Serdar HALILOGLU

Cyber Security Engineer

Security Enthusiast

Malware Analyst

Blogger

Serdar HALILOGLU

Cyber Security Engineer

Security Enthusiast

Malware Analyst

Blogger

About Me

Hello! I’m Serdar.
Cyber Security Engineer from Türkiye. I have rich experience in cyber security, also I am good at malware analysis and incident response.

  • Age: 30
  • Country: DK
  • Company: ECCO
  • Title: VM & TI Team Lead
Who am I?
Python Developer

I developed most of my projects using python. You can see all in my github.

Malware Analyst

Yes! This is most wonderful part for me. I love malwares and analyzing them. It's like a puzzle.

Security Analyst

I have been working as a security analyst for 5 years. I had a chance to use many products and I gained analysis skills in many topics.

Blogger
My Skills
INTERPERSONAL SKILLS
  • Critical Thinking
  • Problem Solving
  • Leading
SECURITY TOOLS
  • Endpoint Products
    90%
  • SIEM Products
    95%
  • Email Security Products
    90%
  • IPS / IDS
    90%
Languages
  • Turkish
  • English
  • German
Projects
Phishing Email Analyzer
Cyber Security Scripts
EMLParser
WoN Gaming Panel Project
Social Medias
Summary

An extremely curious, research- and solution- oriented person in the area of cyber security. During professional life, I have participated in many important events and conferences in the field of cyber security where I found the opportunity to discuss about emerging technologies and to learn about the measures developed against new threats. I have also experienced defining use cases and rules to realize efficient incident response, and reverse engineering on malware in order to collect and analyze information about the tactics, techniques and procedures of APT groups. I am focused on solutions to the threats existing in the area of cyber-security, anticipating and identifying future threats by providing Cyber Threat Intelligence.

Resume
Experience
2020 - 2022
Specialist Threat Hunter
Natica IT Consulting
  • I have accomplished deployment, management and maintenance of the FireEye, Mandiant and CrowdStrike Security Products.
  • I have been improving and expanding customers’ security knowledge using threat intelligence to prevent malicious activities not identified by Security Products.
  • I organize and operate for all endpoints and EDR solutions for a big company in the energy industry. Creating new rules on EDR, I have improved their anomaly detection rate and decrease response time. Collecting, evaluating and categorizing threat indicators are also my responsibilities.
  • For all EDR clients, I have proactively strengthened incident management and give training about incident response and analysis.
  • I successfully handled the Symantec Data Center Security project for a big energy firm and supplied the tightening process by developing the institution’s regulations.
  • I have successfully hunted malicious files to determine the threat actors’ tools, tactics and behaviour. As a Threat Hunter, I lead the development of customers’ capabilities by capturing potential malicious activity using SIEM and EDR solutions.
  • I have overhauled the necessary methods, tools and processes for incident response, and spearhead organizations’ teams achieving analysis effectively.
  • I am also responsible for the analysis and response process for all malicious activities in the company.
2019 - 2020
Information Security Analyst
TSKB
  • I mentored and trained young engineers so that they could perform a detailed analysis of threats. Our rapid action and analysis rate to potential attacks increased by 70-80%.
  • To make the security infrastructure of the institution even more reliable and strong, I organized trainings for IT Support teams on security vulnerabilities and malware infections. Thus, we observed on the monthly reports that the number and speed of actions on the end-user side increased.
  • I overhauled all SIEM rules to identify potential threats specific to our institution and the banking industry. I pioneered new measures by defining many new rules.
  • I have detected malicious activities that cannot be identified or detected by security products. During this period, I have also strengthened my knowledge of cyber intelligence products.
  • I documented an evaluation report by collecting threat indicators from the data I implemented by analyzing all attacks aimed at the bank. I have also presented the document to the senior management to determine our cybersecurity budget.
  • I analyzed the malicious files used in phishing campaigns against the institution using dynamic and static analysis techniques. By sharing the IOCs I obtained as a result of the analysis with the IT teams, I took action against situations that put corporate security at risk.
  • I have designed and documented a playbook on how to take action against malware infections, phishing attacks, mobile attacks, regardless of the brand of the products. As a result of these documents, I also updated the institution’s incident response plan and procedures.
  • I have contributed to creating phishing awareness training materials to increase the awareness of the institution’s employees. I executed awareness tests within the organization with three different phishing simulations for 500+ employees.
2018 - 2019
Cyber Security Analyst
Akbank T.A.S.
  • I designed and documented five different SOAR playbooks that specify the analysis and actions taken by the SOC team against alarms triggered by the bank’s security products. I have accelerated the action the team took by 50%
  • I trained new analysts to the SOC team by mentoring about Linux, Network and Cybersecurity. I also improved their skills by giving some training about the bank’s security solutions.
  • I performed dynamic and basic static analysis techniques to investigate malicious files used in phishing campaigns aimed at the bank that our team identified. I collaborated with the IT Teams to take the necessary actions for IOCs obtained due to our analysis.
  • I utilized the cybersecurity intelligence products the bank used to hunt potentially malicious activity. I amplified my hunting hypothesis by conducting research and threat analysis within the bank with the data I obtained. I also developed some theories to detect abnormal network behaviour by examining data from infected machines.
  • I collaborated with the bank’s development, network, information security and IT support teams to establish continuous work and improve their security incident management.
  • I have revealed the IOCs by analyzing the malware. I advised for detection methodologies to use the obtained IOCs for developing the bank’s security perspective.
  • I conducted threat hunting studies to get the behaviour, tools, tactics and techniques of threat actors. I presented the obtained information to the senior management as a report. I performed monitoring, investigating and taking action using SIEM and other security products used in the institution.
2017 - 2018
Cyber Security Analyst
Netas
  • I conducted threat hunting in the clients’ environment by operating OSINT techniques and examining threat sources.
  • I performed monitoring, analyzing, executing actions for SIEM alerts coming from the customers’ environment.
  • I documented the incident response process and critical actions I took regarding the incident and reported to customers’ technical and non-technical managers.
  • I conducted investigations on potentials threats and incidents that are likely to occur in the customers’ environment.
  • I have detected malicious activities that cannot be identified or detected by security products. During this period, I have also strengthened my knowledge of cyber intelligence products.
EDUCATION
2012 - 2017
Izmir University of Ecoonmics
Izmir

Bachelor’s Degree in Computer Science, Faculty of Engineering

My Skills
General
  • Endpoint Products
  • Email Security
  • Threat Intelligence
  • Malware Analysis
  • Incident Response
Coding
  • Python
    90%
  • Java
    75%
  • Bash
    85%
  • C++
    75%
Certifications
EC-Council | Certified Incident Handler
EC-Council | Certified Threat Intelligence Analyst
Recent Works
Phishing Email Analyzer (PEA)
Cyber Defence, Cyber Security, Phishing Analysis
EMLParser
Cyber Defence, Cyber Security, Email Security
Cyber Security Scripts
Cyber Security

Nothing Found

It seems we can’t find what you’re looking for. Perhaps searching can help.

Contact Form

    document.getElementById( "ak_js_1" ).setAttribute( "value", ( new Date() ).getTime() );