Murat Hatipoglu, Cloud Solution Architect Developer in London, United Kingdom
Murat Hatipoglu

Cloud Solution Architect Developer in London, United Kingdom

Member since November 6, 2018
Murat has been working in the IT industry for more than 20 years. With extensive network, system, and applications experience, he is able to relate the different requirements and provide clear insight into navigating the complex technology landscape. Murat's philosophy is to focus on building long-term relationships with clients, working with them to simplify their lives, and becoming a trusted partner rather than be just an outside consultant.
Murat is now available for hire

Portfolio

  • Avon Products
    AWS, Azure, Terraform, Jenkins, Azure Kubernetes Service (AKS)...
  • Bridgestone
    DevSecOps, Security Analysis, Security, Writing & Editing, DevOps, Azure
  • Service Rocket
    Amazon Web Services (AWS), Amazon CloudWatch, AWS CloudTrail...

Experience

Location

London, United Kingdom

Availability

Part-time

Preferred Environment

Amazon Web Services (AWS), Python, Docker, Kubernetes, Terraform, AWS, Azure

The most amazing...

...projects I've completed help clients secure applications deployed on public cloud environments and protect them from sophisticated application layer attacks.

Employment

  • Cloud Security Architect | DevSecOps Engineer

    2020 - PRESENT
    Avon Products
    • Designed the security architecture of multi-cloud hybrid infrastructure.
    • Designed security as an integral part of SDLC and DevOps practices.
    • Worked on IaC development for the deployment of designed solutions and architectures.
    • Delivered POCs for new products and technologies, such as AWS Network Firewall, Snyk, and CrowdStrike in cloud environments.
    Technologies: AWS, Azure, Terraform, Jenkins, Azure Kubernetes Service (AKS), AWS Transit Gateway, AWS Network Firewall, AWS Security Hub, Amazon CloudWatch, NGINX, Web Application Firewall (WAF), Amazon Route 53, Hybrid Cloud Infrastructure
  • Azure DevOps and Security Architect

    2020 - 2020
    Bridgestone
    • Documented Azure application’s security, privacy, compliance, reliability/resiliency, and intellectual property.
    • Assessed the existing Azure environment(s). Collected data to build the document.
    • Compared the existing environment against Azure CIS Foundation Benchmark, documenting implemented security controls and missing and recommended controls.
    Technologies: DevSecOps, Security Analysis, Security, Writing & Editing, DevOps, Azure
  • Cloud Security Architect

    2019 - 2020
    Service Rocket
    • Performed the audit and security review of the existing product, staging, and development environments on multiple AWS accounts.
    • Completed GAP-analysis against the CIS Framework, PCI DSS, and SOC-2 requirements. Documented actions required for remediation of findings.
    • Deployed, configured, and integrated AWS services, SecurityHub, Inspector, Macie, Config, CloudTrail, and CloudWatch.
    Technologies: Amazon Web Services (AWS), Amazon CloudWatch, AWS CloudTrail, Identity & Access Management (IAM), AWS
  • DevOps and Cloud Security Engineer

    2019 - 2020
    Dentsu Aegis Network
    • Oversaw the design of coud security perimeter on Azure and AWS.
    • Developed Terraform automation code to deploy designed architecture components.
    • Developed Terraform codes to implement infrastructure as a code (IaaC/IaaS) practices.
    • Integrated automated infrastructure deployments into CI/CD pipelines.
    • Designed, deployed, and configured cloud-native security solutions and also third-party security products on a multi-cloud environment.
    Technologies: Amazon Web Services (AWS), Vault, HashiCorp, Docker, Azure Kubernetes Service (AKS), Kubernetes, Terraform, Helm, AWS, Azure
  • Senior Application Delivery and Security Specialist

    2018 - 2019
    Opel Vauxhall Finance
    • Deployed a new application delivery infrastructure.
    • Supported application migrations between data centers.
    • Managed remote access infrastructure and identity and access management.
    • Developed TCL codes for application traffic manipulation and controls.
    • Secured external and internal applications.
    Technologies: ServiceNow, Splunk, DNS, APM
  • Contractor Security Architect

