Home
Available for Consulting
Aviation Cybersecurity
Threat Intelligence
SOC Team Lead specializing in aviation security operations, advanced threat hunting,
and security automation. Building resilient defenses for critical infrastructure.
Aviation SOC Operations
Threat Intelligence & Hunting
Security Automation
Detection Engineering
Defending Aviation Infrastructure Through Advanced Security Operations
SOC Team Lead at TAV Technologies with extensive experience in aviation cybersecurity,
threat intelligence, and security operations. Specialized in building and managing
security operations centers for critical infrastructure protection.
My career spans roles from Threat Intelligence Analyst to SOC Team Leader, with hands-on
experience in SIEM, EDR/XDR, SOAR, and custom threat intelligence platforms. I focus on
aviation-specific security challenges, developing detection strategies and automation
solutions that minimize false positives while maximizing threat visibility.
Currently leading SOC operations in the aviation sector, I integrate machine learning
and data science with traditional cybersecurity practices to build predictive,
automated defense systems. My approach combines deep technical expertise with strategic
security architecture to protect critical aviation infrastructure.
Years Experience
Certifications
Aviation Focus
Key Certifications
CSA
CTIA
SC-100
SC-200
SC-300
Security Operations & Threat Intelligence
Aviation Security Operations
Specialized SOC operations for aviation infrastructure, addressing unique threats to aircraft systems, ADS-B, ACARS, and airport networks.
- Aviation-specific threat landscape analysis
- Critical infrastructure protection
- Regulatory compliance (ICAO, TSA)
- Incident response for aviation systems
Threat Intelligence & Hunting
Advanced threat intelligence automation, IOC analysis across multiple sources, and proactive threat hunting using SIGMA, YARA, and custom detection rules.
- Multi-source threat intelligence platform
- Zero false-positive IOC validation
- Custom threat hunting playbooks
- APT tracking and analysis
SIEM & Detection Engineering
Expert in SIEM platforms (QRadar, Splunk, Defender), detection rule development, and KQL query optimization for threat detection.
- KQL, SPL, AQL query development
- SIGMA & YARA rule creation
- Use case development & tuning
- False positive minimization
Security Automation (SOAR)
Building automated incident response workflows using Cortex XSOAR, integrating threat intelligence feeds, and orchestrating security operations.
- Cortex XSOAR playbook development
- Security workflow automation
- API integration & orchestration
- Response time optimization
EDR/XDR Operations
Microsoft Defender, Cortex XDR deployment, management, and advanced threat detection using endpoint telemetry and behavioral analysis.
- Microsoft Defender for Endpoint
- Cortex XDR management
- Endpoint threat hunting
- Custom detection rules
Security Development
Python-based security tool development, threat intelligence platforms, and automation scripts for SOC operations.
- Python security tools
- MCP server development
- API integration frameworks
- Data analysis & visualization
Security Projects & Research
Multi-Source Threat Intelligence Platform
Automated threat intelligence platform analyzing IOCs across 9 sources (VirusTotal, AbuseIPDB,
AlienVault, Shodan, etc.) with zero false positives. Generates aviation-specific threat reports
and actionable Microsoft Defender EDR KQL queries.
MCP
REST APIs
KQL
Threat Intel
TI Sources
False Positives
Automation
Aviation SOC Playbooks
Comprehensive incident response playbooks specifically designed for aviation infrastructure,
covering scenarios from ADS-B spoofing to ACARS interception.
Incident Response
Aviation Security
SOAR
SIGMA Rules for Aviation Threats
Open-source SIGMA detection rules repository focusing on aviation-specific attack patterns,
critical vulnerabilities, and threat actor TTPs.
YARA
Detection Rules
SIEM
KQL Query Collection
Advanced KQL queries for Microsoft Defender, covering threat hunting, incident investigation,
and proactive monitoring scenarios in aviation environments.
Microsoft Defender
Threat Hunting
EDR
Technical Articles & Research
Hardening the Microsoft 365 Security Ecosystem
A professional defense manual for Defender XDR and EDR, covering advanced configuration,
detection engineering, and threat hunting strategies for enterprise environments.
Aviation Cybersecurity: Lessons from Collins Aerospace Incident
Case study analysis of the Collins Aerospace ARINC MUSE platform attack, examining supply
chain vulnerabilities, systemic fragility, and incident response in aviation infrastructure.
Building Zero-FP Threat Intelligence Platforms
Deep dive into architecting automated threat intelligence systems with multi-source
validation, risk scoring algorithms, and integration with security operations workflows.
Let’s Discuss Aviation Security
Available for consulting, speaking engagements, and collaboration on aviation
cybersecurity projects. Whether you need SOC expertise, threat intelligence
guidance, or security architecture consulting – let’s connect.
Istanbul, Turkey