About Me

Muhammed Hüseyin Karazeybek is a Lead Cyber Security Consultant specializing in Application Security and Penetration Testing, with nearly 6 years of hands-on experience across banking, fintech and other regulated industries. He leads a 10-person dedicated cybersecurity team for a global bank within RSU Consultancy, overseeing approximately 1,500 application security and penetration testing engagements per year.

In his current role, Hüseyin drives end-to-end AppSec programs: web, mobile and API penetration testing, vulnerability analysis and management, open banking security assessments, penetration testing architecture design and security consultancy. He aligns the bank's security assessments with leading standards and frameworks, including OWASP, PTES/OSSTMM, NIST SP 800-115, MITRE ATT&CK, TIBER-EU, BDDK and PCI DSS.

On the SSDLC side, Hüseyin leads SAST, DAST and secure development initiatives, partnering closely with development teams to embed security from the earliest stages of the software lifecycle. He also delivers quarterly secure coding trainings to 300+ developers, translating real-world findings into practical engineering guidance.

Beyond consulting work, Hüseyin builds AI-driven tooling for AppSec testing and IncidentOps workflows, combining Python-based ML development with LLM integration. He is a Certified AI/ML Pentester (C-AI/MLPen), Certified AppSec Practitioner (CAP), eWPTXv2 (Certified AppSec Pentesting Expert), API Security Architect, and Microsoft Certified Software Developer (MCSD).

Hüseyin is also an active speaker and instructor at universities, technical communities and industry events — including GDG Bursa DevFest, GDG Hackathons, the Siber Vatan & Türkiye Siber Güvenlik Kümelenmesi Bootcamp 2025 and the HSD YouTube channel. He co-founded the AI and Cybersecurity communities at Bursa Uludağ University, where he continues to mentor student teams working on AI and security projects.

What I'm Doing

  • Application Security icon

    Application Security

    End-to-end AppSec programs across banking and fintech: SSDLC integration, SAST, DAST, SCA and IAST tooling, secure coding standards, and vulnerability management aligned with OWASP, NIST and BDDK.

  • Penetration Testing icon

    Web, Mobile & API Pentesting

    Manual and automated penetration testing for web, mobile and API applications, including open banking flows. Designing pentest architectures and producing clear, remediation-focused reports for both technical and management stakeholders.

  • AI & LLM Security icon

    AI & LLM Security

    Python-based ML development and LLM integration, building AI-driven tools for AppSec testing and IncidentOps workflows. Certified AI/ML Pentester (C-AI/MLPen) with applied research on securing ML systems and LLM-powered applications.

  • Consultancy & Training icon

    Consultancy & Training

    Security consultancy for banking and open banking projects, plus quarterly secure coding trainings for 300+ developers. Speaker and instructor at GDG Bursa, Siber Vatan Bootcamp, HSD and various university communities on AI & cybersecurity.

dialog profile avatar

Resume

Certification

  1. Certified AI/ML Pentester (C-AI/MLPen) @ The SecOps Group

    Oct 2024 //Online

  2. Certified AppSec Practitioner (CAP) @ The SecOps Group

    Sep 2024 //Online

  3. Certified AppSec Pentesting eXpert (eWPTXv2) @ eLearnSecurity / INE Security

    Mar 2022 //Online

  4. API Security Architect @ API Academy

    Feb 2023 // Online

  5. Microsoft Certified Software Developer (MCSD)@ Microsoft

    Oct 2018 // Online

    Education

    1. M.Sc. in Computer Engineering @ Bursa Uludağ University

      Aug 2023 – Jun 2025 // Bursa, Turkey

      Specialization in Cybersecurity and Artificial Intelligence.

      • B.Sc. in Computer Engineering @ Bursa Uludağ University

        Aug 2017 – Nov 2021 // Bursa, Turkey

        GPA 3.06/4.0. Developed numerous software and security projects concurrently with academic studies.

        Experience

        1. Lead Cyber Security Consultant @ RSU Bilişim ve Danışmanlık Hizmetleri A.Ş.

          Mar 2024 – Present // Istanbul, Turkey

          • Lead a 10-person dedicated cybersecurity team for a global bank, coordinating approximately 1,500 application security, penetration testing and security consultancy engagements per year.
          • Deliver projects on web, mobile and API security, including vulnerability analysis and management and open banking security assessments.
          • Drive SSDLC-focused application security initiatives such as SAST and collaboration with development teams on secure coding practices.
          • Align security assessments with standards and frameworks such as OWASP, PTES/OSSTMM, NIST SP 800-115, MITRE ATT&CK, TIBER-EU, BDDK and PCI DSS.
          • Deliver quarterly secure coding trainings to 300+ developers and design penetration testing architectures for new and existing systems.