    2018 - 2018
    Derbyshire County Council in UK
    • Deployed ADFS and F5 security products in Azure.
    • Implemented layer 4 DDoS protection for ADFS service.
    • Ensured L7 DoS protection for ADFS service.
    • Built a high-availabile infrastructure for ADFS service.
    Technologies: ASM, ADFS, Azure
  • Network and Security Architect

    2017 - 2017
    Nottinghamshire City Council
    • Designed new application delivery infrastructure.
    • Created and deployed high available, optimized, and secured access to applications.
    • Deployed secure remote access to internal applications and VDI environment.
    • Integrated a new solution with existing infrastructure and identity access management solution.
    • Designed and deployed a Global Server Load Balancing solution to provide active-active and active-passive use of two datacenters.
    Technologies: Identity & Access Management (IAM), DNS, Load Balancers
  • Network and Security Architect

    2017 - 2017
    University of Lincoln
    • Designed a new data center application delivery and security infrastructure.
    • Planned a phased migration of applications from legacy data center to the new one while both data centers run in production in parallel.
    • Created and deployed a high available application delivery infrastructure.
    • Designed and deployed network and application firewall systems to provide Layer 3-7 protection.
    • Developed customer TCL codes to integrate Cisco ISE and F5 Networks solutions to provide controlled Wi-Fi and remote access to the campus network.
    • Designed and deployed of Global Server Load Balancing infrastructure for active-active operation of old and new datacenters together with active-passive operation of new and disaster recover datacenters for business continuity.
    Technologies: DNS, Firewalls, Load Balancers
  • Cloud Architect

    2017 - 2017
    Ofgem (Gas and Electricty Markets Authority)
    • Migrated local applications to the cloud.
    • Deployed web application firewall and configured to secure application access.
    • Set up remote access infrastructure to enable users to access VDI environment.
    Technologies: Virtual Desktop Infrastructure (VDI), Web Application Firewall (WAF), Cloud
  • Systems Engineer

    2013 - 2016
    F5 Networks
    • Maintained a high level of technical knowledge of F5 Networks and the relevant industry.
    • Participated in the development and support of presentations for customers and partners.
    • Articulated technical elements of the F5 value proposition to customers and partners.
    • Provided complex design and systems engineering configurations.
    • Partnered with product development and product management to assist with Change Request (CR) and Customer Special Request (CSR) cases.
    • Contributed to the creation of case studies, white papers, and media articles for customers and/or partners.
    Technologies: Virtual Desktop Infrastructure (VDI), Single Sign-on (SSO), Kerberos, SAML, PKI, OpenSSL, SMTP, DDoS, Firewalls, VMware NSX, Cisco, Node.js, Remote Control, Tcl, VPN, SSL, DNS, Manufacturing, ASM
  • Sales Specialist

    2012 - 2013
    Teradata
    • Handled direct sales in all financial accounts including banks and insurance companies.
    • Sold the Teradata solution portfolio products including software, professional services, hardware, and support services. This included products such as Customer Retention Management Solutions, Campaign Management Solutions, Scale-able Data Warehousing, Customer Interaction Solutions, Teradata database software, and Object Relational technologies and specific solutions on finance segment.
    • Interfaced with contacts at all levels, including those at director and executive management CXO levels, in both the IT and the business community.
    • Effectively advised and influenced customers through consultative selling techniques.
    • Closed profitable Teradata high scale data warehouse solution business incorporating hardware, software, professional services, and customer services.
    Technologies: Customer Relationship Management (CRM), Analytics, Business Intelligence (BI), Internet of Things (IoT), Artificial Intelligence (AI), Cloud, Big Data, Enterprise
  • Solution Architect - Consultant

