Burak is available for hire

Burak Çınar

Verified Expert in Engineering

DevSecOps Architect Developer

Location

McLean, VA, United States

Toptal Member Since

November 15, 2021

Burak is a senior security architect passionate about aligning security architecture plans and processes with high-security standards and business goals. He is known for resolving tough problems and delivering results that improve the company's IT infrastructure security. Burak's past roles have included a head of engineering and cloud and cybersecurity architect. At Domino's Pizza, Burak maintained digital systems worth over $70 million, including a cloud application, servers, and computers.

System Administration Security Security Policies & Procedures SecOps IIS Cloud Engineering Security Architecture Information Security Firewalls Identity & Access Management (IAM)Cloud Architecture Data Governance Integration Check Point Cloud Migration

Portfolio

Arizona State University

Amazon, DevOps, DevSecOps, Vulnerability Management, Vulnerability Assessment...

BCG

DevOps, Security, Identity & Access Management (IAM), Amazon Web Services (AWS)...

Domino's Pizza

CyberArk, Cloudflare, Splunk, Static Application Security Testing (SAST)...

Experience

IT Security - 11 years DevOps - 8 years Amazon Web Services (AWS) - 8 years Cloud Security - 6 years Web Security - 6 years Google Cloud Platform (GCP) - 5 years Terraform - 4 years Microsoft Azure - 4 years

Availability

Full-time

Preferred Environment

Amazon Web Services (AWS), Azure, DevOps, DevSecOps, Web App Security, Cloud, Cybersecurity, Security Architecture, IT Security, CISSP, DHCP, Windows PowerShell, Kerberos, Data Encryption, Secure Code Best Practices, IaaS, Scalability, Orchestration, Microsoft SQL Server, Data Synchronization, Cloud Engineering

The most amazing...

...project I've implemented is a cybersecurity analytic platform in under one month, creating visibility for one of the biggest eCommerce systems in Turkey.

Work Experience

Senior Security Engineer

2023 - PRESENT

Arizona State University

Designed and implemented a highly secure AWS and Azure infrastructure, incorporating robust security practices and technical controls. Developed and executed incident response plans to enhance system security.
Developed and executed incident response plans to enhance system security.
Strengthened data protection in the cloud, implementing encryption and other security controls, reducing data breaches by 40%.
Managed stakeholder relationships in an international setting, ensuring alignment on security initiatives and strategies.
Integrated security tools in the DevSecOps pipeline, specifically GitHub, AWS CodePipeline, and Snyk.
Administered and maintained various Linux distributions, ensuring system reliability, security, and efficiency.
Troubleshoot issues ranging from deployment to application functionalities using Cloudwatch logs and SIEM tools like Datadog and ELK.

Technologies: Amazon, DevOps, DevSecOps, Vulnerability Management, Vulnerability Assessment, Cloud Security, Snyk, QualysGuard, GitHub, Terraform, Shell Scripting, Security Policies & Procedures, Deployment, Software Development Lifecycle (SDLC), Containers, CISM, CISSP, ISO 27001, Security Management, Security Audits, NIST, Container Orchestration, AWS Lambda, Apache, Web Servers, Hadoop, Python, Risk Assessment, NGINX, Datadog, Splunk, Splunk Enterprise Security, ELK (Elastic Stack), Kibana, Logstash, Elasticsearch

Senior Security Specialist

2021 - 2023

BCG

Managed security automation tools using AWS security services to automate security controls.
Improved application security program by introducing technical standards fostering secure development practices.
Developed a Terraform script for security automation across more than 460 public cloud accounts.
Managed IAM processes for over 460 public cloud accounts, improving user access management efficiency by 25%.
Executed a secure cloud migration strategy, mitigating potential risks and ensuring a smooth transition with zero downtime.
Implemented robust security measures for multi-cloud environments, increasing overall security posture and reducing incidents by 35%.

