Experience

STK Advisory & Training

• Türkiye
• Computer and Network Security
• 1 - 100 Employee

• Advisor | Security & Compliance Professional

  • Jul 2021 - Present

  After many years in the sector, I continue my work as a freelancer. I will continue to serve on the following topics; Overseeing the continuous update of information security policies. Provide leadership in regulatory compliance activities including KVKK, GDPR, ISO 27001, ISO 22301, PCI DSS. Conducting and auditing compliance assessments and analyses as an PCIP, ISMS LA. Developing and implementing training programs for PCI DSS, ISMS, BCMS, PIMS. Assist with or handle incidents, investigations, and escalations. Uncovering and closing critical loopholes. In addition to my experience and personal qualities as an auditor and consultant, I have a solid educational foundation and a passion for information security. Show less



PCI Checklist

• Türkiye
• Computer and Network Security
• 1 - 100 Employee

• Trusted Advisor

  • Oct 2022 - Present

  Engage customers and partners to capture requirements, propose technical solutions, and drive the selection of relevant technologies/products. Engage with customers as a trusted advisor, listening to and understanding their challenges and requirements - both technical and business. Clearly articulate and communicate to the sales team, and document decisions. Research and develop appropriate value propositions, engaging with the respective colleagues from across the business, to address customer requirement. Be the voice-of-customers, channelling constructive feedback to provide market driven inputs to our Compliance Product Owner. Show less



24 Solutions Turkey

• Türkiye
• IT Services and IT Consulting
• 1 - 100 Employee

• Principal Advisor

  • Jun 2022 - Feb 2023

  Determining information security strategies and goals Creating new services and opportunities in the field of information security To lead audit and consultancy services about following topics; Overseeing the continuous update of information security policies. Provide leadership in regulatory compliance activities including KVKK, GDPR, ISO 27001, ISO 22301, PCI DSS. Conducting and auditing compliance assessments and analyses as an PCIP, ISMS LA. Developing and implementing training programs for PCI DSS, ISMS, BCMS, PIMS. Assist with or handle incidents, investigations, and escalations. Uncovering and closing critical loopholes. In addition to my experience and personal qualities as an auditor and consultant, I have a solid educational foundation and a passion for information security. Show less



Innovera

• Jamaica
• IT Services and IT Consulting
• 1 - 100 Employee

• Audit and Consultancy Services Unit Manager

  • Jul 2017 - Jul 2021

  Managing and consulting Information Security based projects such as ISMS, PCI DSS, Risk Management, Information Security Architecture. Providing advisory and input on security architecture with regards to PCI. Assisting with security architecture and design as it relates to PCI and Information Security compliance. Conducting and auditing compliance assessments and analyses (ROC, Risk assessments, Gap analysis, and more). Project managing small to large engagements. Developing and communicate risk-based plans to drive project priorities using industry accepted information security, risk assessment and threat analysis methodologies. Leading root cause analysis processes based on information about the client’s processes, technology, and maturity. Developing and present on remediation and mitigation plans to address systemic issues and root causes identified during and between projects. Mentoring and guiding project personnel as needed. Build strategies, propositions & operating models independently or as part of a consulting team. Identifying opportunities to leverage Innovera’s capabilities to further support the clients' business. Supportting proposal and service line development. Show less



Turk Telekom

• Telecommunications
• 1 - 100 Employee

• Security Assurance Expert

  • Jan 2016 - Jun 2017

  After the company adopted a “customer-oriented” integrated structure in order to respond to the rapidly changing communication and technological needs of customers in the most powerful and accurate way, merging the products and services of Türk Telekom, Avea and TTNET under a single roof. In January 2016, it began providing services under the Türk Telekom brand. As a member of Security Assurance Group I am managing and performing following activities, Evaluate the compliance of TT Group to BTK's Electronic Communications Sector Network and Information Security regulations and other standards (ISO 27001, PCI DSS), Map out the designated path responding to removal of inadequacies and level of maturity, Generate a common security governance frame and necessary policies and procedures for TT Group instead of existing policy and procedures of Avea,TT and TTNet to cover the related standards and regulations (BTK, ISO 27001, PCI-DSS), Generate and evaluate the necessary work instructions for the operations within business in order to implement the related policies and procedures, Generate relevant documentation and designate control owners and control points for related policies, procedures and work instructions to provide accountability, Generate asset inventory, perform risk analysis and other relevant risk management processes. Participating Information Security internal and 3. Party firms audits. Defining Critical Infrastructure, system and applications for the firm and managing penetration testing processes including vendor and vulnerability management about this items. Following penetration test results which are completed by 3. Parties. Designing event and incident management processes belong to information security policies and supporting Security Planning and Fraud teams on incident/event process. Show less