    1998 - 2012
    Hewlett Packard
    • Served as the technical lead of Governmental Disaster Insurance Intuition project. Provided the design and implementation of the entire infrastructure.
    • Performed risk assessment, security review, security policies development and security solutions design/implementation for customers in different industries.
    • Provided on-site network and security consultancy for a GSM operator.
    • Served as the technical project lead of Security Risk Assessment and Ethical Hacking Projects.
    • Provided technical lead services for a Business Continuity project which has the national best integration project award in Turkey.
    • Integrated existing and new services to SDPA (Service Delivery Platform Architecture) environment of a GSM operator as a solution architect.
    • Consulted for Enterprise Networking, IT Security, IT Service Management, Identity and Access Management, Managed Services (outsourcing) projects.
    Technologies: Router Development, Riverbed, Firewalls, Service-oriented Architecture (SOA), BPEL, Oracle, Cisco, ITSM, PKI, Identity & Access Management (IAM), Security, Networks

Experience

  • DoS/DDoS Protection for Cloud-based Applications

    Protection of cloud-based applications by implementing Layer2-7 security controls.

  • Development of Code to Distribute User Traffic Between Data Centers

    Development of Node.js code to check end-user traffic in a Mobile operator environment.

    The solution captures end-user IMEI/IMSI data and query against centralized Oracle database to find out the details of that specific user. The user is redirected automatically based on their subscription details to the corresponding data center.

    This custom solution saved hundreds of thousand dollars of the mobile operator.

  • Development of Code to Integrate IAM Solution Components

    Developed series of TCL based custom code to integrate Cisco ISE product and F5 Networks LTM and APM modules. None of those components were able to provide the solution required alone.

    The developed solution tracks, captures, and makes available the critical information to all solution components during the full cycle of user identification, authentication, and authorization.

  • Powershell and Perl-based Code Development for Automation and Multi-tenant Management of F5 Products

    Developed Powershell and Perl-based codes to communicate with F5 products using REST API. Those codes are used to enable automation of regular tasks and also to enable individual application owners to take actions on their application delivery infrastructure without a need to connect F5 systems directly.

  • Python and Perl-based Codes for Automation and Integration

    Developed custom codes to automate tasks in the scope of projects utilizing HP Openview product portfolio. Also codes for integration between HP products and with external third-party products monitored.

  • Development of Codes to Integrate F5 APM and Airwatch MDM Solutions

    Development of TCL and Powershell custom codes to perform additional security checks against mobile user traffic when they access corporate applications. The solution makes sure only registered corporate mobile devices are allowed to access applications published to and accessed from the Internet.

  • High Availability for Application Access in Azure and AWS Environments

    Deployment of third-party high availability solutions in Azure and AWS environments. The solutions provide advanced functionality over Azure and AWS standard load balancing solutions.

  • Advanced Security in Azure and AWS Environments

    Design and deployment of advanced security solutions by using third-party products in Azure and AWS environments. These solutions include web application firewall for additional security controls at Layer7, network firewalls for next-generation controls and stronger segmentation in cloud environment, phishing and fraud detection and controls, secure remote access solutions, and SSL certificate management.

  • Integration of Third-party Cloud-based Applications (SaaS) With Corporate User Directories

    SAML-based solutions design and deployments for providing corporate directory based authentication and authorization of users when they access to third-party cloud applications such as Webex, Concur, Egencia, Salesforce, and SuccessFactors.

  • MQL4 and MQL5-based Automated Trading Systems

    Developed personal automated trading systems (robots) with MQL4 and MQL5 programming languages in MetaTrader environments.

  • Development of Codes for Application Traffic Control

    TCL-based iRule codes running on F5 systems for content switching of application traffic, Traffic shaping and steering, manipulation of application traffic on-the-fly as required, running additional security controls on application traffic, and custom logging of application access related information.