        2. Cyber Security Consultant @ RSU Bilişim ve Danışmanlık Hizmetleri A.Ş.

          Jul 2022 – Mar 2024 // Istanbul, Turkey

          • Provided application security consultancy on banking and open banking projects, focusing on web, mobile and API security.
          • Performed web, mobile and API penetration tests and vulnerability analysis, delivering clear findings and remediation guidance to development and management teams.
          • Supported SSDLC and SAST/DAST activities by delivering secure coding trainings to 300+ developers and collaborating with development teams on remediation.

        3. Application Penetration Tester @ BGA Bilgi Güvenliği A.Ş.

          Jan 2022 – Jul 2022 // Istanbul, Turkey

          • Conducted manual and automated penetration tests on web and API applications for clients across various industries, identifying, validating and documenting security vulnerabilities.
          • Communicated assessment results and remediation guidance to technical and managerial stakeholders and supported remediation activities.

        4. Jr. Penetration Test Specialist @ BGA Bilgi Güvenliği A.Ş.

          Jan 2021 – Jan 2022 // Istanbul, Turkey

          • Supported senior specialists on web and mobile application penetration testing projects, using automated tools and manual verification for vulnerability analysis.
          • Independently executed penetration tests on selected web applications and contributed to reporting and explaining findings to client teams.

        5. Software Development Project Student @ TOFAŞ Türk Otomobil Fabrikası A.Ş.

          Nov 2020 – May 2021 // Bursa, Turkey

          • Participated in a joint Uludağ University–TOFAŞ software development project.
          • Developed web applications using Java Spring Boot, .NET Core and Angular within a microservices-based architecture.

        6. Freelance Software Developer @ Freelance

          Jul 2018 – Jul 2020 // Remote

          • Developed web applications and REST APIs for various clients using ASP.NET Core/MVC with EF Core (Code First) and MySQL/SQL Server.
          • Built mobile applications with Flutter and Kotlin, integrating backends and cloud services such as Firebase.

        Leadership & Community

        1. Present

        2. Co-Founder & President @ Bursa Uludağ University AI Community

          Jan 2022 – Present

          • Provide mentorship and guidance to student project teams working on AI and cybersecurity, including system architecture and security design.

        3. Instructor @ Red Hat

          Oct 2021 – Present

          • Deliver technical trainings and workshops for students and early-career professionals.
        4. 2019 - 2023

        5. Co-Founder @ Bursa Uludağ University Cybersecurity Community

          Nov 2022 – Jun 2023

          • Co-founded a student cybersecurity community and helped organize hands-on workshops and events focused on practical security skills.

        6. Team Lead Coordinator @ IEEE BUÜ MERGEN Autonomous Vehicle Team

          Nov 2020 – Sep 2021

          • Coordinated cross-functional student teams and oversaw system architecture and cybersecurity aspects of the autonomous vehicle platform.

        7. Software Team Lead @ IEEE BUÜ MERGEN Autonomous Vehicle Team

          Mar 2020 – Jul 2020

          • Led the design and implementation of core software components, with a focus on architecture, reliability and security of the autonomous vehicle systems.

        8. Computer Science Instructor @ IEEE Turkey Student Branches

          Dec 2019

          • Delivered introductory computer science and programming sessions for students.

        Speaking & Instructional Experience

        1. Instructor @ Siber Vatan & Türkiye Siber Güvenlik Kümelenmesi Bootcamp 2025

          2025

        2. Speaker @ HSD YouTube Channel — Cybersecurity Talks

          2024

        3. Instructor — Secure Code Development With AI @ GDG Bursa (Google Developers Group) Workshop

          2024

        4. Industry Guest Speaker — Cybersecurity Expertise @ Turhan Tayan Anadolu Lisesi Career Days

          2024

        5. Instructor — Secure Code Development With AI @ Bursa Uludağ University AI Community Workshop

          2024

        6. Speaker — Chaos in Code: AI & Cybersecurity @ GDG Bursa DevFest'24

          2024

        7. Instructor — AI and Security @ GDG Bursa Hackathon

          2024

        Tech Stack & Skills

        Security & AppSec

        • # Application Security Testing
        • # SAST
        • # DAST
        • # SCA
        • # IAST
        • # Web Pentesting
        • # Mobile Pentesting
        • # API Pentesting
        • # Vulnerability Management
        • # SSDLC
        • # Secure Coding
        • # DevSecOps

        Security Standards & Frameworks

        • # OWASP
        • # PTES
        • # OSSTMM
        • # NIST SP 800-115
        • # MITRE ATT&CK
        • # TIBER-EU
        • # BDDK
        • # PCI DSS

        AI & Security

        • # Python ML Development
        • # LLM Integration
        • # AI-Driven AppSec Tooling
        • # IncidentOps Workflows
        • # AI/ML Pentesting

        Programming & Frameworks

        • # C# (.NET / ASP.NET Core, MVC)
        • # Java (Spring Boot)
        • # Python
        • # JavaScript / TypeScript
        • # Node.js
        • # Angular

        Containerization

        • # Docker
        • # Kubernetes
        • # Linux

        Contact