Technologies: DevOps, Security, Identity & Access Management (IAM), Amazon Web Services (AWS), Risk Management, Containerization, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, Jenkins, Penetration Testing, Threat Intelligence, Threat Modeling, System Architecture, Prisma, Twistlock, AWS DevOps, Git, Cloud Architecture, Information Security, SecOps, CircleCI, IT Infrastructure, Vault, Networking, Infrastructure, Microsoft, Shell Scripting, Security Policies & Procedures, Deployment, Software Development Lifecycle (SDLC), CISM, CISSP, Docker Hub, Docker Compose, Azure, Azure Web Application Firewall, Google Vault, Analytics, Helm, ISO 27001, Security Management, Security Audits, Redis, NIST, AWS Lambda, Apache, Web Servers, Databricks, Hadoop, ELK (Elastic Stack), Kibana, Logstash, Elasticsearch

Head of Engineering

2020 - 2022

Domino's Pizza

Led the successful migration of the company's on-premises infrastructure to AWS, enhancing scalability, security, and cost savings.
Built a comprehensive cybersecurity architecture, driving a company-wide initiative to reduce IT system vulnerabilities.
Established company-wide IAM policies that improved access management efficiency by 50% and reduced access-related incidents by 30%.
Designed and deployed a multi-region cloud infrastructure on AWS, enhancing application availability and disaster recovery capabilities.
Implemented containerization strategies using Docker and Kubernetes, optimizing resource utilization and scaling capabilities.
Played a pivotal role in adopting microservices architecture, facilitating faster feature releases and system scalability.
Collaborated with the software development team to integrate CI/CD pipelines using Jenkins and GitLab, accelerating deployment times by 40%.
Managed a team of DevOps engineers responsible for maintaining and optimizing the company's cloud infrastructure.
Utilized monitoring tools like Nagios, Zabbix, and Prometheus for real-time performance tracking, proactive issue identification, and capacity planning.
Automated routine system maintenance tasks using Bash scripting and other automation tools, reducing manual intervention by 40%.

Technologies: CyberArk, Cloudflare, Splunk, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Vulnerability Management, Vulnerability Assessment, Firewalls, Checkpoints, Amazon Web Services (AWS), Microsoft Azure, Azure DevOps, GitLab CI/CD, NIST, Penetration Testing, Burp Suite, Cloud Security, VPN, Risk Management, Identity & Access Management (IAM), Kubernetes, Site Reliability Engineering (SRE), GitHub, Terraform, Security, CI/CD Pipelines, Architecture, IT Security, Docker, Linux, DevOps, Cloud Services, DevSecOps, APIs, OWASP Top 10, Web App Security, OWASP, CISO, New Relic, Cloud Infrastructure, IT Networking, Solution Architecture, AWS Certified Solution Architect, Cloud, Splunk Enterprise Security, Data Protection, Data-level Security, Compliance, Single Sign-on (SSO), SAML, User Authentication, Cybersecurity, Azure Active Directory, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, ELK (Elastic Stack), Check Point, Network Security, System Administration, Windows Server, Security Architecture, Azure Kubernetes Service (AKS), System Architecture, Prisma, Twistlock, AWS DevOps, Git, Cloud Architecture, DevOps Engineer, Information Security, SecOps, Lansweeper, Network Configuration, IT Infrastructure, System-on-a-Chip (SoC), Cloud Migration, Vault, Sentry, SonarQube, Harbor, Networking, Infrastructure, IIS, Microsoft, Database Security, Rapid7 Solutions, Shell Scripting, Security Policies & Procedures, Deployment, Software Development Lifecycle (SDLC), .NET, Containers, CentOS, CISM, CISSP, Docker Hub, Docker Compose, Azure, Azure Web Application Firewall, Analytics, Azure Service Bus, MongoDB Atlas, Helm, ISO 27001, Security Management, Security Audits, MySQL, Redis, Security Engineering, IT Governance, Governance, Data Governance, Container Orchestration, Serverless Architecture, AWS Lambda, Apache, Web Servers, Databricks, Hadoop, Kibana, Logstash, Elasticsearch, Red Hat Linux, SUSE, RHEL, Linux RHEL/CentOS, Windows, SAP Basis, Google Cloud Platform (GCP), Google Cloud, Microsoft 365, Data Synchronization

