Mehtap Erdoğan Koçak
“Say ‘yes’ to diverse projects that stretch your skills and expand your perspective; growth happens when you step outside your comfort zone.”
Mehtap Erdoğan Koçak is a computer engineer with an MBA and more than 20 years of cybersecurity experience across technical, strategic, and leadership roles. She holds certifications that includes Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), GIAC Certified Detection Analysis (SANS GCDA), and Control Objectives for Information and Related Technologies (COBIT), among others. Her career spans hands-on experience across security domains, leading Identity and Access Management (IAM) and Security Operations Center (SOC) teams on major national and organizational projects, and serving as Chief Information Security Officer (CISO) and cybersecurity consultant for European Union (EU) institutions. Passionate about giving back, Mehtap also mentors aspiring professionals through programs like the Institute for Future Research, Global Engineer Girls of Türkiye, and Science Virus.
What is one skill, interest or talent of yours that makes you great at your job?
I’m really great at planning and thinking ahead, anticipating problems and their complexities in order to best solve them.
What is the best piece of unconventional career advice you’ve gotten?
Don’t be afraid to reach out to other people when you need help.
What is your proudest moment working in the cybersecurity industry?
My proudest moment was during the first COVID-19 lockdown, when my team and I enabled 3,000 people to work remotely and securely in just two days. We rapidly deployed cybersecurity tools to help ensure everyone could stay safe at home, while keeping the organization running smoothly during a critical time.
When did you become interested in pursuing a career in cyber and what prompted it?
After my very first engagement on IAM, I was amazed by the idea of helping processes work securely.
What are the top 3 things you would tell people hoping to enter the cybersecurity industry?
- Build strong technical skills.
- Say “yes” to diverse projects that stretch your skills and expand your perspective; growth happens when you step outside your comfort zone.
- Understand people’s and organizations’ needs first, then add cybersecurity.
What are some misconceptions people might have about the cybersecurity industry and what can we do to change these misconceptions?
The perception that “cybersecurity isn’t for me, it’s too technical and only for technical experts” is a barrier we must address. The key is to start by listening, understanding people’s goals, challenges, and needs, and then demonstrating how cybersecurity can help meet those needs.
Do you feel like you’re contributing to helping keep our world secure and can you share why that matters to you?
Yes, technology must serve everyone effectively. I see cybersecurity as a fundamental pillar of accountability and justice in the digital age.
What positive change do you think will take place as we bring the next generation into the cybersecurity industry?
For the next generation, digital natives who’ve grown up immersed in technology, security won’t be a hurdle, but a natural mindset.
Who is your role model in the cybersecurity industry and why?
I’ve always drawn the greatest inspiration from the real people around me, the ones I can observe up close. In that sense, every passionate colleague, thoughtful client, and engaged stakeholder is a role model for me.
