Murat is available for hire

Murat Hatipoglu

Verified Expert in Engineering

Cloud Solution Architect and Developer

Location

London, United Kingdom

Toptal Member Since

November 6, 2018

With over five years of dedicated service at Toptal, Murat has been instrumental in providing top-tier IT consultancy to global clients. His role at Toptal underscores his expertise in addressing complex IT challenges across diverse industries, further solidifying his reputation as a trusted advisor in the community. Prior roles at Palo Alto Networks, F5 Networks, Teradata, and Hewlett Packard have all contributed to Murat's comprehensive understanding of enterprise-level IT solutions.

Portfolio

Pfizer

Kubernetes, Data Science, DevOps, Neo4j, Graph Databases...

Avon Products

Amazon Web Services (AWS), Azure, Terraform, Jenkins...

Bridgestone

DevSecOps, Security Analysis, Security, Writing & Editing, DevOps, Azure...

Experience

Security - 20 years Identity & Access Management (IAM) - 20 years Cloud - 10 years Azure - 10 years Amazon Web Services (AWS) - 5 years Infrastructure as Code (IaC) - 3 years Terraform - 2 years Kubernetes - 2 years

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Python, Docker, Kubernetes, Terraform, Azure

The most amazing...

...projects I've completed help clients secure applications deployed on public cloud environments and protect them from sophisticated application layer attacks.

Work Experience

DevOps Engineer

2021 - PRESENT

Pfizer

Collaborated with a team of software and systems engineers, focusing on projects aimed at enhancing the availability, reliability, and efficiency of global infrastructure services crucial for running pivotal applications.
Innovatively designed and developed automated deployment systems for Neo4j Graph Database clusters, hosting the KnowledgeGraph database and other essential databases extensively utilized by major business applications.
Fostered SRE capabilities across multiple product teams, maintaining regular engagements with data engineers, product owners, and software developers from each team, bolstering collaboration and streamlined support.
Conducted insightful analysis of system data, identifying patterns and uncovering opportunities for enhancement, particularly in resolving recurring issues and automating current manual processes.
Spearheaded the development of software and built automation strategies to mitigate recurring issues, eliminate manual efforts, and bolster service efficiency comprehensively.
Advocated and implemented a data-driven approach, introducing pivotal indicators to assist the broader operations team in meticulous service health monitoring.
Pioneered in designing, developing, and sustaining infrastructure as Code (IaC) solutions, employing tools like Terraform and GitAction pipelines, facilitating the management and automation of application infrastructure across diverse platforms.

Technologies: Kubernetes, Data Science, DevOps, Neo4j, Graph Databases, Amazon Web Services (AWS), Terraform, GitHub, Git, Amazon EKS, Bash Script, Sysdig, Artifactory, Elastic, Amazon EC2, Amazon S3 (AWS S3)

Cloud Security Architect | DevSecOps Engineer

2020 - 2021

Avon Products

Designed the security architecture of multi-cloud hybrid infrastructure.
Designed security as an integral part of SDLC and DevOps practices.
Worked on IaC development for the deployment of designed solutions and architectures.
Delivered POCs for new products and technologies, such as AWS Network firewall, Snyk, and CrowdStrike in cloud environments.

Technologies: Amazon Web Services (AWS), Azure, Terraform, Jenkins, Azure Kubernetes Service (AKS), AWS Transit Gateway, Firewalls, AWS Security Hub, Amazon CloudWatch, NGINX, Web Application Firewall (WAF), Amazon Route 53, Hybrid Cloud Infrastructure, CI/CD Pipelines, Cloud Infrastructure, Git, Containers, Security Policies & Procedures, Shell Scripting, Azure Virtual Networks, Amazon Elastic Container Service (Amazon ECS), GitLab, GitHub

Azure DevOps and Security Architect

2020 - 2020

Bridgestone

Documented Azure application's security, privacy, compliance, reliability/resiliency, and intellectual property.
Assessed the existing Azure environment(s). Collected data to build the document.
Compared the existing environment against the CIS Azure Foundations Benchmark, documenting implemented security controls and missing and recommended controls.