Cybersecurity Engineer

2020 - 2020

Domino's Pizza

Developed a DevSecOps culture with CI/CD in the entire development-to-production chain using Snyk, Trivy, and Docker Bench for Security.
Used Harden on the AWS cloud environment to comply with NIST, CIS Benchmarks, and PCI.
Directed DevOps in systems hardening and developed a secure, hardened baseline for container environments.
Communicated enterprise security policy to internal stakeholders and external vendors.
Completed a senior project in authentication security that cut the security risk of a working website by 70%.
Implemented a vulnerability management program, reducing the instances of known vulnerabilities by 95%.
Deployed and managed FortiGate and Check Point firewalls, ensuring optimal configuration and security policies across the organization.
Managed the corporate firewall, improving the response time to implement changes by 50% over a year. Optimized the existing ruleset to decrease its length by 65%, making error-free maintenance easier.
Built and maintained hardened operating system images following industry standards and benchmarks, such as the CIS and OpenSCAP ecosystems.
Managed and administered Linux distributions, including SUSE and Red Hat Enterprise Linux (RHEL), ensuring optimal system performance, security, and compliance.

Technologies: Azure, Azure Resource Manager (ARM), Cloud Security, VPN, Azure Key Vault, Azure Active Directory, Site Reliability Engineering (SRE), GitHub, Terraform, Security, Amazon EKS, CI/CD Pipelines, Microsoft Teams, Architecture, IT Security, Docker, Linux, DevOps, Cloud Services, DevSecOps, APIs, OWASP Top 10, Web App Security, OWASP, New Relic, Cloud Infrastructure, Domain DNS Setup, DNS Configuration, Dynamic Host Configuration Protocol (DHCP), DNS Servers, IT Networking, Infrastructure as Code (IaC), Solution Architecture, AWS Certified Solution Architect, Cloud, Splunk Enterprise Security, Splunk, Fortinet Firewall Configuration, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), IDS/IPS, Data Protection, Data-level Security, Compliance, Single Sign-on (SSO), SAML, Active Directory Synchronization, User Authentication, Group Policy Management, Group Policy, Active Directory Federation, Cybersecurity, Windows, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, Jenkins, ELK (Elastic Stack), Check Point, Cisco, Network Security, System Administration, Windows Server, Azure DevOps Services, Security Architecture, Azure Kubernetes Service (AKS), System Architecture, Prisma, Twistlock, Git, Cloud Architecture, DevOps Engineer, Information Security, SecOps, Lansweeper, CircleCI, Network Configuration, IT Infrastructure, System-on-a-Chip (SoC), Cloud Migration, Vault, Kibana, Argo CD, Sentry, SonarQube, Harbor, Networking, Infrastructure, IIS, Microsoft, Database Security, Rapid7 Solutions, Shell Scripting, Security Policies & Procedures, Deployment, Software Development Lifecycle (SDLC), .NET, Containers, CentOS, CISSP, Canary Releases, Docker Hub, Docker Compose, Azure Web Application Firewall, Analytics, Azure Service Bus, MongoDB Atlas, Helm, ISO 27001, Security Management, Security Audits, MySQL, Redis, AWS Lambda, Apache, Web Servers, Databricks, Hadoop, Logstash, Elasticsearch, Microsoft 365

Cloud Security Architect

2014 - 2020

Koç University

Enforced automation processes using Ansible and Terraform, reducing deployment time and manual errors.
Slashed the risk of cyberattacks by 43% using automatic updates and training all 1,450+ employees in information security best practices.
Increased user security impacting 2,100 employees across six offices by implementing single sign-on and two-factor authentication systems.
Implemented a new corporate security infrastructure, reducing maintenance costs by 66% annually.
Administered, deployed, configured, and troubleshot cloud services, including AWS, GCP, and the Microsoft Azure platform.
Managed SIEM tools, monitored alerts, and performed security incident response activities and log management.
Contributed to building and implementing centralized logging systems, such as Grafana, ELK, Splunk, and Prometheus.
Managed a diverse portfolio of security solutions, including FortiGate, Check Point, F5 WAF, and Pulse Secure products.
Played a pivotal role in troubleshooting and resolving complex network security issues, ensuring minimal downtime and business impact.
Collaborated with the IT security team to roll out Azure Information Protection for two client projects, achieving a 90% data classification accuracy rate and enhancing data protection compliance by 55%.

