About Me
Short Bio
Ensar Şeker, an accomplished professional in the field of Electrical and Computer Engineering (ECE), completed his undergraduate and graduate studies at New York Tech. He furthered his academic pursuits at TalTech for his Ph.D. in Information and Communication Technologies.
His professional journey began in the United States, where he served as an IT Specialist at Solaris from 2010 to 2013. He then transitioned to Turkish Petroleum A.Ş. in Turkey, where he held the esteemed position of Chief of the IT Department from 2013 to 2015.
In 2016, Ensar took on a significant role as the national representative for the Republic of Turkey and a security researcher at the NATO Cooperative Cyber Defense Center of Excellence (CCD COE) based in Tallinn, Estonia. This role lasted until 2018.
Simultaneously, from 2015 to October 2020, he contributed his expertise as a senior researcher at TÜBİTAK BİLGEM Cyber Security Institute. Since November 2020, he has been managing multiple roles at DefenseIn and then BGA Security, including MDR project manager, pentest project manager, and CISO.
Currently, Ensar holds the prestigious positions of Vice President of Research and CISO at SOCRadar. His professional qualifications include eWPTX (eLearnSecurity Web Application Penetration Tester eXtreme), eCTHP (eLearnSecurity Certified Threat Hunting Professional), CRTP (Certified Red Team Professional), CCISO (Certified Chief Information Security Officer), CEH (Certified Ethical Hacker), CTIA (Certified Threat Intelligence Analyst), CND (Certified Network Defender), CSA (Certified SOC Analyst), DRP (Disaster Recovery Professional), CEI (Certified EC-Council Instructor), CES (Certified Encryption Specialist), CCSE (Certified Cloud Security Engineer) certifications. He is a prolific writer with over 150 published articles on cyber security, artificial intelligence, and blockchain, further establishing his authority in these fields.
Curriculum Vitae
Professional Experience
Vice President of Research and Chief Information Security Officer (CISO)
SOCRadar, Middletown, US (January 2022–present)
SOCRadar is a pioneering entity in the realm of cybersecurity, providing an advanced early warning system against cyber threats. Our comprehensive threat intelligence services are bolstered by a robust platform that ensures optimal security for our clients.
In my capacity as the Vice President of Research and Chief Information Security Officer, my responsibilities encompass a broad spectrum of tasks, including:
Overseeing all risk management, governance, compliance, and security operation processes within SOCRadar, ensuring the organization's adherence to the highest standards of operational integrity.
Coordinating the Security Operations Center (SOC) team and fostering a collaborative environment that encourages innovative problem-solving and efficient threat management.
Supervising the SOC2 and ISO 27001 processes, ensuring that our operations align with these globally recognized standards for managing customer data.
Conducting regular information security risk analyses, including IT and cybersecurity, to proactively identify potential vulnerabilities and implement effective countermeasures.
Performing internal audits and periodic penetration testing to assess our security infrastructure's robustness and resilience against cyber threats.
Deploying and managing security and IT products such as SentinelOne XDR, Carbon Black, SecFusion, SOCRadar CTI, Microsoft Office365, Azure Cloud AD, Kandji MDM, Google Cloud Platform (GCP), Google Chronicle, and Barracuda enhancing our security capabilities.
Preparing detailed security reports for the board, providing them with insightful data to make informed decisions.
Managing the security and research budget, ensuring optimal allocation of resources to maximize operational efficiency and research output.
Fostering a supportive environment for a community of innovative researchers, enhancing SOCRadar's research capacity, and fostering a culture of innovation.
Developing strategic partnerships and collaborative research initiatives with industry stakeholders, leveraging mutual benefits, and enhancing our research impact.
Disseminating knowledge to society through various outreach initiatives such as collaborative research, seminars, workshops, lectures, and publications. Additionally, facilitating technology transfer through collaborative research, contract work, and the commercialization of intellectual property.
Formulating comprehensive security strategies for Cloud Security, including Azure and Google Cloud, ensuring the secure storage and management of our client's data in the cloud.
