Professional Experience

15+ years of cybersecurity, banking, and enterprise risk management experience

CISO - Director of Information Security & Quality

Aytemiz Yatırım Bankası

01/2025 - Present Istanbul, Turkey
  • Constructed comprehensive banking-specific cybersecurity and quality management framework compliant with BDDK, Basel III, and PCI DSS requirements
  • Implemented enterprise-grade information security policies and AI-enhanced security architecture for digital banking platforms
  • Ensuring compliance with ISO 27001, SWIFT CSP, and Open Banking regulations
  • Seamless integration with correspondent banking networks and payment ecosystems
  • Comprehensive threat modeling and financial risk analysis for APT attacks, insider threats, and regulatory compliance gaps
  • Developing adaptive cybersecurity roadmap focusing on organizational resilience through integrated BCDR capabilities

Freelance vCISO - Principal Advisor

Toptal

03/2022 - Present Remote / Global
  • Constructing comprehensive cybersecurity management frameworks providing operational strategies and critical cybersecurity insights for leadership
  • Implementing sophisticated cybersecurity policies and procedures in accordance with international standards such as ISO and IoTSF
  • Comprehensive threat modeling and risk analysis to prevent potential revenue losses and risks
  • Designing customized cybersecurity management policies for platform-specific compliance requirements including Wix and Shopify
  • Analyzing existing IT and security frameworks proposing strategic enhancements to software, tools, and servers
  • Leading cross-functional security awareness initiatives and incident response programs
  • Managing comprehensive third-party risk assessment and vendor security evaluation processes

Founder - Principal Advisor

Prime Threat (Self Employed)

07/2016 - 01/2025 Istanbul, Turkey
  • Established organization delivering specialized risk management and mitigation solutions for complex cybersecurity requirements in finance, banking, telecommunications, e-commerce, and logistics sectors
  • Provided comprehensive reorganization services realigning cybersecurity infrastructure and operations in accordance with security vision
  • Designed and implemented customized security framework in Turkey for a prominent global logistics client ensuring compliance with domestic and international regulations
  • Led strategic investment consulting initiative strengthening financial foundations of regional cybersecurity startup companies
  • Orchestrated strategic international partnerships and collaborative cybersecurity initiatives with US, European, and Middle Eastern security firms
  • Developed comprehensive cybersecurity training and certification programs for C-suite executives and board members across critical infrastructure sectors

Principal Advisor to CIO

IBB (Istanbul Metropolitan Municipality) - Contracted

09/2019 - 03/2021 Istanbul, Turkey
  • Critical responsibility for establishing cybersecurity organization and implementing standardized procedures
  • Developed holistic framework incorporating security operations, process management, software, and infrastructure security
  • Direct reporting to CIO, managing team of 10 direct and 50 indirect professionals
  • $10 million USD annual budget responsibility
  • Significantly enhanced enterprise's overall security reputation through innovative security infrastructure and architecture implementation
  • Developed security management and enterprise architecture framework ensuring standardized and resilient security procedures
  • Active participation in cross-functional teams implementing cutting-edge projects involving SCADA, IoT, and Smart City initiatives

Security VP & Enterprise Security Architect

BKM (Interbank Card Center)

05/2015 - 07/2016 Istanbul, Turkey
  • Constructed and designed international-caliber cybersecurity infrastructure contributing to protection of 250 billion TL in local financial transactions
  • Pioneered TROY, Turkey's first payment system and scheme
  • Consciously organized processes including assessment, planning, construction, operation, testing, auditing, and ongoing refinement
  • Managed $1.5 million USD annual Capex and Opex budget with team of 4 direct and 20 indirect specialists
  • Coordinated 11 significant infrastructure projects including SIEM, DLP, DevSecOps, Proxy, WAF, Endpoint Protection, PAM, IAM/IDM, and Software Security Program
  • Oversaw alignment of TROY's payment and IT infrastructure with Discover Card and PCI DSS standards
  • Implemented systematic framework facilitating ongoing code evaluations and penetration testing

Senior Consultant

PwC

06/2014 - 05/2015 Istanbul, Turkey
  • Assigned responsibility for devising specialized cybersecurity team and ensuring strategic development
  • Performed exhaustive security audits, advanced penetration and vulnerability testing
  • Fortified and protected IT and OT infrastructures and applications for clients in diverse sectors
  • Comprehensive security assessments against established and emergent cyber risks

IT & Security Manager

E-Güven

07/2013 - 06/2014 Istanbul, Turkey
  • IT and security operations management
  • Security policy and procedure development
  • Infrastructure security assurance

Cyber Security Services Manager

Entpro

08/2012 - 07/2013 Istanbul, Turkey
  • Cybersecurity services management
  • Client security assessments
  • Security solution design and implementation

Senior Security Specialist & Project Manager

Huawei - Contracted

09/2011 - 08/2012 Istanbul, Turkey
  • Security project management
  • Telecommunications security solutions
  • Technical leadership and consulting

Trainer & Project Manager

Smartpro - Contracted

06/2011 - 09/2011 Istanbul, Turkey
  • Technical training program management
  • Project coordination

IT Security Engineer

Denizbank

01/2011 - 06/2011 Istanbul, Turkey
  • Banking security infrastructure management
  • Security incident response
  • Security monitoring and reporting

IT Security Expert

Türkiye İş Bankası

01/2010 - 01/2011 Istanbul, Turkey
  • Enterprise security operations
  • Security assessments and audits
  • Banking compliance requirements

Instructor & Trainer

Freelance - Contracted

01/2008 - Present Turkey
  • Cybersecurity training programs
  • Professional certification preparation programs
  • Corporate security awareness training