Ugur Akyazi

Senior Cyber Security Specialist
Den Haag, NL.

About

Highly accomplished Senior Cyber Security Specialist with extensive practical and research experience across threat detection, incident response, and GRC. Leverages deep expertise in AI/ML, GenAI, and system/security architecture to manage complex cyber challenges and drive innovative security projects, enhancing cyber/business resilience.

Work

PricewaterhouseCoopers (PwC)
|

Cyber Threat Response Analyst - Triage Leads member in a Global CSIRT/SOC

Den Haag, The Netherlands, Netherlands

Summary

Led global cyber threat response operations, leveraging advanced analytics and AI/ML to enhance detection, incident triage, and security automation within a CSIRT/SOC environment.

Highlights

Conducted comprehensive security event analysis, including log, host, and email analysis across ServiceNow, Splunk SIEM, Microsoft XDR, ProofPoint, PaloAlto, and Digital Guardian DLP, to identify and mitigate threats.

Performed in-depth cloud security analysis (Azure, GCP, AWS) and OSINT/Sandbox analysis to uncover sophisticated cyber threats.

Automated phishing ticket enrichment, processing over 20,000 similar tickets in 1.5 years, drastically improving response efficiency.

Contributed to a GenAI-based Cyber Phishbot tool, reducing phishing email analysis time by approximately 50% through automated suspicious indicator analysis.

Developed and optimized 9 new Splunk and MDE detection rules, and reviewed 25 existing rules, significantly enhancing threat detection capabilities.

Streamlined initial incident triage and escalation processes, conducting lessons learned analysis and coordinating critical communications with IT Core teams.

Leveraged GenAI prompts for efficient ticket reviews, log inspections, and comprehensive incident analysis.

Partnered with the Threat Intelligence Team to address sensitive data disclosures and execute domain takedowns, safeguarding organizational assets.

Technical University of Delft
|

Senior Researcher (Cybersecurity Data Science)

Delft, The Netherlands, Netherlands

Summary

Conducted advanced cybersecurity data science research, focusing on machine learning applications for threat detection and cybercrime intelligence.

Highlights

Led research on identifying IoT botnet malware families and analyzing malware-based payment attacks using machine learning on network behavior.

Performed empirical data analysis utilizing ML and causal models to extract cybercrime intelligence from underground markets and forums.

Co-lectured and supervised 'Economics of Cybersecurity' MSc course for 3 semesters, covering security metrics, investment, risk management, and data analytics.

NATO Communications and Information Agency
|

Software Projects Expert

The Hague, The Netherlands, Netherlands

Summary

Managed and provided expert guidance on life cycle management for critical NATO AirC2 software projects and strategic initiatives.

Highlights

Managed the full life cycle of NATO AirC2 (Air Command and Control) Software Projects, ensuring adherence to strategic objectives and operational requirements.

Served as National Expert for critical NATO Committee and Board meetings, providing strategic input for AirC2 Software Projects across various working groups.

Department of Information Systems, Ministry of Defense
|

Network Systems and Security Manager (9 direct reports)

Ankara, Turkey, Türkiye

Summary

Managed a team of 9, overseeing network and security infrastructure for critical ICT projects and maintaining extensive intranet and internet networks.

Highlights

Delivered robust network and security infrastructure, ensuring seamless operations for critical ICT projects.

Maintained firewall and router/switch security across extensive Intranet and Internet networks, ensuring continuous protection.

Successfully deployed and authorized NATO Secure Wide Area Network across 23 distinct sites, enhancing secure communication capabilities.

Administered and maintained a large-scale network of over 3,000 devices across 90+ branches and a data center, ensuring 24/7 network operations.

Department of Information Systems, Ministry of Defense
|

Cyber Defense and Systems Section Head (Team > 40)

Ankara, Turkey, Türkiye

Summary

Led a team of over 40 professionals, overseeing cyber defense, IT risk management, and systems administration for critical national defense infrastructure.

Highlights

Directed IT risk management and cyber/business resilience strategies, ensuring robust defense against evolving threats.

Ensured strict compliance with ISO27001 policies, regulations, and audit requirements, enhancing organizational security posture.

Supervised a 40+ member data center administration team across four divisions: Cyber Defense & Operations, Network Systems & Security, IT Systems Administration, and Visual Data Systems & Help Desk Management.

Department of Information Systems, Ministry of Defense
|

Network Engineer

Ankara, Turkey, Türkiye

Summary

Diagnosed and resolved network and security issues, ensuring optimal network performance and reliability.

Highlights

Resolved complex network and security issues, minimizing downtime and enhancing system stability.

Monitored network performance to proactively identify and address potential bottlenecks, ensuring high availability.

National Defense University, Computer Engineering Department
|

University Lecturer

Istanbul, Turkey, Türkiye

Summary

Educated undergraduate students and professionals in various computer science and information security disciplines.

Highlights

Instructed the 'Information Security' Certification Program, equipping professionals with essential cybersecurity knowledge.

Delivered lectures for 7 undergraduate courses over multiple semesters, including Computer Science, Java Programming, System Analysis, and Internet Programming.

