Verified Expert in Engineering
DevSecOps Architect Developer
Burak is a senior security architect passionate about aligning security architecture plans and processes with high-security standards and business goals. He is known for resolving tough problems and delivering results that improve the company's IT infrastructure security. Burak's past roles have included a head of engineering and cloud and cybersecurity architect. At Domino's Pizza, Burak maintained digital systems worth over $70 million, including a cloud application, servers, and computers.
Amazon Web Services (AWS), Azure, DevOps, DevSecOps, Web App Security, Cloud, Cybersecurity, Security Architecture, IT Security, CISSP, DHCP, Windows PowerShell, Kerberos, Data Encryption, Secure Code Best Practices, IaaS, Scalability, Orchestration, Microsoft SQL Server, Data Synchronization, Cloud Engineering
The most amazing...
...project I've implemented is a cybersecurity analytic platform in under one month, creating visibility for one of the biggest eCommerce systems in Turkey.
Senior Security Engineer
Arizona State University
- Designed and implemented a highly secure AWS and Azure infrastructure, incorporating robust security practices and technical controls. Developed and executed incident response plans to enhance system security.
- Developed and executed incident response plans to enhance system security.
- Strengthened data protection in the cloud, implementing encryption and other security controls, reducing data breaches by 40%.
- Managed stakeholder relationships in an international setting, ensuring alignment on security initiatives and strategies.
- Integrated security tools in the DevSecOps pipeline, specifically GitHub, AWS CodePipeline, and Snyk.
- Administered and maintained various Linux distributions, ensuring system reliability, security, and efficiency.
- Troubleshoot issues ranging from deployment to application functionalities using Cloudwatch logs and SIEM tools like Datadog and ELK.
Senior Security Specialist
- Managed security automation tools using AWS security services to automate security controls.
- Improved application security program by introducing technical standards fostering secure development practices.
- Developed a Terraform script for security automation across more than 460 public cloud accounts.
- Managed IAM processes for over 460 public cloud accounts, improving user access management efficiency by 25%.
- Executed a secure cloud migration strategy, mitigating potential risks and ensuring a smooth transition with zero downtime.
- Implemented robust security measures for multi-cloud environments, increasing overall security posture and reducing incidents by 35%.
Head of Engineering
- Led the successful migration of the company's on-premises infrastructure to AWS, enhancing scalability, security, and cost savings.
- Built a comprehensive cybersecurity architecture, driving a company-wide initiative to reduce IT system vulnerabilities.
- Established company-wide IAM policies that improved access management efficiency by 50% and reduced access-related incidents by 30%.
- Designed and deployed a multi-region cloud infrastructure on AWS, enhancing application availability and disaster recovery capabilities.
- Implemented containerization strategies using Docker and Kubernetes, optimizing resource utilization and scaling capabilities.
- Played a pivotal role in adopting microservices architecture, facilitating faster feature releases and system scalability.
- Collaborated with the software development team to integrate CI/CD pipelines using Jenkins and GitLab, accelerating deployment times by 40%.
- Managed a team of DevOps engineers responsible for maintaining and optimizing the company's cloud infrastructure.
- Utilized monitoring tools like Nagios, Zabbix, and Prometheus for real-time performance tracking, proactive issue identification, and capacity planning.
- Automated routine system maintenance tasks using Bash scripting and other automation tools, reducing manual intervention by 40%.
- Developed a DevSecOps culture with CI/CD in the entire development-to-production chain using Snyk, Trivy, and Docker Bench for Security.
- Used Harden on the AWS cloud environment to comply with NIST, CIS Benchmarks, and PCI.
- Directed DevOps in systems hardening and developed a secure, hardened baseline for container environments.
- Communicated enterprise security policy to internal stakeholders and external vendors.
- Completed a senior project in authentication security that cut the security risk of a working website by 70%.
- Implemented a vulnerability management program, reducing the instances of known vulnerabilities by 95%.
- Deployed and managed FortiGate and Check Point firewalls, ensuring optimal configuration and security policies across the organization.
- Managed the corporate firewall, improving the response time to implement changes by 50% over a year. Optimized the existing ruleset to decrease its length by 65%, making error-free maintenance easier.
- Built and maintained hardened operating system images following industry standards and benchmarks, such as the CIS and OpenSCAP ecosystems.