Technologies: Amazon Web Services (AWS), Serverless Architecture, Web Security, WordPress, Azure Active Directory, Azure Key Vault, Azure Resource Manager (ARM), Networks, Cloud Security, Azure, Kubernetes, Site Reliability Engineering (SRE), GitHub, Security, Amazon EKS, CI/CD Pipelines, Microsoft Teams, Architecture, IT Security, Docker, Linux, Cloud Services, Google Cloud Platform (GCP), DevSecOps, APIs, OWASP Top 10, Web App Security, OWASP, Datadog, Terraform, Palo Alto Networks, Cloud Infrastructure, Domain DNS Setup, DNS Configuration, Dynamic Host Configuration Protocol (DHCP), DNS Servers, IT Networking, Infrastructure as Code (IaC), Solution Architecture, AWS Certified Solution Architect, Cloud, Splunk Enterprise Security, Splunk, Fortinet Firewall Configuration, Suricata, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), IDS/IPS, Data Protection, Data-level Security, Compliance, Single Sign-on (SSO), Duo, SAML, Active Directory Synchronization, User Authentication, Group Policy Management, Group Policy, Active Directory Federation, Cybersecurity, Windows, Amazon EC2, Amazon S3 (AWS S3), Amazon CloudFront CDN, Amazon RDS, ELK (Elastic Stack), F5 Networks, Check Point, Cisco, Network Security, System Administration, Windows Server, Azure DevOps Services, Security Architecture, VMware, System Architecture, Prisma, Twistlock, AWS DevOps, Git, Cloud Architecture, DevOps Engineer, Information Security, SecOps, Lansweeper, Network Configuration, IT Infrastructure, System-on-a-Chip (SoC), Cloud Migration, Kibana, Argo CD, Sentry, SonarQube, Harbor, Networking, Infrastructure, IIS, Microsoft, Database Security, Rapid7 Solutions, Shell Scripting, Security Policies & Procedures, Google Workspace, Containers, CentOS, CISSP, Canary Releases, Docker Hub, Docker Compose, EMC DataDomain, Azure Web Application Firewall, Google Vault, ISO 27001, Security Management, Security Audits, MySQL, Redis, Container Orchestration, Apache, Web Servers, Logstash, Elasticsearch, Microsoft 365

System Administration Senior Specialist

2011 - 2014

Koç University

Supervised the operation and monitoring of all infrastructure, including 24/7 support in Grafana and Prometheus.
Designed the architecture and deployed, configured, and troubleshot on cloud environments, including AWS, GCP, and Azure.
Deployed load-balancing solutions like Nginx, HAProxy, and mod_jk to distribute incoming traffic across multiple servers for improved reliability.
Administered and maintained the infrastructure of roughly 2,000 computers and 440 servers for more than four years.
Deployed, patched, and monitored high-traffic production Linux, Apache, MySQL, and PHP (LAMP) stacks, Nginx, Varnish, and Squid Proxy according to the runbook and ensured their availability.
Managed Apache web servers to host dynamic websites, implementing security features like mod_security, and optimizing configurations for high-traffic loads.
Operated and maintained Windows and Linux servers for software deployments, patch management, and security.
Administered and maintained multi-site Windows and Linux environments (operating system, web servers, application servers).
Played a pivotal role in system design, specializing in operating system tuning, web server optimization, and application architecting, leading to a 25% improvement in system response times.

