Mehmet Eren Buyru - Cybersecurity Executive & CISO

Skills

IT Risk Management Expert

Penetration Testing Expert

Computer Networking Expert

Information Technology Expert

Cybersecurity Expert

Cloud Computing Intermediate

Secure DevOps Controls Advanced

DevOps Processes Intermediate

Work Experience

May 2023 – Present

Cyber Security, Executive (CISO)

Edenred Turkey

Own enterprise security strategy and execution roadmap aligned to business priorities, risk appetite, and regulatory expectations.
Lead vulnerability, incident readiness, and security operations governance with clear KPIs, reporting, and continuous improvement.
Partner with engineering and product teams to embed DevSecOps controls (secure SDLC, CI/CD guardrails, cloud hardening) and reduce delivery risk.

Sep 2022 – Apr 2023

IT Advisory, Senior Manager

KPMG Turkey

Directed multi-client cybersecurity and GRC engagements, translating complex risks into executive decisions and actionable plans.
Led ISO 27001 / ITGC / SOX-oriented programs, strengthening governance, evidence readiness, and audit outcomes.
Mentored teams, improved delivery quality, and established repeatable assessment methods across sectors and environments.

Jun 2021 – Sep 2022

IT Advisory, Manager

KPMG Turkey

Managed security assessments and transformation workstreams across cloud, infrastructure, and application domains.
Built pragmatic remediation roadmaps and supported stakeholders through implementation and validation cycles.
Delivered board/executive-ready reporting with clear prioritization, residual risk, and measurable progress.

Education

2015 - 2016

Mobile Computing and Communication Networks - Post Grad

University of Leeds

United Kingdom, Leeds

2010 - 2015

Computer Engineering - B.E.

Istanbul Bilgi University

Turkey, Istanbul

Certificates & Trainings

Technical Certificates

ITIL Foundation

CompTIA Security+ (Sec+)

ISO/IEC 27001 LA

ISO/IEC 22301 LA

UIPath Certified RPA Developer

TSI Certified Senior Pentest Professional
(TSE Kıdemli Sertifikalı Sızma Testi Uzmanı)

SAS Enterprise Guide 1

Adobe Photoshop and Dreamviewer Certificate

Microsoft Office Products

Presidency of the Republic of Turkey
Digital Transformation Office Certified Auditor
(CB DDO Denetçisi)

Language Certificates

IELTS certificate

Goethe Institute German Language Certificate (A2)

Trainings

Certified Ethical Hacker(CEH) v11 Training

UiPath Academy Trainings - Certified (2018)

Advanced Infrastructure Hacking - BlackHat EU17

LSE Summer School – Global Young Leaders (2007)

SuperCamp Turkey ITU (2009)

Arduino Programming

Computer Programming

Projects Contributed

Cybersecurity Operations Management & DEVSECOPS Coordination for Turkey BU

In my current role at Edenred, I oversee the cybersecurity operations for the Turkey Business Unit (BU), ensuring the security of the organization's key assets and infrastructure. I lead initiatives to safeguard sensitive data and enhance the security architecture, while also driving cross-functional collaboration with different departments.

Additionally, I am responsible for coordinating the integration of DEVSECOPS practices into the development pipeline, fostering a culture of continuous security, and empowering development teams to proactively identify and mitigate security risks at every stage of the software lifecycle.

Penetration Testing Projects

Planned, scheduled, and completed penetration testing and vulnerability assessment projects for many sector-leading firms. Also, assisted KPMG Turkey with cybersecurity hardening and assessments.

WAF and Load Balancer Configuration and Management on Cloudflare and F5 (Silverline & XC) Platforms

Configured and managed Web Application Firewalls (WAF) and load balancers on the several platforms to enhance security and optimize performance for client websites.

Kubernetes Security Controls Checklist Preparation and Implementation

Prepared and implemented security control checklists for Azure Kubernetes environments, following best practices to secure containerized applications and services.

Robotic Process Automation (RPA) Implementation

Supported multiple RPA transformation initiatives end-to-end, from process discovery and control design to bot deployment and operational handover, improving throughput and reducing manual error.