As a Data Protection Officer (DPO), I am responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements. My duties include conducting privacy assessments, managing data protection activities, providing advice on data protection impact assessments, training staff involved in data processing, and serving as a point of contact between the company and any Supervisory Authorities that oversee activities related to data. I also work closely with other teams to ensure the protection of company and customer data and to manage and mitigate potential risks and breaches.
As a Business Continuity Manager (BCM), I am responsible for the development, implementation, and maintenance of business continuity and disaster recovery strategies and solutions. This includes conducting business impact analyses, risk assessments, and drills to ensure the organization's preparedness for unforeseen events. I work closely with all departments to ensure continuity plans align with business objectives and regulatory requirements. My role also involves training staff on continuity procedures and leading the response during a crisis, ensuring minimal disruption to business operations and services.
As the Head of IT, I am responsible for overseeing all aspects of the company's information technology infrastructure and use. This includes strategic planning of IT initiatives, managing the IT budget, ensuring data security, and leading a team of IT professionals to meet the organization's technology needs. I work closely with other department heads to identify and implement technology solutions that support business objectives. My role also involves staying abreast of the latest IT trends and advancements to ensure the company's technology remains competitive and secure.
Product Manager
Cyber Scorecard, Istanbul, Turkey – (November 2020 - Present)
At Cyber Scorecard (our new startup project), I have been instrumental in assisting organizations to develop and implement a more effective approach to identifying, analyzing, quantifying, and communicating cyber risk across all operational levels. My role as a Product Manager involves:
Facilitating a comprehensive understanding of cyber risk by helping organizations implement a systematic approach to risk identification, analysis, quantification, and communication. This process ensures that all stakeholders, from the boardroom to the front lines, have a clear understanding of the organization's cyber risk profile.
Analyzing customer feedback to gain insights into user experience, product performance, and areas for improvement. I then communicate these insights to the development team, requesting the necessary enhancements to meet customer needs and expectations.
Expanding our cybersecurity risk standards portfolio beyond NIST CSF, CIS18, and ISO 27001 to include other globally recognized standards such as The Control Objectives for Information and Related Technology (COBIT), The Center for Internet Security (CIS) Controls, the Payment Card Industry Data Security Standard (PCI DSS), SOC2, and SWIFT. This broadened scope ensures our product's applicability across a wider range of industries and regulatory environments.
Innovating user-friendly solutions to enhance the end-user experience. I am committed to creating intuitive, easy-to-use features that simplify complex cybersecurity concepts, making our product accessible to users with varying levels of technical expertise.
Chief Information Security Officer (CISO) and Pentest Team Manager
BGA Security, Istanbul, Turkey – (June 2021 - December 2021)
BGA Security is a leading cybersecurity firm that has been operating since 2008. With an internationally certified technical team of 50 professionals, we extend our services across Turkey, Azerbaijan, and the USA. Our core focus areas include Penetration Tests, Security Audit, Security Operation Center Management (SOME), Security Operations Center (SOC) Consulting, Open Source Cybersecurity Solutions, Big Data Security Analysis, and New Generation Security Solutions.
In my role as the Chief Information Security Officer at BGA Security, my responsibilities and contributions include:
Collaborating closely with top institutions in Turkey, providing them with comprehensive cybersecurity solutions tailored to their specific needs and threat landscapes.
Implementing and managing Threat Intelligence Solutions such as Insight, Recorded Future, SOCRadar, and Digital Shadows. I also played a significant role in the development of SOCRadar, our proprietary Cyber Threat Intelligence Platform (CTIP).
Deploying Endpoint Detection and Response (EDR) and/or Managed Detection and Response (MDR) solutions such as VMware (Carbon Black), FireEye, and SentinelOne, enhancing our clients' ability to detect and respond to cybersecurity threats.
Overseeing Risk Management, Compliance, and Regulatory solutions, including our in-house product, Cyber Scorecard. As a Product Manager, I was instrumental in the development of this tool, which provides a comprehensive overview of an organization's cybersecurity posture.
Implementing Third-Party Risk Management solutions such as BlackKite, helping our clients manage and mitigate risks associated with their vendors and partners.
