Ahmet Emre ParmaksızSoftware & Security Engineer
Computer engineering student working at the intersection of software and security, with a systems perspective shaped by failure and visibility.
- TypeScript
- Next.js
- Python
I come from a software development background, but increasingly approach systems from a security and reliability perspective. I care about how software behaves under stress, misuse, or failure, not just when everything goes as planned.
- Editor: Neovim
- OS: Linux / macOS
- Shell: Zsh
- Workflow: Keyboard-first
I try to understand how a system is meant to work before analyzing how it breaks. I move between building features and analyzing signals, logs, and behavior across the system lifecycle.
I am drawn to architectures that are observable and explainable, with clear boundaries, predictable behavior, and the ability to reason about what is happening inside the system.
Cyber Security Analyst
Dec 2024 — PresentWorking in a 24/7 SOC environment, focused on investigating and triaging security alerts using SIEM and EDR platforms. Daily work involves analyzing logs across network, endpoint, and identity layers to understand whether observed behavior represents real threats or operational anomalies.
This role provides direct exposure to how attacks, misconfigurations, and failures actually surface in production systems; shaping a more realistic understanding of system reliability and visibility.
Mobile / Backend Developer
Apr 2023 — Aug 2024Contributed to a production mobile application as part of a distributed team, working remotely with a Berlin-based company. Responsibilities spanned mobile development with React Native, backend services with Node.js, and integration with cloud infrastructure.
This experience built a strong foundation in shipping software used by real users, understanding operational trade-offs, and maintaining systems over time rather than treating development as one-off delivery.
HIDS — Host Intrusion Detection Dashboard
Traditional security monitoring tools often miss low-and-slow or host-level anomalies hidden inside large volumes of logs and metrics. Investigating such incidents usually requires manual correlation across multiple data sources.
Designed and implemented a host-based intrusion detection system that continuously collects system metrics and logs, builds micro-behavioral baselines, and flags deviations for investigation. Focused on clarity of signals, explainable detections, and operational usability rather than black-box scoring.
Centralis — Backend & Monitoring Services
Growing backend systems required a centralized way to observe service behavior, track system health, and manage operational events without introducing tight coupling or excessive complexity.
Built modular backend services with clear domain boundaries, emphasizing observability, predictable data flow, and failure isolation. Applied system-first design principles to ensure services remain understandable, debuggable, and resilient as complexity grows.