Beschreibung

I’m a penetration tester and security consultant with 3+ years of hands-on experience working on real-world systems in telecom, automotive, insurance, cloud, and IoT environments.

I’ve worked on offensive security projects (web, cloud, infrastructure, mobile) as well as security reviews where clear communication, prioritization, and practical reporting matter just as much as technical findings.

My focus is on:

Web & API penetration testing (OWASP Top 10, ASVS, authenticated testing)
Black-Box, White-Box and Grey-Box penetration tests
Cloud & infrastructure security assessments (AWS, GCP, Azure, Kubernetes)
Configuration and hardening reviews based on CIS and common industry practices
Clear, practical reports that developers and security teams can actually work with

I’ve led and contributed to 50+ penetration testing projects, including enterprise platforms such as billing systems, IoT environments, cloud-native setups, and customer-facing applications. I also have experience teaching and mentoring, which helps me explain findings clearly, and focus on what really matters from a risk perspective.

Clients usually value my work because I:

define scope clearly
focus on realistic risk instead of inflated findings
deliver clean, understandable reports
can work directly with developers and security teams

Typical work I take on includes:

web, cloud, and infrastructure penetration tests
reviewing and validating findings from scans or assessments
security hardening and configuration reviews
support and guidance during remediation

I’m currently available for penetration testing, security assessments, and consulting engagements, on an hourly or project basis.

Sprachen

Türkisch
Muttersprachlich oder zweisprachig
Englisch
Verhandlungssicher
Deutsch
Grundkenntnisse

Arbeitsortpräferenzen

Vor Ort möglich

Meerbusch (bis zu 30 km), Düsseldorf (bis zu 30 km), Cologne (bis zu 20 km), Duisburg (bis zu 20 km), Mönchengladbach (bis zu 20 km)

Spike Reply
Penetration Tester / IT Consultant
BERATUNG & AUDITS
August 2022 - Juli 2025 (2 Jahre und 11 Monate)
Düsseldorf, Deutschland
- Participated in over 50 penetration testing projects for more than 6 leading companies, and led over 20 projects. Identified and exploited critical security vulnerabilities in web applications, cloud technologies, and infrastructure systems, leading to a reduction in potential attack surface. Authored comprehensive penetration test reports detailing best practices for strengthening security, resulting in a successful implementation of remediation measures in projects.
- Conduct thorough penetration tests and utilize tools such as Nessus, Nmap Tools, Burp Suite, etc. and OWASP Top 10 and ASVS to identify vulnerabilities in security-protected applications and networks.
- Collaborate closely with cross-functional teams to implement remediation measures and validate the effectiveness of security controls.
- Actively stay updated on emerging security trends, industry best practices, and advancements in penetration testing methodologies.
Network Security Mobile application Web Application CloudOps Security Consultation
Weiterbildung
Instructor
BILDUNG & E-LEARNING
September 2022 - Mai 2025 (2 Jahre und 8 Monate)
Germany
- Guided and supported students pursuing cybersecurity education, contributing to an over 80% job placement rate after course completion.
- Assisted over 90% of students in passing certification exams through tailored study sessions and exam preparation strategies.
- Developed and delivered comprehensive training materials, enhancing the learning experience and outcomes for students.
Security Awareness Training Offensive Security Training Mentoring hands-on lab trainings Preparing to certification exams
Finspire Technology
Jr. Cyber Security Engineer
BANKEN & VERSICHERUNGEN
August 2021 - Juni 2022 (10 Monate)
Reading, Vereinigtes Königreich
- Recommended IT security improvements to achieve system confidentiality, integrity and availability.
- Applied tests and tools to break into security-protected applications and networks to probe for vulnerabilities.
- Developed risk assessment reports to identify threats and vulnerabilities.

IT-Security Risk and Vulnerability Assessment Web Application Security Network Security SOC