- Managed and administered Linux distributions, including SUSE and Red Hat Enterprise Linux (RHEL), ensuring optimal system performance, security, and compliance.
Cloud Security Architect
- Enforced automation processes using Ansible and Terraform, reducing deployment time and manual errors.
- Slashed the risk of cyberattacks by 43% using automatic updates and training all 1,450+ employees in information security best practices.
- Increased user security impacting 2,100 employees across six offices by implementing single sign-on and two-factor authentication systems.
- Implemented a new corporate security infrastructure, reducing maintenance costs by 66% annually.
- Administered, deployed, configured, and troubleshot cloud services, including AWS, GCP, and the Microsoft Azure platform.
- Managed SIEM tools, monitored alerts, and performed security incident response activities and log management.
- Contributed to building and implementing centralized logging systems, such as Grafana, ELK, Splunk, and Prometheus.
- Managed a diverse portfolio of security solutions, including FortiGate, Check Point, F5 WAF, and Pulse Secure products.
- Played a pivotal role in troubleshooting and resolving complex network security issues, ensuring minimal downtime and business impact.
- Collaborated with the IT security team to roll out Azure Information Protection for two client projects, achieving a 90% data classification accuracy rate and enhancing data protection compliance by 55%.
System Administration Senior Specialist
- Supervised the operation and monitoring of all infrastructure, including 24/7 support in Grafana and Prometheus.
- Designed the architecture and deployed, configured, and troubleshot on cloud environments, including AWS, GCP, and Azure.
- Deployed load-balancing solutions like Nginx, HAProxy, and mod_jk to distribute incoming traffic across multiple servers for improved reliability.
- Administered and maintained the infrastructure of roughly 2,000 computers and 440 servers for more than four years.
- Deployed, patched, and monitored high-traffic production Linux, Apache, MySQL, and PHP (LAMP) stacks, Nginx, Varnish, and Squid Proxy according to the runbook and ensured their availability.
- Managed Apache web servers to host dynamic websites, implementing security features like mod_security, and optimizing configurations for high-traffic loads.
- Operated and maintained Windows and Linux servers for software deployments, patch management, and security.
- Administered and maintained multi-site Windows and Linux environments (operating system, web servers, application servers).
- Played a pivotal role in system design, specializing in operating system tuning, web server optimization, and application architecting, leading to a 25% improvement in system response times.
Cloudflare – Web Application Firewall Transformation
Security Analytic and Automation Platform
This implementation helps protect customer data (fraud detection), mitigates threats faster with automated tasks, proactively identifies external threats, and monitors internal systems.
Secure WordPress Platformhttp://www.ku.edu.tr
Enterprise-wide Vulnerability Assessment and Remediation
Identified and documented over 2,000 vulnerabilities across various systems.
Successfully remediated 95% of critical vulnerabilities within the 1st month.
Established a monthly vulnerability assessment routine, reducing potential risks by 80%.
Hadoop, Windows PowerShell, .NET, AWS HA
Amazon CloudFront CDN, Grafana, Terraform, AWS CloudFormation, NGINX, VPN, Amazon EKS, Sumo Logic, Splunk, ELK (Elastic Stack), VMware, Prisma, Twistlock, Kibana, AWS CodeBuild, Helm, Azure Web Application Firewall, Amazon CloudWatch, Apache, Logstash, FirePower, GitLab CI/CD, Azure Key Vault, GitHub, Microsoft Teams, Ansible, Suricata, Jenkins, Azure Kubernetes Service (AKS), Git, CircleCI, Vault, Sentry, SonarQube, Amazon Elastic Container Service (Amazon ECS), MongoDB Atlas, Docker Compose, Docker Hub, GitLab, AWS ELB, Amazon Virtual Private Cloud (VPC), AWS CLI, AWS VLC, Amazon Simple Email Service (SES), AWS IAM, Azure DevOps Services, HashiCorp, Nessus, Accunetix Vulnerability Scanner