Managing Vulnerability Detection and Management Solutions, such as Secfusuion, ensuring our clients' systems are secure and free from exploitable vulnerabilities.
Administering Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) solutions, like QRadar and Wazuh, to safeguard our clients' systems against potential threats and ensure they remain impervious to exploitable vulnerabilities
Leading the penetration testing team, conducting comprehensive assessments of our clients' cybersecurity defenses, and identifying potential vulnerabilities. I successfully completed 495 Pentest projects during my position.
Recommending security improvements and corrective actions based on the results of our assessments, ensuring our clients' systems are robust and resilient against cyber threats.
Proposing budgets and other resources necessary for effective information protection, ensuring our clients have the resources they need to maintain a strong cybersecurity posture.
Reporting on the main risks and the implementation of safeguards to top management, ensuring they are informed and able to make data-driven decisions.
Advising top executives on all security matters, providing expert guidance and recommendations to help them navigate the complex landscape of cybersecurity.
SOC Team Manager
DefenseIn, Istanbul, Turkey – (November 2020 – June 2021)
Established in 2017, DefenseIn has made significant contributions to the cybersecurity industry. With a strong commitment to privacy and security, DefenseIn offers a unique perspective on the information security sector through its professional support and specialized services. Our offerings encompass cybersecurity consultancy, security training, and specialized Advanced Persistent Threat (APT) tests.
In my role as the SOC Team Manager at DefenseIn, my responsibilities and contributions include:
Serving as the project manager for a dedicated blue team, responsible for the analysis of log data to identify potential security threats and anomalies. I successfully completed 42 SOC projects during my position.
Conducting comprehensive traffic analysis to monitor network activity and detect any signs of malicious activity or potential breaches.
Executing audits to assess the effectiveness of our security controls and identify areas for improvement.
Performing digital footprint and risk intelligence analysis to understand our exposure on the internet and identify potential risks associated with our digital presence.
Implementing proactive measures to prevent breaches and rectify any uncovered vulnerabilities, ensuring the robustness and resilience of our cybersecurity defenses.
Senior Researcher
TUBITAK BILGEM, Kocaeli, Turkey – (June 2015 - October 2020)
The Scientific and Technological Research Council of Turkey (TUBITAK) is the country's premier agency for managing, funding, and conducting research. With over 5000 researchers across 15 distinct research institutes, TUBITAK conducts contract research, targeted research, and nationwide research.
In my role as a Senior Researcher at TUBITAK BILGEM, my responsibilities and contributions spanned multiple areas:
Serving as the head of European Union (EU) projects for TUBITAK BILGEM, overseeing the planning, execution, and delivery of these projects to ensure they met the objectives and standards set by the EU. While I was head of EU projects, TÜBİTAK alone applied to more than 120 projects with a %80 acceptance rate.
Leading the Cyber Training Unit at the Cyber Security Institute, developing and delivering comprehensive training programs to enhance the cybersecurity skills and knowledge of our staff. With funding from the NATO Science for Peace Program, we trained Azerbaijan, Jordan, Tunisian, and Qatar Armed forces in Cybersecurity.
Conducting research on critical infrastructure within the Cyber Security Institute, focusing on the protection and resilience of systems and networks that are vital to national security and public safety.
Performing the role of a penetration tester at the Cyber Security Institute, conducting comprehensive assessments of our cybersecurity defenses to identify and rectify potential vulnerabilities.
Evaluating projects at the National Common Criteria Lab based on the Common Criteria (CC) standards, ensuring that these projects met the globally recognized standards for IT security products. Additionally, I conducted risk analyses to identify and mitigate potential risks associated with these projects.
National Representative and Researcher
NATO Cooperative Cyber Defence Centre of Excellence (CCD COE), Tallinn, Estonia – (September 2016 - June 2018)
The NATO CCD COE is a renowned knowledge hub, research institution, and training and exercise center based in Tallinn. As an international military organization, it brings together 20 nations to provide a comprehensive view of cyber defense, with expertise spanning technology, strategy, operations, and law. The Centre is known for the Tallinn Manual 2.0 on International Law Applicable to Cyber Operations and organizes the world's largest and most complex international live-fire cyber defense exercise, Locked Shields. Additionally, it manages the International Conference on Cyber Conflict (CyCon), a unique event that brings together key experts and decision-makers from the global cyber defense community.