TTNET

• E-Learning Providers

• Information Security Expert

  • Sep 2014 - Jan 2016

  Managed and performed bellowing activities for TTNET until May 2015, after organizational change I continued that kind of activities for TT, TTNET and Avea after May 2015 that firms remembered as Türk Telekom brand. Performed and managed Information Security processes. Participating Information Security internal and 3. Party firms audits. Controlled and consulted to internal customers for any kind of projects about Information Security. Supported Web Application Penetration test processes. Supported and followed PCI DSS compliance activities. Show less



Deloitte

• Business Consulting and Services
• 700 & Above Employee

• Senior Consultant

  • Feb 2014 - Sep 2014

  As a member of ERS, Security team performed Business Continuity and Information Security projects. As a member of ERS, Security team performed Business Continuity and Information Security projects.



Symturk Ltd.

• Senior Consultant

  • May 2013 - Feb 2014

  Perfomed Security projects in Enterprise Customers.

• Consultant

  • Apr 2011 - May 2013

  Performs and administrate ISMS, Risk Management and Business Impact Analysis projects. Performed Information Security Project (ISO 27001) within head of telco. Performed multiple security configuration reviews, analyzed current security strategy and identify potential security enhancement/process improvement opportunities belong to this project. Increased client compliance levels by providing recommendations for improving controls and processes. Designed and implemented process and control documentation for process owners.Performed Risk Analyze and Business Impact Analysis project for two government department. Evaluated controls related to information security, change management, information system operations, interfaces and business continuity planning.Effectively managed organizational information technology assessments; determined areas of risk/process inefficiencies and designed risk/control frameworks.Formulated recommendations for mitigating risk areas and implementing process improvements. Performed SIEM, DLP projects for a one of the Turkish Bank. Responsible from optimizing, maintaining and providing security for this systems. Show less



Natek Bilisim

• Consultant

  • Dec 2010 - Apr 2011

  Performs Information Security Project within KOSGEB. Responsible for implementing and optimizing system security and configurations of all assets. Performs Information Security Project within KOSGEB. Responsible for implementing and optimizing system security and configurations of all assets.



ISOMAK İstanbul Ofis Makineleri Bilisim Ticaret

• Türkiye
• IT Services and IT Consulting

• System Support / IT Specialist

  • Nov 2007 - Dec 2010

  Performs and supports hardware, software and network upgrades for the Turkish Land Forces and Turkish Military Academy IT departments Fault Tolerance program on MS Windows 2003- 2008 Enterprise Edition and Red Hat Enterprise based network. Analyzes information to determine, recommend, and plan layout for type of computers and peripheral equipment modifications to existing Stratus ftServer Systems . Responsible for implementing and maintaining system security and configurations of some company servers while providing IT support , to include planning , software and hardware configuration to a staff end-users. Show less



Simetri Yazilim

• System & Network Administrator

  • Mar 2007 - Oct 2007

  Responsible for implementing and maintaining system , network security , administration and configurations of more than 20 company servers at main and branch office to include file, security, mail, DC servers while providing IT support , to include planning , software and hardware configuration to a staff end-users. Also Administration and provide security e-signature systems and databases for EBG. Responsible for implementing and maintaining system , network security , administration and configurations of more than 20 company servers at main and branch office to include file, security, mail, DC servers while providing IT support , to include planning , software and hardware configuration to a staff end-users. Also Administration and provide security e-signature systems and databases for EBG.



Probil

• Türkiye
• IT Services and IT Consulting
• 1 - 100 Employee

• System Support Specialist Intern

  • Jun 2006 - Nov 2006

  Assisted with troubleshooting procedures on server and workstations. Assisted with troubleshooting procedures on server and workstations.