Technologies: Amazon Web Services (AWS), DNS, Amazon Route 53, BIND DNS, Web Hosting, Grafana, Prometheus, VPN, GitHub, Security, Amazon EKS, IT Security, Docker, Linux, Cloud Services, Google Cloud Platform (GCP), Datadog, Terraform, Palo Alto Networks, Cloud Infrastructure, Domain DNS Setup, DNS Configuration, Dynamic Host Configuration Protocol (DHCP), DNS Servers, IT Networking, AWS Certified Solution Architect, Cloud, Splunk, Suricata, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), IDS/IPS, Single Sign-on (SSO), Duo, Active Directory Synchronization, User Authentication, Group Policy Management, Group Policy, Active Directory Federation, Azure Active Directory, Windows, Amazon EC2, Amazon S3 (AWS S3), Amazon RDS, ELK (Elastic Stack), F5 Networks, Check Point, Cisco, Network Security, System Administration, Windows Server, VMware, System Architecture, AWS DevOps, Cloud Architecture, Kubernetes, Ansible, DevOps Engineer, Lansweeper, Network Configuration, IT Infrastructure, Kibana, SonarQube, Networking, Infrastructure, IIS, Microsoft, Google Workspace, Containers, CentOS, EMC DataDomain, MySQL, Redis, Serverless Architecture, Apache, Web Servers, Logstash, Elasticsearch, Azure, Microsoft 365, Data Synchronization

Experience

Cloudflare – Web Application Firewall Transformation

I completed a senior project in authentication security that cut the security risk of a working website by 70%, added protection for additional DDoS protection, and activated and added custom rules to prevent known attacks.

Security Analytic and Automation Platform

I implemented Splunk Enterprise Security and PaloAlto XOAR solutions to Dominos Russia and Dominos Turkey. It covers seven fabrics, six branch offices, more than 800 stores, and over 50 million customers.

This implementation helps protect customer data (fraud detection), mitigates threats faster with automated tasks, proactively identifies external threats, and monitors internal systems.

Secure WordPress Platform

http://www.ku.edu.tr

Koc University has become one of the leading universities in Turkey. I moved all web hosting infrastructure to AWS. The University has more than 350 different WordPress hybrid installations. I was the architect responsible for cloud and security.

Asset Management

I built an asset management ecosystem for the requirement of SANS CIS Controls. I utilized Lansweeper to discover and inventory software and hardware assets, enabling effective asset management and maintenance planning for all company assets (more than 15,000).

Enterprise-wide Vulnerability Assessment and Remediation

Conducted a comprehensive vulnerability assessment for a multinational corporation with over 10,000 endpoints. Utilized advanced scanning tools and methodologies to identify vulnerabilities, followed by a structured remediation process.

KEY ACHIEVEMENTS
Identified and documented over 2,000 vulnerabilities across various systems.
Successfully remediated 95% of critical vulnerabilities within the 1st month.
Established a monthly vulnerability assessment routine, reducing potential risks by 80%.

Skills

Frameworks

Hadoop, Windows PowerShell, .NET, AWS HA

Libraries/APIs

RADIUS

Tools

Amazon CloudFront CDN, Grafana, Terraform, AWS CloudFormation, NGINX, VPN, Amazon EKS, Sumo Logic, Splunk, ELK (Elastic Stack), VMware, Prisma, Twistlock, Kibana, AWS CodeBuild, Helm, Azure Web Application Firewall, Amazon CloudWatch, Apache, Logstash, FirePower, GitLab CI/CD, Azure Key Vault, GitHub, Microsoft Teams, Ansible, Suricata, Jenkins, Azure Kubernetes Service (AKS), Git, CircleCI, Vault, Sentry, SonarQube, Amazon Elastic Container Service (Amazon ECS), MongoDB Atlas, Docker Compose, Docker Hub, GitLab, AWS ELB, Amazon Virtual Private Cloud (VPC), AWS CLI, AWS VLC, Amazon Simple Email Service (SES), AWS IAM, Azure DevOps Services, HashiCorp, Nessus, Accunetix Vulnerability Scanner

Paradigms

DevOps, Penetration Testing, Serverless Architecture, DDoS, DevSecOps, Continuous Integration (CI), Secure Code Best Practices, Azure DevOps