  • Design, Deployment, and Terraform Automation of Cloud Landing Zone

    Design of the security perimeter architecture, creating its automated deployment as Infrastructure as a Code (IaaS) integrated into CI/CD pipeline of multi-cloud digital media ecosystem platform running on Azure, AWS and GCP cloud platforms. Used Kubernetes, Docker, Nginx Ingress, Terraform, Helm, and cloud native as well as third-party security solutions in public cloud environments.

  • Audit and Security Review of an Existing AWS Environment

    Audit and security review of the existing product, staging, and development environments on multiple AWS accounts. GAP-analysis against CIS framework, PCI DSS, and SoC-2 requirements. Documentation of actions required for remediation of findings.

Skills

  • Languages

    SAML, Tcl, Perl, SQL, C, Python, MQL4, MQL5
  • Frameworks

    ASM
  • Libraries/APIs

    OpenSSL, Node.js
  • Tools

    VPN, AWS CloudTrail, Amazon CloudWatch, Syslog, Ansible, Terraform, Azure Kubernetes Service (AKS), Splunk, ADFS, Helm, Jenkins, Concur, NGINX
  • Paradigms

    DevOps, DevSecOps, DDoS, ITIL, Continuous Deployment, Continuous Delivery (CD), Continuous Integration (CI), Business Intelligence (BI), Service-oriented Architecture (SOA), REST, Automation
  • Platforms

    Unix, Linux, Kubernetes, Docker, Azure, Amazon Web Services (AWS), Oracle, Salesforce
  • Industry Expertise

    Cybersecurity, IT Security, Security
  • Storage

    MySQL, Neo4j
  • Other

    AWS, APM, SMTP, PKI, Single Sign-on (SSO), Enterprise, Networks, ITSM, Security Architecture, Threat Intelligence, Writing & Editing, Vulnerability Assessment, Security Testing, Security Analysis, Dynamic Load Balancing, Load Balancers, CISSP, IT Service Management (ITSM), Network Monitoring, Continuous Monitoring, Monitoring, Business Continuity & Disaster Recovery (BCDR), SSL Configurations, SSL Certificates, SSL, Firewalls, Web Application Firewall (WAF), DNS Configuration, Domain Name System (DNS), DNS Servers, DNS, ASA Firewalls, Cisco Networking, Unix Shell Scripting, Identity & Access Management (IAM), F5 Networks, Infrastructure as Code (IaC), Cloud, Web App Security, Virtual Desktop Infrastructure (VDI), Kerberos, Content Delivery Networks (CDN), PCI DSS, Big Data, Artificial Intelligence (AI), Internet of Things (IoT), Cisco Webex, SaaS, IaaS, PCI, SoC, Audits, GAP Analysis, AWS Transit Gateway, AWS Network Firewall, AWS Security Hub, Amazon Route 53, Hybrid Cloud Infrastructure, Computer Engineering, Consulting, Cloud Security, Containerization

Education

  • Bachelor of Science Degree in Computer Engineering
    1993 - 1998
    Ege Univerisy - Izmir, Turkey

Certifications

  • F5 Certified Solution Expert - Cloud (402)
    MAY 2019 - MAY 2021
    F5 Networks
  • AWS Certified Solution Architect
    FEBRUARY 2019 - FEBRUARY 2022
    AWS
  • F5 Technology Specialist - APM - 304
    APRIL 2018 - APRIL 2020
    F5 Networks
  • F5 Technology Specialist - ASM - 303
    APRIL 2018 - APRIL 2020
    F5 Networks
  • F5 Technology Specialist - DNS/GTM - 302
    APRIL 2018 - APRIL 2020
    F5 Networks
  • F5 Technology Specialist - LTM - 301a & 301b
    APRIL 2018 - APRIL 2020
    F5 Networks
  • F5 Certified Solution Expert - Security (401)
    APRIL 2018 - APRIL 2020
    F5 Networks
  • CCIE
    OCTOBER 2008 - SEPTEMBER 2014
    Cisco
  • CISSP
    JUNE 2008 - PRESENT
    ISC2

To view more profiles

Join Toptal
Share it with others