Technologies: DevSecOps, Security Analysis, Security, Writing & Editing, DevOps, Azure, Cloud Infrastructure, Security Policies & Procedures, Azure Virtual Networks, GitHub

Cloud Security Architect

2019 - 2020

Rocket

Performed the audit and security review of the existing product, staging, and development environments on multiple AWS accounts.
Completed a gap analysis against the CIS framework, PCI DSS, and SOC-2 requirements. Documented actions required for remediation of findings.
Deployed, configured, and integrated AWS services such as Security Hub, Inspector, Macie, Config, CloudTrail, and CloudWatch.

Technologies: Amazon Web Services (AWS), Amazon CloudWatch, AWS CloudTrail, Identity & Access Management (IAM), Cloud Infrastructure, Containers, Security Policies & Procedures

DevOps and Cloud Security Engineer

2019 - 2020

Dentsu Aegis Network

Oversaw the design of cloud security perimeter on Azure and AWS.
Developed Terraform automation code to deploy designed architecture components.
Developed Terraform codes to implement infrastructure as code (IaC) practice.
Integrated automated infrastructure deployments into CI/CD pipelines.
Designed, deployed, and configured cloud-native security solutions and 3rd-party security products in a multi-cloud environment.

Technologies: Amazon Web Services (AWS), Docker, Azure Kubernetes Service (AKS), Kubernetes, Terraform, Helm, Azure, CI/CD Pipelines, Cloud Infrastructure, Git, Containers, Security Policies & Procedures, Shell Scripting, Azure Virtual Networks, Amazon Elastic Container Service (Amazon ECS), GitLab

Senior Application Delivery and Security Specialist

2018 - 2019

Opel Vauxhall Finance

Deployed a new application delivery infrastructure.
Supported application migrations between data centers.
Managed remote access infrastructure and identity and access management.
Developed TCL codes for application traffic manipulation and controls.
Secured external and internal applications.

Technologies: Splunk, DNS, APM, Security Policies & Procedures, Shell Scripting, F5 Networks, Load Balancers, Dynamic Load Balancing, Hardware Load Balancing (HLD), SAML, SAML-auth, Identity & Access Management (IAM), Single Sign-on (SSO)

Contractor Security Architect

2018 - 2018

Derbyshire County Council in UK

Deployed ADFS and F5 security products in Azure.
Implemented layer 4 DDoS protection for ADFS service.
Ensured L7 DoS protection for ADFS service.
Built a high-availabile infrastructure for ADFS service.

Technologies: ASM, ADFS, Azure, Cloud Infrastructure, Security Policies & Procedures

Network and Security Architect

2017 - 2017

Nottinghamshire City Council

Designed new application delivery infrastructure.
Created and deployed high available, optimized, and secured access to applications.
Deployed secure remote access to internal applications and VDI environment.
Integrated a new solution with existing infrastructure and identity access management solution.
Designed and deployed a Global Server Load Balancing solution to provide active-active and active-passive use of two datacenters.

Technologies: Identity & Access Management (IAM), DNS, Load Balancers, Security Policies & Procedures

Network and Security Architect

2017 - 2017

University of Lincoln

Designed a new data center application delivery and security infrastructure.
Planned a phased migration of applications from legacy data center to the new one while both data centers run in production in parallel.
Created and deployed a high available application delivery infrastructure.
Designed and deployed network and application firewall systems to provide Layer 3-7 protection.
Developed customer TCL codes to integrate Cisco ISE and F5 Networks solutions to provide controlled Wi-Fi and remote access to the campus network.
Designed and deployed of Global Server Load Balancing infrastructure for active-active operation of old and new datacenters together with active-passive operation of new and disaster recover datacenters for business continuity.

Technologies: DNS, Firewalls, Load Balancers, Security Policies & Procedures, Shell Scripting

Cloud Architect

2017 - 2017

Ofgem (Gas and Electricty Markets Authority)

Migrated local applications to the cloud.
Deployed web application firewall and configured to secure application access.
Set up remote access infrastructure to enable users to access VDI environment.

Technologies: Virtual Desktop Infrastructure (VDI), Web Application Firewall (WAF), Cloud, Cloud Infrastructure

Systems Engineer

2013 - 2016

F5 Networks

Maintained a high level of technical knowledge of F5 Networks and the relevant industry.
Participated in the development and support of presentations for customers and partners.
Articulated technical elements of the F5 value proposition to customers and partners.
Provided complex design and systems engineering configurations.
Partnered with product development and product management to assist with Change Request (CR) and Customer Special Request (CSR) cases.
Contributed to the creation of case studies, white papers, and media articles for customers and/or partners.

