Henry H Ciftci
Jacksonville,FL
Summary
CompTIA Security+ certified Cybersecurity Specialist with three years of experience as a SOC Analyst, specializing in threat detection, incident response, and security monitoring. Proficient in analyzing security events, investigating vulnerabilities, and mitigating cyber threats to protect enterprise environments. Skilled in SIEM tools, network security, and endpoint protection, with a strong understanding of security frameworks and compliance standards. Adept at collaborating with cross-functional teams to enhance security posture and implement proactive defense strategies. Passionate about continuous learning and staying ahead of emerging cyber threats.
Previously worked as a QA Engineer for five years, with over five years of IT experience, bringing a keen eye for detail and a passion for automation and coding.
Overview
12
12
years of professional experience
1
1
Certification
Work History
Cybersecurity Analyst
Cyblu
02.2023 - Current
- Handled daily activities of the SOC team in a 24x7 environment, monitoring and managing customers` security infrastructure, investigation, incident response, and vulnerability management.
- Investigate emails through Proofpoint to determine the legitimacy of files and domain.
- Analyzed thread patterns on various security devices and validation of False/True positive security incidents.
- Reduced risk of cyber attacks by conducting regular vulnerability assessments and penetration testing.
- Improved incident response times by developing and maintaining cybersecurity playbooks for common attack scenarios.
- Ensured compliance with industry regulations by performing comprehensive audits on existing security policies and procedures.
- Perform log analysis using SIEM tools like Splunk, launch an investigation to uncover security
abnormalities, put remediation and recovery measures in place, and then offer suggestions to the technical teams via Splunk Enterprise Security. - Investigate unidentified processes using EDR and SIEM to find malicious ones that break security controls.
- Handle triage analysis through EDRs to identify the incident's timeline and the hosts it affected. Investigate potential risks via a threat hunt.
- Investigate malicious domains, IP addresses, and phishing emails using open-source tools, and propose possible blocking based on the results of the investigation using Proof Point.
- Monitored network traffic for security events and performed triage analysis thought CrowdStrike EDR tools.
- Monitored logs in Security Operation Center from different devices as as firewall, IDS, IPS, operating systems like Windows servers, System Application, Database, Web serves.
- Searched and analyzed offenses generated by IBM QRadar and notable events on Splunk Enterprise Security and provided recommendations to the technical team via the IBM QRadar Soar and Jira ticketing systems.
- Conduct proactive and reactive threat-hunting activities to identify potential vulnerabilities and threats to the organization's systems and application.
- Utilize threat intelligence sources to identify potential threats and vulnerabilities that may impact the organization's security posture.
- Perform network and system vulnerability assessments and penetration testing to identify weaknesses and potential attack vectors.
- Performed risk analyses to identify appropriate security countermeasures.
- Conducted security audits to identify vulnerabilities.
SDET/TEST AUTOMATION ENGINEER/QA TESTER
Fidelity-Corporate Traffic
12.2019 - 01.2023
- Worked in a fast-paced Agile environment as an SDET and analyzed business requirements, developed test scenarios, test cases, and automated test cases using Java, Selenium Web Driver, Cucumber, Gherkin, JUnit, JDBC, Rest Assured, and Apache POI.
- Executed Functional, Regression, Smoke, Integration, and End-to-End testing during the various phases of the application testing
- Performed defect reporting and bug tracking using JIRA X-Ray and followed up with the development team to verify bug fixes and update bug status.
- Involved in developing and maintaining the Cucumber BDD framework by using Page Object Model and Page Factory.
- Designed Cucumber BDD – DDD Framework by creating Feature, Cucumber Runner, and Step Definition classes by using Gherkin language and JUnit
- Created Data-Driven Tests using Apache POI libraries. Used test parameterization methods, including Cucumber Scenario Outline and external data sources using Java Collections.
- Maintained the automation code and resources by using GIT as a version control system and GitHub as an online repository.
- Attended Scrum Ceremonies like Sprint Planning, Sprint Grooming, Sprint Review, and Retrospective.
- Performed functional product reviews to detect verified weaknesses in retail products and software solutions.
- Aligned with QA engineers and testers to replicate and track bugs and defects for correction in subsequent iterations.
