Oğulcan Doğan

PurpleBox, Inc. | Atlanta, GA, USA (Remote & Onsite)

• Designed and implemented secure CI/CD pipelines using Jenkins, Docker, and Kubernetes.
• Led AWS cloud security initiatives for serverless architectures (Lambda, EKS, API Gateway, DynamoDB etc.) ensuring compliance with the AWS Well-Architected Framework.
• Performed detailed architecture assessments focusing on IAM policies, data encryption, security logging, and monitoring.
• Automated Infrastructure-as-Code (IaC) security scanning using Snyk and Checkov.
• Conducted API and application penetration testing using OWASP ZAP, Burp Suite, SonarQube, and Qualys, ensuring remediation of identified vulnerabilities.
• Implemented real-time threat detection and monitoring solutions using AWS CloudWatch and CloudTrail.
• Optimized Qualys-to-Jira data flows via REST APIs and implemented automated security ticket integration using an open-source connector.
• Managed Azure cloud operations and Microsoft 365 security, administering Azure AD and Microsoft Security Center policies.

HackerOne | Remote

• Reported vulnerabilities in web and mobile applications through the HackerOne platform.
• Identified and documented critical issues such as SQL Injection, XSS, CSRF, and IDOR.
• Submitted detailed Proof-of-Concepts (PoCs) and remediation suggestions to program owners following OWASP Top 10 and NIST standards.

Led the avionics team to design, test, and deploy critical flight computer telemetry and safety systems for a high-altitude rocket deployment, securing first place nationally.

Directed avionics software and hardware operations, successfully managing mid-flight communication architecture and critical recovery system logs.

GPA: 3.35 | Honors: First place in the faculty; Honor student.
Relevant Coursework: Cloud Security, Web Programming, Linux Systems, Cybersecurity Fundamentals.