Ahmet Emre ParmaksızSoftware & Security Engineer
Computer engineering student working at the intersection of software and security, with a systems perspective shaped by failure and visibility.
- TypeScript
- Next.js
- Python
I come from a software development background, but increasingly approach systems from a security and reliability perspective. I care about how software behaves under stress, misuse, or failure, not just when everything goes as planned.
- Editor: Neovim
- OS: Linux / macOS
- Shell: Zsh
- Workflow: Keyboard-first
I try to understand how a system is meant to work before analyzing how it breaks. I move between building features and analyzing signals, logs, and behavior across the system lifecycle.
I am drawn to architectures that are observable and explainable, with clear boundaries, predictable behavior, and the ability to reason about what is happening inside the system.
Cyber Security Analyst
Dec 2024 — PresentWorking in a 24/7 SOC environment, focused on investigating and triaging security alerts using SIEM and EDR platforms. Daily work involves analyzing logs across network, endpoint, and identity layers to understand whether observed behavior represents real threats or operational anomalies.
This role provides direct exposure to how attacks, misconfigurations, and failures actually surface in production systems; shaping a more realistic understanding of system reliability and visibility.
Mobile / Backend Developer
Apr 2023 — Aug 2024Contributed to a production mobile application as part of a distributed team, working remotely with a Berlin-based company. Responsibilities spanned mobile development with React Native, backend services with Node.js, and integration with cloud infrastructure.
This experience built a strong foundation in shipping software used by real users, understanding operational trade-offs, and maintaining systems over time rather than treating development as one-off delivery.
Aegis Node — Hardened WireGuard Control Plane
An agentless WireGuard infrastructure project that provisions a hardened Ubuntu VPS, exposes a VPN-only FastAPI control plane, and adds practical peer management and monitoring through reproducible Ansible workflows.
Personal and small-team VPN deployments are often easy to bootstrap but difficult to operate safely over time. Provisioning drifts, management surfaces are exposed too broadly, peer rotation stays manual, and day-two visibility is usually thin.
Built a production-minded gateway with clear separation between the encrypted data plane and a private management plane. Ansible handles the hardened server baseline, while a token-protected FastAPI service bound to the VPN interface powers peer provisioning, health checks, traffic inspection, and SSH activity monitoring.
Owned the project end to end: infrastructure design, Ansible provisioning, API development, dashboard implementation, and the security model around access control, DNS handling, firewall policy, and peer lifecycle management.
- Turned a fresh Ubuntu VPS into a reproducible hardened VPN gateway with a single playbook.
- Designed a VPN-only control plane to keep administrative capabilities off the public internet.
- Automated peer onboarding with key generation, IP allocation, config generation, and QR export.
- Added operational visibility for service health, WireGuard activity, peer traffic, and SSH events.