Hakkımda

Kuzey AKSU
Kuzey AKSU Özgeçmiş
IS0 27001 LA - CEH v9 - ITIL v3 - KVKK - GDPR
İkbal caddesi Ümraniye
İstanbul TÜRKİYE
34774

My main professional expertise are; Team Management, IT Budgeting (CAPEX and OPEX), Information Security (COBIT, ISO/IEC 27001, CEH, SANS CIS 20), ISO/IEC 27001 Internal Auditor, ISO/IEC 27001 Lead Auditor, IT Compliance, IT Governance (ITIL V3), Project Management, Vendor Management, Outsourcing, IT Infrastructure Management, Disaster Recovery and Business Continuity Management, Data Center Design Monitoring and Operation, SDLC, Software Project Management, Dot Net Framework.

Education
Preston University
2007 - 2010
Master of Science in Information Technology
Anadolu Üniversitesi
1993-1999
Business Administration
Experience
Yıldırım Technology
07/2018 -
Global Information Security Senior Manager at Yıldırım Technology

Yıldırım TechnologyDevelop, implement and monitor a comprehensive global information security and risk management program based on standard industry frameworks to ensure the integrity, confidentiality, and availability of Yıldırım Group information assets.

Provide leadership, direction and guidance in assessing and evaluating information security risks and build cohesive security and compliance programs to ensure that security and privacy programs follow relevant laws, regulations, and policies to minimize or eliminate risk and audit findings.

Lead information security planning processes to establish annual and long-range security and compliance goals define security strategies, metrics, reporting mechanisms and program services; and create maturity models and a roadmap for continual program improvements.

Develops and monitors budget requirements, track and evaluate related expenditures; develops and negotiates specifications for contracted services and tools.

Build and manage the enterprise’s information security organization, consisting of direct reports and indirect reports. This includes hiring, training, staff development, performance management and annual performance reviews in line with growth strategy agreed with management.

Work closely with IT leaders, technical experts, internal audit and business leaders across the organization to examine impacts of new technologies on the organizations overall information security posture and establish processes to review implementation of new technologies to ensure security compliance.

Create and manage information security and risk management awareness training programs for all employees, contractors, and approved system users. Educate and advise business leaders on security issues, best practices, and vulnerabilities.

Facilitate information security governance through the implementation of a collaborative governance program

Develop, maintain, and publish up-to-date information security policies, standards, and guidelines. Oversee the approval, training, and dissemination of security policies and practices.

Develop, implement and administer technical security standards, as well as a suite of security services and tools to address and mitigate security risk.

Manage security incidents and events to protect corporate IT assets, including intellectual property, regulated data, and the company’ s reputation and act as primary control point during significant information security incidents.

Conducts and/or oversees special investigations and directs the coordination with law enforcement

Facilitate a metrics and reporting framework to measure the efficiency and effectiveness of the program, facilitate appropriate resource allocation, and increase the maturity of the security.

GKFX Financial Services ltd.
2016 - 2018
Information Security Manager

GKFXGKFX is UK based multinational finance company. GKFX  has branches following countries England, Germany, Spain, Chine and many more. I am Head of IT Security and reporting to CTO. My role in organisation covers determining company's IT security management framework (ISO 27002, PCI/DSS, NIST 800-53,SANS 20 etc.) and IT Risk Management framework (ISO 27005, OCTAVE, NIST 800-37). Preparing IT security policies, guidelines, coordinate and manage projects that will ensure GDPR and KVKK compliance standards. Determining company's cyber security needs. Also preparing IT Security department budged, all staffs Security Awareness Training, building IT Security Team, Vulnerability scans and Penetration tests, taking safeguarding controls for both internal and external threats.

Consultancy
Freelance IS & IT Consulnacy
[caption id="" align="alignleft" width="89"] Cyber Arena[/caption]

ISO/IEC 27001 ISMS based Information Security, Cyber security and penetration testing, ITIL based IT governance implementation and IT Infrastructure consultancy.

Habboush Group
2013 - 2014
IT Manager

Habboush GroupGovernance Responsibilities;
Supervision of IT team both Turkey and Dubai (totally 3 employers) . Manages the IT related projects and makes the IT related service agreements and negotiations with vendors both for Dubai & Turkey offices. Preparing infrastructure design for both infrastructure & business projects. Preparation of corporate IT policies and procedures. Implement COBIT and ITIL best practices that focus on people, process, and technology, and information perspectives of providing business solutions within the IT infrastructure. Ensuring process implementation and SLA adherence. Monitoring Service desk call / ticket queues to ensure faster response and resolution times as per the defined SLA as well as monitoring and review the calls with users for quality and conduct regular performance reviews to ensure quality and timely responses ensuring enhanced customer satisfaction. Server, Client and related software and hardware acquisition, budgeting. Responsible for Development and Implementation of Business Continuity and Disaster Recovery Plan, Implementing ISO/IEC 27001 ISMS directives in the firm.