National Defense University, Computer Engineering Department
|

Research Assistant

Istanbul, Turkey, Türkiye

Summary

Conducted research activities within the Computer Engineering Department.

Highlights

Supported academic research projects, contributing to data collection, analysis, and report generation.

Education

National Defense University
Ankara, Turkey, Türkiye

Master of Science in Administration (MScA)

International Strategy Management and Leadership

Courses

Thesis: Examining distributed cyber warfare weapons and evaluating cyber security measures

Istanbul Technical University
Istanbul, Turkey, Türkiye

Doctor of Philosophy (PhD)

Computer Engineering (Cyber Security Optimization by AI)

Courses

Thesis: Distributed Intrusion Detection using Mobile Agents and Nature Inspired Algorithms

Air University, Institute of Tech.
Montgomery, AL, United States of America

Master of Science (MSc)

Systems Engineering (Minor: Computer Science)

Courses

Thesis: Commercial Regional Space/Airborne Imaging

National Defense University
Ankara, Turkey, Türkiye

Bachelor of Science (BSc)

Computer Engineering

Awards

Distinguished Instructor Award

Awarded By

Turkish National Defense University

Recognized for outstanding instructional contributions as a university lecturer.

Scholarship for PhD Education

Awarded By

Turkish Science and Technology Council

Awarded a scholarship to support Doctor of Philosophy education.

Publications

Measuring Cybercrime as a Service (CaaS) Offerings in a Cybercrime Forum

Published by

CyberSec&AI Conference

Summary

Invited scientific talk presented at CyberSec&AI Conference in The Czech Republic.

Beneath the radar: Exploring the economics of business fraud via underground markets

Published by

6th Annual Cyber Security Next Generation Workshop

Summary

Invited scientific talk presented at the 6th Annual Cyber Security Next Generation Workshop in The Netherlands.

Analysing the Cybercrime-as-a-Service Offerings and their links to private communication channels in underground forums

Published by

4th Cybercrime Conf., Cambridge Cybercrime Centre

Summary

Invited scientific talk presented at the 4th Cybercrime Conference in Cambridge, UK.

Distributed Artificial Immune System for Cybersecurity

Published by

Self-healing security WS of TNO

Summary

Invited scientific talk presented at the Self-healing security Workshop of TNO in The Netherlands.

Languages

Turkish
English
Dutch

Certificates

ISO27001 Lead Auditor

Issued By

BBS

TryHackMe (45 rooms completed)

Issued By

TryHackMe

AZ-900: Microsoft Certified: Azure Fundamentals

Issued By

Microsoft

Certified AI Master in Cybersecurity

Issued By

SOCRadar

ISO27001 Lead Implementer

Issued By

BBS

AZ-500: Microsoft Certified: Azure Security Engineer Associate

Issued By

Microsoft

SOC Core Skills, Advanced Endpoint Investigations and Cyber Threat Hunting

Issued By

Antisyphon

SC-900: Microsoft Certified: Security, Compliance, and Identity Fundamentals

Issued By

Microsoft

PRINCE2 Foundation

Issued By

Axelos

Inclusive Mindset

Issued By

PwC

Certified Information Systems Security Professional (CISSP)

Issued By

(ISC)²

Splunk - Knowledge Objects, Search, Fields, Visualizations, Reports and Alerts

Issued By

Splunk

Data Analytics (Alteryx, Tableau, PowerBI)

Issued By

PwC

Using ATT&CK for Cyber Threat Intelligence

Issued By

MITRE

Advanced Malware Traffic Analysis

Issued By

Black Hat

Building ML Pipeline with NLP, TensorFlow, AWS SageMaker, AICamp

Issued By

AICamp

Anomaly Detection for Cybersecurity with Elastic ML

Issued By

Elastic

Threat Hunting with Suricata IDS supported with Elasticsearch and Kibana

Issued By

OISF

Cisco Devnet Express Security (Threat detection)

Issued By

Cisco

CCNP Routing/Switching /TroubleShooting

Issued By

AcademyTech

Skills

Incident Detection & Response

ServiceNow SecOps, Splunk SIEM, Microsoft Defender for Endpoint XDR, ProofPoint Email Security, PaloAlto FW/IDS, Digital Guardian DLP, UberAgent UXM, CyberArk Identity Security, Cylance AI AV.

Cloud Security Analysis

Azure, GCP, AWS, Wiz.

OSINT & Sandbox Analysis

VirusTotal, RiskIQ, DomainTools, RunZero, UrlScan.io, VMRay, Recorded Future.

Network & Malware Traffic Analysis

WireShark.

Networking & Performance Monitoring

Cisco Switches, Cisco Routers, Network Performance Monitoring.

GRC & Disaster Recovery

GRC, Disaster Recovery, Cyber Security Exercises Planning.

AI/ML & Data Science

AI, GenAI, Machine Learning.

Databases

Access, MySQL, SQLite, PostgreSQL.

Programming Languages

Java, Python, R.

Web Development

HTML, Apache, PHP, CSS, JavaScript.

Systems Engineering

Trade-off Analysis, Sensitivity Analysis, Measure of Effectiveness, Risk and Impact Analysis.

Project Management

Scrum Mastering.