Technologies: Virtual Desktop Infrastructure (VDI), Single Sign-on (SSO), Kerberos, SAML, PKI, OpenSSL, SMTP, DDoS, Firewalls, Node.js, Tcl, VPN, SSL, DNS, ASM, Cloud Infrastructure, Security Policies & Procedures, Shell Scripting, Azure Virtual Networks

Sales Specialist

2012 - 2013

Teradata

Handled direct sales in all financial accounts including banks and insurance companies.
Sold the Teradata solution portfolio products including software, professional services, hardware, and support services. This included products such as Customer Retention Management Solutions, Campaign Management Solutions, Scale-able Data Warehousing, Customer Interaction Solutions, Teradata database software, and Object Relational technologies and specific solutions on finance segment.
Interfaced with contacts at all levels, including those at director and executive management CXO levels, in both the IT and the business community.
Effectively advised and influenced customers through consultative selling techniques.
Closed profitable Teradata high scale data warehouse solution business incorporating hardware, software, professional services, and customer services.

Technologies: Business Intelligence (BI), Internet of Things (IoT), Artificial Intelligence (AI), Cloud, Big Data, Enterprise

Solution Architect - Consultant

1998 - 2012

Hewlett Packard

Served as the technical lead of Governmental Disaster Insurance Intuition project. Provided the design and implementation of the entire infrastructure.
Performed risk assessment, security review, security policies development and security solutions design/implementation for customers in different industries.
Provided on-site network and security consultancy for a GSM operator.
Served as the technical project lead of Security Risk Assessment and Ethical Hacking Projects.
Provided technical lead services for a Business Continuity project which has the national best integration project award in Turkey.
Integrated existing and new services to SDPA (Service Delivery Platform Architecture) environment of a GSM operator as a solution architect.
Consulted for Enterprise Networking, IT Security, IT Service Management, Identity and Access Management, Managed Services (outsourcing) projects.

Technologies: Firewalls, Service-oriented Architecture (SOA), Oracle, ITSM, PKI, Identity & Access Management (IAM), Security, Networks, Security Policies & Procedures, Shell Scripting

Experience

DoS/DDoS Protection for Cloud-based Applications

Protection of cloud-based applications by implementing Layer2-7 security controls.

Development of Code to Distribute User Traffic Between Data Centers

Development of Node.js code to check end-user traffic in a Mobile operator environment.

The solution captures end-user IMEI/IMSI data and query against centralized Oracle database to find out the details of that specific user. The user is redirected automatically based on their subscription details to the corresponding data center.

This custom solution saved hundreds of thousand dollars of the mobile operator.

Development of Code to Integrate IAM Solution Components

Developed series of TCL based custom code to integrate Cisco ISE product and F5 Networks LTM and APM modules. None of those components were able to provide the solution required alone.

The developed solution tracks, captures, and makes available the critical information to all solution components during the full cycle of user identification, authentication, and authorization.

Powershell and Perl-based Code Development for Automation and Multi-tenant Management of F5 Products

Developed Powershell and Perl-based codes to communicate with F5 products using REST API. Those codes are used to enable automation of regular tasks and also to enable individual application owners to take actions on their application delivery infrastructure without a need to connect F5 systems directly.

Python and Perl-based Codes for Automation and Integration

Developed custom codes to automate tasks in the scope of projects utilizing HP Openview product portfolio. Also codes for integration between HP products and with external third-party products monitored.

Development of Codes to Integrate F5 APM and Airwatch MDM Solutions

Development of TCL and Powershell custom codes to perform additional security checks against mobile user traffic when they access corporate applications. The solution makes sure only registered corporate mobile devices are allowed to access applications published to and accessed from the Internet.

High Availability for Application Access in Azure and AWS Environments

Deployment of third-party high availability solutions in Azure and AWS environments. The solutions provide advanced functionality over Azure and AWS standard load balancing solutions.

Advanced Security in Azure and AWS Environments

Design and deployment of advanced security solutions by using third-party products in Azure and AWS environments. These solutions include web application firewall for additional security controls at Layer7, network firewalls for next-generation controls and stronger segmentation in cloud environment, phishing and fraud detection and controls, secure remote access solutions, and SSL certificate management.