DevOps, Penetration Testing, Serverless Architecture, DDoS, DevSecOps, Continuous Integration (CI), Secure Code Best Practices, Azure DevOps
Amazon Web Services (AWS), WordPress, Amazon EC2, Docker, Kubernetes, Azure, Linux, Google Cloud Platform (GCP), Windows, Windows Server, Microsoft, CentOS, AWS Lambda, Databricks, Burp Suite, New Relic, Duo, Harbor, AWS NLB, AWS ALB, Amazon, QualysGuard, Red Hat Linux, Linux RHEL/CentOS
Amazon S3 (AWS S3), Azure Active Directory, Datadog, Database Security, EMC DataDomain, Azure Cloud Services, Elasticsearch, Microsoft SQL Server, Redis, MySQL, Data Synchronization, AWS SWF, SUSE, Google Cloud
Cybersecurity, Network Security
SIEM, Firewalls, Cloudflare, Vulnerability Management, Vulnerability Assessment, Checkpoints, Microsoft Azure, Web Security, DNS, Amazon Route 53, BIND DNS, Web Hosting, Load Balancers, Content Delivery Networks (CDN), Splunk Enterprise Security, Cloud Security, Data Loss Prevention (DLP), Identity & Access Management (IAM), Data Encryption, Office 365, Site Reliability Engineering (SRE), Single Sign-on (SSO), Infrastructure as Code (IaC), Networks, Security, Architecture, IT Security, Integration, Cloud Services, CISO, Cloud Infrastructure, Domain DNS Setup, DNS Configuration, Dynamic Host Configuration Protocol (DHCP), DNS Servers, IT Networking, Solution Architecture, AWS Certified Solution Architect, Fortinet Firewall Configuration, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), IDS/IPS, Data Protection, Compliance, Amazon RDS, F5 Networks, TCP/IP, Check Point, System Administration, Security Architecture, Threat Intelligence, System Architecture, Cloud Architecture, AWS Certified DevOps Engineer, DevOps Engineer, Information Security, SecOps, Lansweeper, Network Configuration, IT Infrastructure, System-on-a-Chip (SoC), Cloud Migration, Networking, Infrastructure, IIS, Rapid7 Solutions, Shell Scripting, Security Policies & Procedures, Google Workspace, Software Development Lifecycle (SDLC), Agile DevOps, Configuration Management, Containers, IT Systems Engineering, Security Audits, Security Management, ISO 27001, Azure Service Bus, Analytics, CISM, CISSP, Security Engineering, IT Governance, Governance, Data Governance, Container Orchestration, Web Servers, WiFi, Duo 2FA, Cisco AnyConnect, Microsoft 365, DHCP, Kerberos, IaaS, Scalability, Orchestration, Cloud Engineering, CyberArk, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), NIST, Threat Modeling, Azure Resource Manager (ARM), Containerization, Risk Management, CI/CD Pipelines, Palo Alto Networks, APIs, OWASP Top 10, Web App Security, OWASP, Data-level Security, Active Directory Synchronization, User Authentication, Group Policy Management, Group Policy, Active Directory Federation, Cisco, AWS DevOps, Argo CD, SOC 2, Deployment, Google Vault, Canary Releases, SOC Compliance, Web Application Firewall (WAF), Threat Analytics, Cloud, Migration, Security Orchestration, Automation, and Response (SOAR), Palo Alto Demisto, Prometheus, Palo Alto Prisma Cloud, IoC, Okta, Orca Security, Security Analysis, Security Operations Centers (SOC), Digital Forensics, IoT Security, CIS Controls, Snyk, rapid7, Risk Assessment, RHEL, SAP Basis
SAML, Bash Script, Python 3, Python
Master's Degree in Cybersecurity
Akhmet Yassawi University - Turkey
Master's Degree in Forensic Investigation
International Dublin University - Ireland
HashiCorp Ambassador 2023
AWS Certified SysOps Administrator — Associate
Amazon Web Services
AWS Certified Security — Specialty
Amazon Web Services
AWS Certified Solutions Architect – Professional
Amazon Web Services
Certified Information Security Manager (CISM)
Microsoft Certified: Azure Solutions Architect Expert
Microsoft Certified: DevOps Engineer Expert
AWS Certified Solutions Architect – Associate
Amazon Web Services
Microsoft Certified: Azure Administrator Associate
Microsoft Certified: Security Operations Analyst Associate
Microsoft Cybersecurity Architect
Microsoft 365 Certified: Security Administrator Associate
Microsoft Certified: Azure Security Engineer Associate