Ibrahim Sertkaya

Cyber Security Consultant

About Me

Hello! I’m Ibrahim Sertkaya.
IT Security Consultant with a wide range of knowledge in IT security and cryptography. With a Master degree in IT Security Networks and Systems from the Ruhr University Bochum. A passion for penetration testing and vulnerability searching.

Education Master of Science
Address: Köln, Germany

My Services

DevSecOps

Secure Your DevOps Practice by automating the detection of security issues throughout the Software Development Lifecycle

Pentesting

Testing Web- and iOS Applications for common vulnerabilities according to OWASP TOP 10

Splunk

Splunk Enterprise Security is the nerve center of the security ecosystem, giving teams the insight to quickly detect internal and external attacks.

Development

Developing memorable and unique mobile ios and smart home applications.

Certififications and Trainings

Interests

Smart Home Developer

Cycling

Apple iOS Developer

Callygraphy

Reading and Learning new Stuff

Resume

Experience

2024 - present

DevSecOps Engineer CI/CD

Senec GmbH

Pioneered the integration of automated security tools into GitLab CI/CD pipelines, enhancing the detection and mitigation of vulnerabilities in early development stages for continuous delivery environments.
Developed and integrated proprietary security tools into the GitLab Ultimate CI/CD pipeline, enhancing the company’s security posture by automating security scans for the early detection of potential threats and leaks.

2018 - 2024

Cyper Security Consultant

Spike Reply DE GmbH

Led and coordinated comprehensive vulnerability assessments and penetration tests for Web, Mobile, and Cloud Applications, aligning with OWASP Top 10 and Web/Mobile Application Security Testing Guidelines. Employed manual and automated methodologies to uncover and assess vulnerabilities such as SQL Injection, Cross-Site Scripting (XSS), and authentication flaws, significantly enhancing application security posture through detailed risk analysis and mitigation strategies.
Support customers in the transformation from DevOps to DevSecOps. Define Security Requirements based on OWASP DSOMM and OWASP SAMM. Ensuring the effective implementation of recommended security measures. Provided expert security consulting and facilitating a culture of security awareness within the organization.
Development of a software defined network to provide a broadband internet connection based on microservice-based technologies.
Working as Security Champion in Agile Projects and supporting in topics like Security by Design principles, building an automated continuous security pipeline, code review, security testing and hardening and, container / docker security.
Setting up secure Software Development Life Cycle processes, review security tools for automated malware analysis, automated threat modelling & Testing. Mobile iOS App Penetration Testing

2017 - 2018

Master-Student IT Security

inovex GmbH

For the master thesis a framework for the evaluation of Password Strength Meters on the most used websites was programmed. For this purpose, criteria were defined and evaluated using secure passwords. The evaluation systems were then evaluated and compared for their accuracy. The current work can be found on the website of the university: https://password-meter-comparison.org/

2012 - 2015

Dual Study - Applied Computer Science

Hewlett-Packard GmbH

A program combining the study of Applied Computer Science at the DHBW Stuttgart with internships in various business units of HP to gain both theoretical and practical knowledge.

EDUCATION

2015 - 2018

IT Security - Networks and Systems

Ruhr-Universität Bochum

This degree programme is unique, because, it provides substantial expertise in IT security based on the three-pillar model: Computer Science – Information & Technology – cryptography and students get integrated into industry-leading research teams and have access to state-of-the-art research lab equipment. It provides also the opportunity to specialise in the following fields: Network and Data Security, Embedded Security, Cryptography, System Security, Security Engineering, Human-Centred Security, Mobile Security

2012 - 2015

Applied Computer Science

Duale Hochschule Baden-Württemberg, Stuttgart

A program combining the study of Applied Computer Science at the DHBW Stuttgart with internships in various business units of HP to gain both theoretical and practical knowledge.

My Skills

Language

German
English
Turkish

Competences

DevOps Security Concepts

75%
Ansible - Automation Framwork

30%
iOS Mobile App Penetration Testing

50%
Security General Consulting

90%
Web Development

90%
iOS Development - Swift

75%