In my role as a National Representative and Researcher at the NATO CCD COE, my responsibilities and contributions included:
Assisting in the design and execution of the Crossed Swords and Locked Shields cyber defense exercises, contributing to the development of these complex and high-stakes training events.
Actively participating in the Crossed Swords and Locked Shields exercises, serving on the green, red, or white teams to simulate various aspects of cyber defense operations.
Serving as an academic reviewer for CyCon, providing expert analysis and feedback on the conference's content to ensure its relevance and accuracy.
Supporting the delivery of cybersecurity training provided by the NATO CCD COE, contributing to the development of the Centre's training materials and programs.
Conducting research on the cybersecurity of critical infrastructure and Operational Technology (OT) systems as part of NATO projects, contributing to the body of knowledge on these vital aspects of cyber defense.
Head of IT Department
Turkish Petroleum, Ankara, Turkey – (June 2013 - June 2015)
Turkish Petroleum is the national oil company of Turkey, with a registered capital of 3 billion Turkish Lira. The company's primary operations encompass Exploration, Drilling, Production and Well Completion, Natural Gas Storage, and participation in Oil and Natural Gas Pipeline Projects.
In my role as the Head of the IT Department at Turkish Petroleum, my responsibilities and contributions included:
Planning, organizing, directing, controlling, and evaluating the operations of information systems and electronic data processing (EDP), ensuring the efficient and effective use of IT resources.
Developing and implementing policies and procedures for electronic data processing and computer systems operations and development, establishing standards and guidelines for IT operations.
Conducting meetings with managers to discuss system requirements, specifications, costs, and timelines, ensuring alignment between IT operations and business objectives.
Managing a team of information systems personnel and contractors to design, develop, implement, operate, and administer computer and telecommunications software, networks, and information systems.
Overseeing the computer systems budgets and expenditures, ensuring the cost-effective allocation of IT resources and the financial sustainability of IT operations.
IT Consultant
Solaris Investment Inc., New York, United States – (April 2010 - March 2013)
Solaris Investment Inc., located in New York City, is a dynamic firm with over 50 employees and multiple branches across the city. The company specializes in investment business strategies for the stock exchange.
As an IT Consultant at Solaris Investment Inc., my responsibilities and contributions included:
Collaborating with the IT team to develop the company's internal, cloud-based website using Joomla, an open-source content management system. This platform allowed all staff members to access relevant content, such as notes, files, notifications, duty lists, and calendars, online from any location. This system significantly improved coordination, productivity, and secure communication among employees, administrators, and various departments within the company.
Establishing a highly secure network web between branches and departments using Juniper and Cisco network security tools, such as Juniper SRX 100 and Cisco VOIP. This ensured the secure and efficient exchange of information across the organization.
Enhancing the Search Engine Optimization (SEO) for the company's website using tools like the Open Directory Project, Google WebMaster, and Google Analytics. This improved the visibility and accessibility of the company's website, attracting more visitors and potential clients.
Successfully coordinating, supervising, and completing several capital projects ahead of schedule and within budget, demonstrating my project management skills and commitment to efficiency and cost-effectiveness.
Academic Education
Tallinn University of
Technology
Tallinn, Estonia
Technology
Tallinn, Estonia
12/01/2017 - Current
Ph.D. in
INFORMATION and COMMUNICATION TECHNOLOGY
Level in EQF: EQF Level 8
New York Institute of Technology
New York, United States
New York, United States
09/09/2010 – 04/07/2012
MASTER of SCIENCE (MS)
in
ELECTRICAL and COMPUTER ENGINEERING (ECE)
Level in EQF: EQF Level 7
New York Institute of Technology
New York, United States
New York, United States
02/01/2007 – 01/06/2010 BACHELOR of SCIENCE (BS)
in
ELECTRICAL and COMPUTER ENGINEERING (ECE)
Level in EQF: EQF Level 6
Professional Certifications
CCISO (Certified Chief Information Security Officer)
Executive-level certification that validates knowledge and experience in information security management.