ISO/IEC 27001 (ISMS) Programs

Led ISO/IEC 27001 programs by defining scope, running risk assessments, building control roadmaps, and preparing audit-ready evidence. Identified gaps, prioritized remediation, and strengthened governance to improve measurable compliance outcomes.

SOX (Sarbanes–Oxley) IT Controls & ICOFR

Delivered SOX ITGC and application control assessments, testing design and operating effectiveness for ICOFR. Documented findings, aligned stakeholders on risk acceptance/remediation, and improved control maturity across access, change, and operations domains.

ITGC, COBIT & Regulatory Compliance Programs

Led IT General Controls and governance programs (COBIT-aligned), including SPK-related compliance engagements. Standardized control libraries, improved evidence collection, and established repeatable audit processes across identity, change, and IT operations.

IT Internal Audits & Control Assurance

Executed risk-based IT internal audits covering security, availability, and compliance. Produced actionable reports, validated remediation, and helped teams raise control effectiveness and operational resilience.

Business Process Analysis & Digitalization

Mapped and redesigned end-to-end business processes to remove bottlenecks, define control points, and enable digital workflows. Improved cycle times through standardization, automation opportunities, and clear ownership models.

Vehicle Crash Avoidance Prototype (Arduino)

Built an Arduino-based crash avoidance prototype on an R/C car, combining sensing and control logic to detect hazards and trigger avoidance behaviors (e.g., automated lane-change). Evaluated improvements against baseline approaches.

SDN-Based Network Congestion Control (University of Leeds)

Researched congestion control strategies and developed an SDN-based model to reduce congestion in cloud/data-center environments. Tested routing and policy behaviors in SDN simulators and analyzed performance trade-offs.

iOS Game Development (Swift) – University of Leeds

Developed an iOS game in Swift, applying core game-loop concepts, UI design, and iOS tooling to ship a playable prototype with iterative improvements.

Healthcare Network Infrastructure Design & Deployment

Designed and delivered a network infrastructure plan for a healthcare organization, covering topology, segmentation, and operational readiness. Improved reliability and scalability to support business growth.

KVKK (Turkey Data Protection) Compliance Programs

Supported KVKK compliance by mapping data flows, identifying processing risks, and aligning policies and controls with legal requirements. Improved readiness through documentation, DPIA-style assessments, and practical remediation plans.

Industry Experience

Delivered security and technology programs across Automotive, FMCG, Manufacturing, Healthcare, Pharmaceuticals, Education, Finance/Banking, Energy, and Cryptocurrency Exchange environments.

Contact

Address
Istanbul, Turkey

Email
[email protected]

Download PDF CV

Skills

Work Experience

Cyber Security, Executive (CISO)

Edenred Turkey

IT Advisory, Senior Manager

KPMG Turkey

IT Advisory, Manager

KPMG Turkey

Information Security, Cyber Security Senior Specialist (Red Team Leader)

BTCTrader (BtcTurk)

IT Advisory, Senior Consultant

KPMG Turkey

IT Advisory, Consultant

KPMG Turkey

IT Advisory, Analyst

KPMG Turkey

IT Internship

Comodo Inc.

Telecommunication Support Department

ProTim İletişim

IT Internship

Hisar School

Education

Mobile Computing and Communication Networks - Post Grad

University of Leeds

Computer Engineering - B.E.

Istanbul Bilgi University

Certificates & Trainings

Technical Certificates

Language Certificates

Trainings

Projects Contributed

Cybersecurity Operations Management & DEVSECOPS Coordination for Turkey BU

Penetration Testing Projects

WAF and Load Balancer Configuration and Management on Cloudflare and F5 (Silverline & XC) Platforms

Kubernetes Security Controls Checklist Preparation and Implementation

Robotic Process Automation (RPA) Implementation

ISO/IEC 27001 (ISMS) Programs

SOX (Sarbanes–Oxley) IT Controls & ICOFR

ITGC, COBIT & Regulatory Compliance Programs

IT Internal Audits & Control Assurance

Business Process Analysis & Digitalization

Vehicle Crash Avoidance Prototype (Arduino)

SDN-Based Network Congestion Control (University of Leeds)

iOS Game Development (Swift) – University of Leeds

Healthcare Network Infrastructure Design & Deployment

KVKK (Turkey Data Protection) Compliance Programs

Industry Experience

Contact