Experience

• 

  Softtech/turkiye is bankasi

  Apr 2009 - Sept 2010

  Software developer
• 

  Finansbank internal audit department

  Sept 2010 - May 2016

  Senior it auditor

  Auditing high risk areas such as information security, software development&design and architecture security, data security&confidentiality&integrity, database security and management, access management, risk and process management, business analyze, test and deploy security, internet&mobile and tablet banking infrastructure and application security, windows&unix security, server&client and application controls security, dataclassification and ownership, log management, network security, business continuity and drc, project management. Moreover, following up audit issues and remediation action plans periodically, involving and evaluating risk, security and compliance issues as a consultant in IT projects. Show less

• 

  Cyberwise

  May 2016 - now

  • Managing and planning customers’ PCI Programs compliance for various regions such as EU and CEMEA• Managing, planning, leading and providing audit, gap assessment, consultancy and training for several PCI Programs such as:- PCI DSS- PCI 3DS- PCI PIN- PCI CPP- PCI DESV- PCI SAQ- PCI ASV• Managing several consultancy and audit services such as:- vCISO Consultancy- ISO27001 Consultancy and Training- ISO27017 Consultancy- CS TTX Consultancy- SWIFT Audit and Consultancy- CB DDO BIGR Audit and Consultancy- Ransomware Analysis Consultancy- 3rd Party Risk Analysis Consultancy- Cloud Security Consultancy- Data Protection Consultancy- Dora Compliance Consultancy• Leading and planning experienced and technical audit and compliance teams• Assisting sales teams to understand customers’ needs regarding to solutions and services• Participating in cybersecurity events as speaker and panelist• Providing huge expertise in order to assist companies on cybersecurity area• End-to-end secure process design, development and improvement of processes of IT security and security of IT processes• Assessing IT environments and advising them on issues of risk, security, compliance and governance• Consulting on high-level strategic initiatives as well as highly-technical and detailed projects• Designing new consultancy products Show less • Managing and planning customers’ PCI Programs compliance for various regions such as EU, CEMEA and also in Turkey• Managing, planning, leading and providing audit, gap assessment and consultancy for PCI DSS, PCI 3DS, PCI PIN, PCI CPSA programs' compliance• Providing sustainability of customers’ compliance with PCI standards• Managing consultancy for SAQ program compliance• Managing and providing technical and awareness trainings about PCI Programs• Managing TTX (Table Top Exercise for security incident management) consultancy projects• Managing external vulnerability scans as an approved scanning company (called as ASV)• Providing huge expertise in order to assist companies on cybersecurity area Show less - Performing PCI DSS Audits and Consultancy- Performing PCI 3DS Audits and Consultancy- Performing IT Security Audit and Consultancy- Performing KVKK Audit and Consultancy- Performing CobiT Audit and Consultancy- Performing ISO 27001 and ISO 27002 Consultancy- Performing SWIFT CSP Consultancy- Consulting compliance projects for several regulations.- Performing end-to-end secure process design, development and improvement of processes of IT security and security of IT processes.- Assessing customer IT environments and advising them on issues of risk, security, compliance and governance- Consulting on high-level strategic initiatives as well as highly-technical and detailed customer projects - End-to-end security and standard/best practice training- Developing new consultancy products- Developing new methodologies on projects Show less

  • Audit and Compliance Group Manager

    Aug 2024 - now

  • Audit and Compliance Unit Manager

    Jan 2023 - Aug 2024

  • Senior Information Security Consultant

    May 2016 - Jan 2023