🔒 Stealth Profile: This professional is browsing anonymously. Personal contacts, photo, and company names are hidden.Skill Assessments

This user has not passed any tests yet

Languages  English - Advanced   Turkish - Native or Bilingual

*  ReportPeople also viewed
[![HUSEYIN PELEK](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/07/avatar_69914_1783658358.jpg) HUSEYIN PELEK Network Security Specialist](https://jobicy.com/u/pelek.md)
*  [![Hyginus Obi](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/07/avatar_70039_1783788528.jpg) Hyginus Obi Cybersecurity Engineer | Cloud Security | Security Operations | Vulnerability Management & Incident](https://jobicy.com/u/id70039.md)
*  [![Wuinnie Tokpa](https://jobicy.com/data/server-nyc0409/galaxy/mercury/2026/07/avatar_69963_1783701399.jpg) Wuinnie Tokpa Entry-level Cybersecurity Candidate](https://jobicy.com/u/id69963.md)

[All talent ↗](https://jobicy.com/talent.md)
* [Overview](#overview)
* [Portfolio](#portfolio)

## About Me

I am an application security engineer and independent vulnerability researcher focused on finding and fixing real-world security issues across web applications, APIs, mobile apps, and developer tooling.

My work includes source-code review, authorization testing, SSRF analysis, cross-tenant isolation research, and low-level exploitation. I have reported multiple vulnerabilities that resulted in assigned CVEs and published GitHub Security Advisories.

I have also resolved security reports through major vendor programs, including Amazon and AWS, and I enjoy turning offensive findings into practical remediation guidance for engineering teams.

In addition to research, I build secure systems. I founded and lead engineering work for ELORA ONE, where I designed and deployed authenticated MCP infrastructure with strict argument validation, scope allow-listing, and audit logging.

My background combines security research with product engineering, so I am comfortable working across architecture, backend implementation, deployment, and operational troubleshooting. I care about building systems that are secure by design rather than secure by patching alone.

I am available for full-time remote work and open to international contractor opportunities, especially in application security, product security, and security engineering roles.

## Skills

### [Python](https://jobicy.com/talent/python.md)[Kubernetes](https://jobicy.com/talent/kubernetes.md)[Linux](https://jobicy.com/talent/linux.md)[Distributed Systems](https://jobicy.com/talent/distributed-systems.md)[BASH](https://jobicy.com/talent/bash.md)[SIEM](https://jobicy.com/talent/siem.md)[Application Security](https://jobicy.com/talent/application-security.md)[API Design](https://jobicy.com/talent/api-design.md)[Threat Modeling](https://jobicy.com/talent/threat-modeling.md)[Web Security](https://jobicy.com/talent/web-security.md)[SOAR](https://jobicy.com/talent/soar.md)[API Security](https://jobicy.com/talent/api-security.md)[Product Security](https://jobicy.com/talent/product-security.md)[Mobile Security](https://jobicy.com/talent/mobile-security.md)[Assembly](https://jobicy.com/talent/assembly.md)[MQTT](https://jobicy.com/talent/mqtt.md)[Vulnerability Research](https://jobicy.com/talent/vulnerability-research.md)[Modbus](https://jobicy.com/talent/modbus.md)[C](https://jobicy.com/talent/c.md)[CVSS](https://jobicy.com/talent/cvss.md)[Source Code Review](https://jobicy.com/talent/source-code-review.md)[Exploit Development](https://jobicy.com/talent/exploit-development.md)[MITRE ATTCK](https://jobicy.com/talent/mitre-attck.md)[DNP3](https://jobicy.com/talent/dnp3.md)

## Experience

Independent Security Researcher @ S0$#WS0  Present Conduct vulnerability research across web applications, APIs, mobile applications, open-source developer tooling, and low-level platform components. Produce reproducible proof-of-concept artifacts, root-cause analysis, exploitability assessments, CWE mapping, and remediation guidance for vendor security teams. Research platforms and programs include HackerOne, Bugcrowd, YesWeHack, Amazon VRP, AWS VDP, Vercel Open Source, and Apple Security Bounty.

Founder & Lead Engineer @ S0$#WS0  Jan 2025 - Present Designed and deployed production MCP server infrastructure with bearer-token authentication, strict argument whitelisting, scope allow-listing, and complete audit logging. Owned architecture, backend implementation, security hardening, deployment, and operational troubleshooting for LLM-driven automation systems. Applied threat-informed engineering practices to APIs, integrations, remote-access paths, and multi-client agent tooling.

## Education

S0$#WS0$#W  2027  B.Sc., Electrical & Electronics Engineering

Expected graduation in 2027. Available for full-time remote work.

Portfolio not available.

Services not available.