Integration of Third-party Cloud-based Applications (SaaS) With Corporate User Directories

SAML-based solutions design and deployments for providing corporate directory based authentication and authorization of users when they access to third-party cloud applications such as Webex, Concur, Egencia, Salesforce, and SuccessFactors.

MQL4 and MQL5-based Automated Trading Systems

Developed personal automated trading systems (robots) with MQL4 and MQL5 programming languages in MetaTrader environments.

Development of Codes for Application Traffic Control

TCL-based iRule codes running on F5 systems for content switching of application traffic, Traffic shaping and steering, manipulation of application traffic on-the-fly as required, running additional security controls on application traffic, and custom logging of application access related information.

Design, Deployment, and Terraform Automation of Cloud Landing Zone

Design of the security perimeter architecture, creating its automated deployment as Infrastructure as a Code (IaaS) integrated into CI/CD pipeline of multi-cloud digital media ecosystem platform running on Azure, AWS and GCP cloud platforms. Used Kubernetes, Docker, Nginx Ingress, Terraform, Helm, and cloud native as well as third-party security solutions in public cloud environments.

Audit and Security Review of an Existing AWS Environment

Audit and security review of the existing product, staging, and development environments on multiple AWS accounts. GAP-analysis against CIS framework, PCI DSS, and SoC-2 requirements. Documentation of actions required for remediation of findings.

Skills

Languages

SAML, Tcl, Perl, SQL, C, Python, MQL4, MQL5, Bash Script

Frameworks

ASM

Libraries/APIs

OpenSSL, Node.js

Tools

VPN, AWS CloudTrail, Amazon CloudWatch, Syslog, Ansible, Terraform, Azure Kubernetes Service (AKS), Git, Amazon Elastic Container Service (Amazon ECS), GitLab, GitHub, Splunk, ADFS, Helm, Jenkins, Cisco Webex Meetings Server, SAP Concur, NGINX, Amazon EKS, Artifactory, Elastic

Paradigms

DevOps, DevSecOps, DDoS, ITIL, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Business Intelligence (BI), Service-oriented Architecture (SOA), REST, Automation, Data Science

Platforms

Unix, Linux, Kubernetes, Docker, Azure, Amazon Web Services (AWS), Oracle, Salesforce, Sysdig, Amazon EC2

Industry Expertise

Cybersecurity

Storage

MySQL, Neo4j, Graph Databases, Amazon S3 (AWS S3)

Other

APM, SMTP, PKI, Single Sign-on (SSO), Enterprise, Networks, ITSM, Security Architecture, Threat Intelligence, Writing & Editing, Vulnerability Assessment, Security Testing, Security Analysis, IT Security, Dynamic Load Balancing, Load Balancers, CISSP, IT Service Management (ITSM), Network Monitoring, Continuous Monitoring, Monitoring, Business Continuity & Disaster Recovery (BCDR), SSL Configurations, SSL Certificates, SSL, Firewalls, Web Application Firewall (WAF), DNS Configuration, Domain Name System (DNS), DNS Servers, DNS, ASA Firewalls, Cisco Networking, Unix Shell Scripting, Security, Identity & Access Management (IAM), F5 Networks, Infrastructure as Code (IaC), Cloud, Web App Security, CI/CD Pipelines, Cloud Infrastructure, Containers, Security Policies & Procedures, Shell Scripting, Azure Virtual Networks, Virtual Desktop Infrastructure (VDI), Kerberos, Content Delivery Networks (CDN), PCI DSS, Big Data, Artificial Intelligence (AI), Internet of Things (IoT), SaaS, IaaS, PCI, System-on-a-Chip (SoC), Audits, GAP Analysis, AWS Transit Gateway, AWS Security Hub, Amazon Route 53, Hybrid Cloud Infrastructure, Computer Engineering, Consulting, Cloud Security, Containerization, Hardware Load Balancing (HLD), SAML-auth

Education

1993 - 1998

Bachelor of Science Degree in Computer Engineering

Ege Univerisy - Izmir, Turkey

Toptal matches you directly with global industry experts from our network in hours—not weeks or months.

Share your needs

Discuss your requirements and refine your scope in a call with a Toptal domain expert.

Choose your talent

Get a short list of expertly matched talent within 24 hours to review, interview, and choose from.

Start your risk-free talent trial

Work with your chosen talent on a trial basis for up to two weeks. Pay only if you decide to hire them.

Top talent is in high demand.

Start hiring