Description

I’m a penetration tester and security consultant with 3+ years of hands-on experience working on real-world systems in telecom, automotive, insurance, cloud, and IoT environments.

I’ve worked on offensive security projects (web, cloud, infrastructure, mobile) as well as security reviews where clear communication, prioritization, and practical reporting matter just as much as technical findings.

My focus is on:

Web & API penetration testing (OWASP Top 10, ASVS, authenticated testing)
Black-Box, White-Box and Grey-Box penetration tests
Cloud & infrastructure security assessments (AWS, GCP, Azure, Kubernetes)
Configuration and hardening reviews based on CIS and common industry practices
Clear, practical reports that developers and security teams can actually work with

I’ve led and contributed to 50+ penetration testing projects, including enterprise platforms such as billing systems, IoT environments, cloud-native setups, and customer-facing applications. I also have experience teaching and mentoring, which helps me explain findings clearly, and focus on what really matters from a risk perspective.

Clients usually value my work because I:

define scope clearly
focus on realistic risk instead of inflated findings
deliver clean, understandable reports
can work directly with developers and security teams

Typical work I take on includes:

web, cloud, and infrastructure penetration tests
reviewing and validating findings from scans or assessments
security hardening and configuration reviews
support and guidance during remediation

I’m currently available for penetration testing, security assessments, and consulting engagements, on an hourly or project basis.

Languages

Turkish
Native or bilingual
English
Fluent
German
Basic

Workplace preferences

Can work on-site

Meerbusch (up to 30km), Düsseldorf (up to 30km), Cologne (up to 20km), Duisburg (up to 20km), Mönchengladbach (up to 20km)

Spike Reply
Penetration Tester / IT Consultant
CONSULTING AND AUDITS
August 2022 - July 2025 (2 years and 11 months)
Düsseldorf, Germany
- Participated in over 50 penetration testing projects for more than 6 leading companies, and led over 20 projects. Identified and exploited critical security vulnerabilities in web applications, cloud technologies, and infrastructure systems, leading to a reduction in potential attack surface. Authored comprehensive penetration test reports detailing best practices for strengthening security, resulting in a successful implementation of remediation measures in projects.
- Conduct thorough penetration tests and utilize tools such as Nessus, Nmap Tools, Burp Suite, etc. and OWASP Top 10 and ASVS to identify vulnerabilities in security-protected applications and networks.
- Collaborate closely with cross-functional teams to implement remediation measures and validate the effectiveness of security controls.
- Actively stay updated on emerging security trends, industry best practices, and advancements in penetration testing methodologies.
Network Security Mobile application Web Application CloudOps Security Consultation
Weiterbildung
Instructor
EDUCATION AND E-LEARNING
September 2022 - May 2025 (2 years and 8 months)
Germany
- Guided and supported students pursuing cybersecurity education, contributing to an over 80% job placement rate after course completion.
- Assisted over 90% of students in passing certification exams through tailored study sessions and exam preparation strategies.
- Developed and delivered comprehensive training materials, enhancing the learning experience and outcomes for students.
Security Awareness Training Offensive Security Training Mentoring hands-on lab trainings Preparing to certification exams
Finspire Technology
Jr. Cyber Security Engineer
BANKING AND INSURANCE
August 2021 - June 2022 (10 months)
Reading, United Kingdom
- Recommended IT security improvements to achieve system confidentiality, integrity and availability.
- Applied tests and tools to break into security-protected applications and networks to probe for vulnerabilities.
- Developed risk assessment reports to identify threats and vulnerabilities.

IT-Security Risk and Vulnerability Assessment Web Application Security Network Security SOC