Demonstrates an understanding of risk management, governance, and strategic planning.
Covers the five domains of information security leadership: Governance, Security Risk Management, Security Program Management & Operations, Information Security Core Competencies, and Strategic Planning, Finance, & Vendor Management.
CRTP (Certified Red Team Professional)
Certification focused on advanced penetration testing and red teaming techniques.
Demonstrates the ability to perform high-level security assessments and simulate advanced persistent threats (APTs).
Covers advanced topics such as Active Directory exploitation, lateral movement, and persistence.
eWPTX (eLearnSecurity Web application Penetration Tester eXtreme)
Advanced-level certification focused on web application security testing.
Demonstrates proficiency in identifying and exploiting vulnerabilities in web applications.
Covers advanced topics such as source code auditing and web application firewall bypassing.
eCTHP (eLearnSecurity Certified Threat Hunting Professional)
Certification that validates the ability to proactively hunt and mitigate threats.
Demonstrates understanding of threat hunting strategies and tactics.
Covers knowledge of threat intelligence, threat hunting tools, and incident response procedures.
CEH (Certified Ethical Hacker)
Certification that validates the ability to think and act like a hacker in a legal and ethical manner.
Demonstrates an understanding of hacking techniques, tools, and methodologies.
Covers topics such as intrusion detection, policy creation, social engineering, DDoS attacks, buffer overflows, and virus creation.
CTIA (Certified Threat Intelligence Analyst)
Certification that validates the ability to effectively analyze and manage threat intelligence.
Demonstrates an understanding of various types of threat intelligence and how to apply them in real-world scenarios.
Covers topics such as data collection and processing, intelligence analysis and reporting, and strategic, operational, and tactical threat intelligence.
CND (Certified Network Defender)
Certification that validates the ability to protect, detect, and respond to network attacks.
Demonstrates an understanding of defensive measures for protecting a network and incident response.
Covers topics such as network security controls, protocols, and devices, as well as intrusion detection and prevention.
CCSE (Certified Cloud Security Engineer)
Certification that validates comprehensive knowledge of cloud security.
Demonstrates an understanding of cloud architecture and design, data security, and operations.
Covers topics such as cloud computing concepts, cloud security challenges, and security controls for cloud services.
CSA (Certified SOC Analyst)
Validated expertise in analyzing security incidents and operating Security Operations Centers (SOCs).
Demonstrated proficiency in incident detection, response, and mitigation strategies.
Proficient in using security tools and technologies to identify and investigate threats.
Knowledgeable about log management, threat intelligence, and security incident management.
Equipped with skills to assess and improve the security posture of an organization.
Trained in implementing security controls and ensuring compliance with industry regulations.
CES (Certified Encryption Specialist)
Certified in the field of encryption and data protection.
Proficient in various encryption algorithms and techniques.
Skilled in securing data in transit and at rest.
Knowledgeable about cryptographic protocols and their implementation.
Experienced in selecting and implementing appropriate encryption solutions for different scenarios.
Familiar with compliance requirements related to encryption and data privacy.
Capable of identifying vulnerabilities and recommending encryption best practices.
Able to assess and enhance an organization's data protection strategies.
CEI (Certified EC-Council Instructor)
Certification that validates the ability to effectively teach EC-Council courses.
Demonstrates an understanding of EC-Council course content and teaching methodologies.
Covers topics such as course delivery, student engagement, and classroom management.
DRP (Disaster Recovery Professional)
Certification that validates the ability to plan for and respond to disaster situations.
Demonstrates an understanding of business continuity and disaster recovery principles.
Covers topics such as disaster recovery planning, risk identification, and business impact analysis.
ISO 27001 LA (ISO 27001 Lead Auditor)
Certification that validates the ability to conduct full audits of an organization's Information Security Management System (ISMS).
Demonstrates an understanding of ISO 27001 standards and principles of auditing.
Covers topics such as audit preparation, conducting audits, and audit reporting.