Platforms

Amazon Web Services (AWS), WordPress, Amazon EC2, Docker, Kubernetes, Azure, Linux, Google Cloud Platform (GCP), Windows, Windows Server, Microsoft, CentOS, AWS Lambda, Databricks, Burp Suite, New Relic, Duo, Harbor, AWS NLB, AWS ALB, Amazon, QualysGuard, Red Hat Linux, Linux RHEL/CentOS

Storage

Amazon S3 (AWS S3), Azure Active Directory, Datadog, Database Security, EMC DataDomain, Azure Cloud Services, Elasticsearch, Microsoft SQL Server, Redis, MySQL, Data Synchronization, AWS SWF, SUSE, Google Cloud

Industry Expertise

Cybersecurity, Network Security

Other

SIEM, Firewalls, Cloudflare, Vulnerability Management, Vulnerability Assessment, Checkpoints, Microsoft Azure, Web Security, DNS, Amazon Route 53, BIND DNS, Web Hosting, Load Balancers, Content Delivery Networks (CDN), Splunk Enterprise Security, Cloud Security, Data Loss Prevention (DLP), Identity & Access Management (IAM), Data Encryption, Office 365, Site Reliability Engineering (SRE), Single Sign-on (SSO), Infrastructure as Code (IaC), Networks, Security, Architecture, IT Security, Integration, Cloud Services, CISO, Cloud Infrastructure, Domain DNS Setup, DNS Configuration, Dynamic Host Configuration Protocol (DHCP), DNS Servers, IT Networking, Solution Architecture, AWS Certified Solution Architect, Fortinet Firewall Configuration, Intrusion Prevention Systems (IPS), Intrusion Detection Systems (IDS), IDS/IPS, Data Protection, Compliance, Amazon RDS, F5 Networks, TCP/IP, Check Point, System Administration, Security Architecture, Threat Intelligence, System Architecture, Cloud Architecture, AWS Certified DevOps Engineer, DevOps Engineer, Information Security, SecOps, Lansweeper, Network Configuration, IT Infrastructure, System-on-a-Chip (SoC), Cloud Migration, Networking, Infrastructure, IIS, Rapid7 Solutions, Shell Scripting, Security Policies & Procedures, Google Workspace, Software Development Lifecycle (SDLC), Agile DevOps, Configuration Management, Containers, IT Systems Engineering, Security Audits, Security Management, ISO 27001, Azure Service Bus, Analytics, CISM, CISSP, Security Engineering, IT Governance, Governance, Data Governance, Container Orchestration, Web Servers, WiFi, Duo 2FA, Cisco AnyConnect, Microsoft 365, DHCP, Kerberos, IaaS, Scalability, Orchestration, Cloud Engineering, CyberArk, Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), NIST, Threat Modeling, Azure Resource Manager (ARM), Containerization, Risk Management, CI/CD Pipelines, Palo Alto Networks, APIs, OWASP Top 10, Web App Security, OWASP, Data-level Security, Active Directory Synchronization, User Authentication, Group Policy Management, Group Policy, Active Directory Federation, Cisco, AWS DevOps, Argo CD, SOC 2, Deployment, Google Vault, Canary Releases, SOC Compliance, Web Application Firewall (WAF), Threat Analytics, Cloud, Migration, Security Orchestration, Automation, and Response (SOAR), Palo Alto Demisto, Prometheus, Palo Alto Prisma Cloud, IoC, Okta, Orca Security, Security Analysis, Security Operations Centers (SOC), Digital Forensics, IoT Security, CIS Controls, Snyk, rapid7, Risk Assessment, RHEL, SAP Basis

Languages

SAML, Bash Script, Python 3, Python

Education

2023 - 2023

Master's Degree in Cybersecurity

Akhmet Yassawi University - Turkey

2022 - 2023

Master's Degree in Forensic Investigation

International Dublin University - Ireland

Microsoft

JANUARY 2023 - PRESENT

Microsoft Certified: Azure Security Engineer Associate

Microsoft