YK Cyber is a boutique cybersecurity consultancy working with international technology companies on security operations, incident response, identity, and automation.
Deliberately small. Fully remote. Built around context, not scale.
Detection engineering, alert triage, SIEM content ownership, and SOC process design. We build and operate the monitoring layer, or integrate with an existing one.
Investigation, containment, remediation, and post-incident review. Playbook design for the incidents that actually happen — credential compromise, SaaS-originated phishing, OAuth abuse.
Human and non-human identity: SSO architecture, MFA policy, privileged access, service account hygiene, and secrets management. The identity layer underpins everything else.
SOAR playbook engineering, automated response orchestration, and reducing operational toil across the security stack. Cheap playbooks are common; good ones are rare.
Engagements are typically structured as ongoing monthly retainers with a defined scope and named deliverables, rather than fixed-hour blocks. This reflects the nature of security work: the value is in continuity and context, not in billable minutes.
We take on a small number of clients at any time. Availability is intentionally limited.
Cybersecurity operations support for a publicly listed multinational technology company (NASDAQ-listed advertising technology platform, operating across Europe, the Americas, the Middle East, and Asia-Pacific).