Synchronization, AWS SWF, SUSE, Google Cloud
Industry Expertise
Cybersecurity, Network Security
Other
SIEM, Firewalls, Cloudflare, Vulnerability Management, Vulnerability Assessment, Checkpoints, Microsoft Azure, Web Security, DNS, Amazon Route 53, BIND DNS, Web Hosting, Load Balancers, Content Delivery Networks (CDN), Splunk Enterprise Security, Cloud, Cloud Security, Data Loss Prevention (DLP), Identity & Access Management (IAM), Data Encryption, Office 365, Site Reliability Engineering (SRE), Single Sign-on (SSO), Infrastructure as Code (IaC), Networks, Security, CI/CD Pipelines, Architecture, IT Security, Integration, Cloud Services, CISO, Cloud Infrastructure, Domain DNS Setup, DNS Configuration, Dynamic Host Configuration Protocol (DHCP), DNS Servers, IT Networking, Solution Architecture, AWS Certified Solution Architect, Fortinet Firewall Configuration, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), IDS/IPS, Data Protection, Compliance, Amazon RDS, F5 Networks, TCP/IP, Check Point, System Administration, Security Architecture, Threat Intelligence, System Architecture, AWS DevOps, Cloud Architecture, AWS Certified DevOps Engineer, DevOps Engineer, Information Security, SecOps, Lansweeper, Network Configuration, IT Infrastructure, System-on-a-Chip (SoC), Cloud Migration, Networking, Infrastructure, IIS, SOC 2, Shell Scripting, Security Policies & Procedures, Google Workspace, Software Development Lifecycle (SDLC), Agile DevOps, Configuration Management, Containers, IT Systems Engineering, Security Audits, Security Management, ISO 27001, Azure Service Bus, Analytics, CISM, CISSP, Security Engineering, IT Governance, Governance, Data Governance, Container Orchestration, Web Servers, WiFi, Cisco AnyConnect, Microsoft 365, DHCP, Kerberos, IaaS, Scalability, Orchestration, Cloud Engineering, Fraud Prevention, CAPTCHA, Windows Subsystem for Linux (WSL), Server Infrastructure, Troubleshooting, Email Systems, Domains & Hosting, Email Delivery, Email, Email Marketing, SMTP, AWS VPN, GDPR, Monitoring, Data Center Infrastructure, Linux Administration, Patch Deployment, WordPress Installation, Leadership, Cyber Defense, Vulnerability Scanning, Vulnerability Identification, GitHub Actions, Startups, Enterprise Cybersecurity, Certified Ethical Hacker (CEH), Enterprise Firewalls, FortiGate, LAN, VLANs, Network Engineering, Network Design, Azure Cloud Security, CyberArk, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), NIST, Threat Modeling, Azure Resource Manager (ARM), Containerization, Risk Management, Palo Alto Networks, APIs, OWASP Top 10, Web App Security, OWASP, Data-level Security, Active Directory Synchronization, User Authentication, Group Policy Management, Group Policy, Active Directory Federation, Cisco, Argo CD, Deployment, Google Vault, Canary Releases, SOC Compliance, Application Security, Unix Shell Scripting, Artificial Intelligence (AI), Microsoft Azure Cloud Server, Web Application Firewall (WAF), Threat Analytics, Migration, Palo Alto Demisto, Prometheus, Palo Alto Prisma Cloud, IoC, Okta, Orca Security, Security Analysis, Security Operations Centers (SOC), Digital Forensics, IoT Security, Critical Security Controls (CIS Controls), Snyk, Risk Assessment, RHEL, SAP Basis, AWS Cloud Security
Education
Master's Degree in Cybersecurity
Akhmet Yassawi University - Turkey
Master's Degree in Forensic Investigation
International Dublin University - Ireland
Certifications
HashiCorp Ambassador 2023
HashiCorp
AWS Certified SysOps Administrator — Associate
Amazon Web Services
AWS Certified Security — Specialty
Amazon Web Services
AWS Certified Solutions Architect – Professional
Amazon Web Services
Certified Information Security Manager (CISM)
ISACA
Microsoft Certified: Azure Solutions Architect Expert
Microsoft
Microsoft Certified: DevOps Engineer Expert
Microsoft
AWS Certified Solutions Architect – Associate
Amazon Web Services
Microsoft Certified: Azure Administrator Associate
Microsoft
Microsoft Certified: Security Operations Analyst Associate
Microsoft
Microsoft Cybersecurity Architect
Microsoft
Microsoft 365 Certified: Security Administrator Associate
Microsoft
Microsoft Certified: Azure Security Engineer Associate
Microsoft
How to Work with Toptal
Toptal matches you directly with global industry experts from our network in hours—not weeks or months.
Share your needs
Choose your talent
Start your risk-free talent trial
Top talent is in high demand.
Start hiring