Summary
Overview
Work History
Education
Skills
Certification
Accomplishments
Languages
Timeline
Generic

Derya KOCH

Haymarket,USA

Summary

Hands-on experience and expertise in cybersecurity lie in competent monitoring, detecting, researching, prioritizing, and remediating threats using advanced technologies such as SIEM, EDR, and various enterprise security tools. A solid background in Quality Management Systems guides in effectively monitoring and analyzing security risks, resulting in continuous improvement. Commitment to ensuring confidentiality, integrity, and availability for critical systems remains a top priority. Dedication to staying current on emerging trends and advances in cybersecurity provides up-to-date knowledge and skills—detail-oriented and collaborative team player with a positive mindset and multilingual proficiency in Turkish and English.

Results-driven IT professional with notable success in planning, analyzing, and implementing security initiatives. Strengths in providing comprehensive network design and security frameworks. Certified in CompTIA Security+ and Certified Information Systems Security Professional (CISSP).

Cybersecurity Specialist proficient in online security research, planning, execution, and maintenance. Skilled at training internal users on security procedures and preventive measures.

Developed critical analytical skills and problem-solving abilities in a fast-paced cybersecurity environment. Demonstrated success in identifying and mitigating security threats while maintaining network integrity. Seeking to transition into a new field, leveraging transferable skills to drive success in diverse environments.

Overview

21
21
years of professional experience
1
1
Certification

Work History

SOC Security Analyst

National Cyber Group
01.2023 - Current
  • Offering a robust approach to combating cyber threats, well-versed in leading tools in the field of cybersecurity, such as Splunk Enterprise Security, CrowdStrike Falcon, SentinelOne, ProofPoint, and Tenable Nessus
  • Primary responsibilities entail real-time monitoring and triaging of company alerts, thorough research of threat information, and internal escalation of legitimate security incidents
  • Collaborate closely with escalation engineers, actively participate in training sessions and weekly meetings, and provide valuable insights to enhance processes and procedures by reviewing courses of action and offering well-informed suggestions
  • Monitor index logs using SIEM tools (such as Splunk ES and IBM QRadar), analyze offenses and notables, and investigate security anomalies using OSINT tools
  • Secure endpoints by monitoring with EDR tools (such as Crowdstrike and SentinelOne), investigate static and dynamic incidents, and conduct root cause analysis with deep visibility methods
  • Investigate phishing emails using the Proofpoint email security tool, observe behaviors of malicious links, hashes, and attachments in sandboxes, and perform manual phishing investigations using OSINT
  • Write detailed executive summary reports by utilizing IBM Soar and Jira ticketing systems after investigating incidents, remediating network traffic, and reviewing host logs
  • Utilize the MITRE ATT&CK framework to identify threats, vulnerabilities, and risks, and classify detection signatures for malicious activities
  • Analyze PCAP files using Wireshark, examine network security issues, gather infected hosts’ details, then prepare executive summary reports
  • Reduced security risks by 25% through enhancing protocols and ensuring adherence to regulations.

Busines Owner& Quality Manager

OGIS CHEMICALS LTD
01.2004 - 05.2021
  • Directed all operational aspects of the business, including strategic planning, budget management, and staff supervision, to ensure organizational success.
  • Developed and implemented a robust Quality Management System (QMS), driving continuous process improvements and ensuring compliance with international standards.
  • Conducted inspections, audits, and data analysis to identify and rectify quality issues, ensuring customer satisfaction and regulatory adherence.
  • Oversaw supplier relationships, negotiated contracts, and ensured a consistent supply of high-quality materials.
  • Collaborated with cross-functional teams to optimize processes and implement innovative solutions, resulting in enhanced efficiency and reduced operational risks.
  • Delivered training and mentorship to staff, fostering a culture of quality and accountability across the organization.

Education

Bachelor of Science - Chemical Engineering

Yildiz Technical University
Istanbul, TR
06.1998

Educational Sciences Pedagogical Formation -

Yildiz Technical University
Istanbul, TR
06.1998

Skills

  • Security Information and Event Management (SIEM): Splunk Enterprise Security, IBM QRadar
  • Endpoint Detection and Response (EDR): CrowdStrike Falcon, SentinelOne
  • Phishing & Malware Analysis: Proofpoint Email Security, Data Loss Prevention (DLP)
  • Ticketing: Jira, IBM Security SOAR (Resilient)
  • Network Domain: Next-Generation Firewall (NGFW), Network Security, Wireshark Packet Analysis, DNS, Whois, OSI Model, TCP/IP Security
  • Skills: Phishing Analysis, Incident Response, Malware Analysis, Log Analysis, Data Loss Prevention, Risk Mitigation, Threat Intelligence, Email Security, Sandboxing, Nmap, Kali Linux, VirtualBox, Vulnerability Management (Nessus, Tenable, Acunetix)
  • Frameworks: MITRE ATT&CK, OWASP Top10, ISO27001, Cyber Kill Chain, NIST800, SANS, Diamond Model

Certification

  • - CompTIA Security+
  • - CompTIA CySA+
  • - ISO27001 Lead Auditor
  • - Splunk Core Certified User
  • - Cisco Introduction to Cybersecurity
  • - Cisco CCNA Introduction to Network
  • - Cyber Security Analyst Hands-on Training
  • - Penetration Testing Hands-on Training (continuous)

Accomplishments

  • Educated management on how to minimize risk of cybersecurity attacks.
  • Performed comprehensive investigations of security breaches and implemented appropriate solutions.
  • Created daily database reports to identify and mediate potential vulnerabilities.
  • Trained end users on proper security protocol to minimize cybersecurity attacks.
  • Used Microsoft Excel to develop inventory tracking spreadsheets.
  • Resolved product issue through consumer testing.

Languages

Turkish
Native or Bilingual
English
Professional Working

Timeline

SOC Security Analyst

National Cyber Group
01.2023 - Current

Busines Owner& Quality Manager

OGIS CHEMICALS LTD
01.2004 - 05.2021

Bachelor of Science - Chemical Engineering

Yildiz Technical University

Educational Sciences Pedagogical Formation -

Yildiz Technical University

Similar Profiles

  • Laura Frances McCann

    Laura Frances McCannLaura Frances McCann

    Business Support Team Manager at National Cyber Crime Unit, National Crime AgencyBusiness Support Team Manager at National Cyber Crime Unit, National Crime Agency

    View Profile
  • FRANKLIN HICKS

    FRANKLIN HICKSFRANKLIN HICKS

    SENIOR CYBER INTELLIGENCE ANALYST at National Security Agency, NSA, National Cyber Threat Operations Center, NCTOCSENIOR CYBER INTELLIGENCE ANALYST at National Security Agency, NSA, National Cyber Threat Operations Center, NCTOC

    View Profile
  • FRANKLIN HICKS

    FRANKLIN HICKSFRANKLIN HICKS

    SENIOR CYBER INTELLIGENCE ANALYST at National Security Agency, NSA, National Cyber Threat Operations Center, NCTOCSENIOR CYBER INTELLIGENCE ANALYST at National Security Agency, NSA, National Cyber Threat Operations Center, NCTOC

    View Profile
Derya KOCH