Technical Responsibilities;
Maintenance, monitoring and administration of; Windows 2008 AD with 100 users and 20+ servers Mission-critical servers which include Microsoft SQL 2005 & 2008, Microsoft IIS 6.0, Microsoft Wusus, SAP Business One, McAfee, File, Microsoft Hyper-V, VMware, Cisco Call Manager,
Symantec Backup exec, Fax server, Fax Lines, WAN, PRI and Voice lines. Implementations, installations, configurations, troubleshoot, and evaluation of existing and new Microsoft Windows server operating systems. Administration of MS Exchange 2007 mailbox and public folder services. Administration of user’s computer environment by using Group Policy. Deploying all critical & security updates on both client workstations & servers via MS Wusus. Determining company’s software needs and license management 

Cigna Hayat Sigorta

Cigna LogoGovernance Responsibilities;

Supervision of local infrastructure team (totally 2 employers) and coordination of 3th party (outsourced) network, data center, voice vendors. Preparation of corporate IT policies and procedures. Implement COBIT and ITIL best practices that focus on people, process and technology and information perspectives of providing business solutions within the IT infrastructure. Process owner for incident management, problem management and service requests. Ensuring process implementation and SLA adherence. Monitoring Service desk call / ticket queues to ensure faster response and resolution times as per the defined SLA as well as monitoring and review the calls with users for quality and conduct regular performance reviews to ensure quality and timely responses ensuring enhanced customer satisfaction. Server, Client and related software and hardware acquisition, budgeting. Responsible for Development and Implementation of Business Continuity and Disaster Recovery Plan, Managing ISO/IEC 27001 ISMS and making vendor audits.

Technical Responsibilities;
Maintenance, monitoring and administration of;
Windows 2003 AD with 100 users and 30+ servers, Mission-critical servers which include Microsoft SQL 2005, Microsoft IIS 6.0, Microsoft SCCM, Application, Symantec endpoint protection, File, Microsoft Hyper-V, Vmware, Verint Voice Recording, Cisco Call Manager, Symantec Backup exec, Symantec Netbackup.IBM DS5200 SAN system. Fax server, Fax Lines, WAN, PRI and Voice lines. Implementations, installations, configurations, troubleshoot, and evaluation of existing
and new Microsoft Windows server operating systems. Administration of MS Exchange 2007 mailbox and public folder services.

Project Management Responsibilities;
Coordinating and managing both Regional & Local IT Infrastructure Projects as a Turkey Infrastructure Lead. Preparing infrastructure design for both infrastructure & business projects. See less

CitiBank Türkiye
2005-2011
Senior Infrastructure Systems Engineer

Citibank Governance Responsibilities;

Supervision and coordination of outsourced 7/24 operation, monitoring and information security team (totally 12 employers). Preparation of corporate IT procedures. Implement COBIT and ITIL best practices that focus on people, process, and technology, and information perspectives of providing business solutions within the IT infrastructure. Process owner for incident management, problem management, change management and service requests. Ensuring process implementation and SLA adherence. Monitoring Infrastructure team ticket queues to ensure faster response and resolution times as per the defined SLA as well as monitoring and review the calls with users for quality and conduct regular performance reviews to ensure quality and timely responses ensuring enhanced customer satisfaction. Managing ISO/IEC 27001 ISMS and ensuring relevant evidence during internal and external audits.

Technical Responsibilities;

Maintenance, monitoring and administration of windows 2003 AD with 2000+ users and 200+ servers. Implements, installs, configure monitors, troubleshoot, and evaluate existing and new Microsoft Windows server operating systems. Maintenance, monitoring and administration of mission-critical servers which include Microsoft SQL 2005, Microsoft IIS 6.0, Application and Legato Networker. Maintenance, monitoring and administration of two main data center and 25 branch system room.

Project Management Responsibilities;

Coordinating and managing both Regional & Local IT Infrastructure Projects as a Turkey Infrastructure engineer. Preparing infrastructure design for both infrastructure & business projects.

Eğitim ve Seminerler
Iso 27001 LA
BSI
CISM
ISACA Istanbul Chapter
CRISC
Cybrary
CEH V9
EC-Council
Chief Information Security Officer (CISO)
Cybrary
ECSA
EC-Council
ITIL V3
Peoplecert
Incident Response and Advanced Forensics
Cybrary