QA Analyst and Tester
Durasage Health
04.2018 - 11.2019
- Involved in creating and developing BDD Framework by using Selenium WebDriver, Page Object Model with Maven, TestNG, and Cucumber combination.
- Participated in all stages of STLC. Development of Test Cases and Test Scripts based on Acceptance Criteria for the Smoke Test and Regression Test.
- Created Cucumber HTML report with detailed Test Steps and screenshots.
- Performed remote execution of daily Smoke Tests and Regression on AWS cloud server with CI/CD pipeline - Jenkins and sent email reports.
- Utilized Selenium Grid for running multiple tests across different browsers in Parallel using AWS EC2.
- Wrote SQL queries to check proper data population in the application table and for data verification to perform Back End Testing against Oracle Database.
- Used JIRA as a defect-reporting and defect-tracking tool and strong knowledge of the Defect Life Cycle.
Software QA Tester
Cybertek
09.2017 - 03.2018
- Involved in the creation and development of BDD Framework by using Selenium WebDriver, Page Object Model with Maven, TestNG, and Cucumber combination.
- Designed and developed Test Cases and prepared Requirement Traceability Matrix (RTM) to ensure adequate coverage of the Test Cases.
- Created Cucumber HTML report with detailed Test Steps and screenshots.
- Performed API Testing using Postman and Karate.
- Actively participated in Sprint Planning, Retrospective, Sprint Demo, and Daily Stand-Up Meetings.
IT Manager
Sonoran Schools
07.2013 - 08.2017
- Improved network efficiency by implementing new server configurations and optimizing system operations.
- Enhanced IT infrastructure security with regular vulnerability assessments and proactive patch management.
- Reduced downtime by promptly addressing hardware and software issues, ensuring minimal impact on business operations.
- Streamlined processes through the automation of routine tasks, increasing team productivity and reducing manual effort.
- Responsible for efficient and safe running of Microsoft Windows based Servers, Network Switches and Phone System.
- Managed and maintained the school`s online learning platform, ensuring that it was updated and accessible to all student and teachers.
- Created and managed user accounts and permissions, ensuring that appropriate access was granted to each user.
- Performed root-cause analysis, conducted troubleshooting for issues, analyze system performance and collaborated cross-functionally to identify appropriate solutions.
- Establishing Windows 10 OS to computers.
- Fixing network/Internet connection problems.
Education
Bachelor of Science - Physics
Fatih University
06.2010
Skills
- Platforms: Proficient with Windows, Linux
- SIEM Tools: Splunk, QRadar
- Endpoint Security: CrowdStrike
- Event Management: Proofpoint
- Automation Testing Tools: Selenium WebDriver, Selenium Grid, Maven, Jenkins
- Frameworks: Cucumber, TestNG, JUnit, Spring Boot, Rest Assured, BDD
- Threat hunting
- Programming languages
Certification
- Security +, CompTIA - 2024-2027
Languages
Turkish
Native or Bilingual
Skills
- Languages: Java, SQL
- Development Tools: IntelliJ, Eclipse, Postman, GIT
- Interpersonal Skills: Strong Internet Research, Excellent Verbal, Written, and Quantitative Skills, Time Management and Prioritization Abilities
Timeline
Cybersecurity Analyst
Cyblu
02.2023 - Current
SDET/TEST AUTOMATION ENGINEER/QA TESTER
Fidelity-Corporate Traffic
12.2019 - 01.2023
QA Analyst and Tester
Durasage Health
04.2018 - 11.2019
Software QA Tester
Cybertek
09.2017 - 03.2018
IT Manager
Sonoran Schools
07.2013 - 08.2017
Bachelor of Science - Physics
Fatih University
Similar Profiles
Ahmet DursunAhmet Dursun
Cybersecurity Analyst at CybluCybersecurity Analyst at Cyblu
Henry CiftciHenry Ciftci
Cybersecurity Analyst at CybluCybersecurity Analyst at Cyblu
Nesim BattalNesim Battal
SOC Analyst at CybluSOC Analyst at Cyblu
Luis VilaLuis Vila
Pipefitter Foreman at Gary Rodgers PlumbingPipefitter Foreman at Gary Rodgers Plumbing
Destiny FieldsDestiny Fields
Fraud Operations Specialist at CitibankFraud Operations Specialist at Citibank