QUALIFICATIONS AND JOB DESCRIPTION
We are looking for a ‘Information Security Senior Specialist’ for Borusan Danışmanlık.
The Information Security Senior Specialist will be responsible for enforcing Information/IT security across Borusan by leading implementation and configuration of security components, providing Security Operations Center (SOC) services and information security consultancy to group of companies. She/he will be also responsible for implementing security procedures in line with security policies designed by Security Architect.
•Bachelor degree or above in Electronics/ Communication Engineering or other relevant domain
•Strong understanding of Information security areas and IT security achitecture
•Demonstrated experience in security tools and products
•Technical expertise on at least one of the following areas;
oTechnology Security
oApplication Security
oVulnerability Management (additional)
oOffensive Security (additional)
•Ability guide administrators and group company functions on
oSIEM, Incident Response
oISO/ IEC 27001: 2013 standard
•Good command of English
İŞ TANIMI
•Build and effectively operate Security Incident Event Management (SIEM) systems and security violation incident management / response tools
•Analyze, control and response security incidents and identify improvement areas
•Monitor information security violations, record notifications, ensure preventive measures for repetition and corrective actions to be taken
•Communicate with the relevant unit responsibles to review the status of the risk processing plans and complete the actions on time
•Establish management and configuration standards of security systems (Firewall, IPS, WAF, Proxy, URL Filtering, NAC, VPN)
•Support the design and implement related security system and tools based on information security architecture
•Hold information security expertise for Infrastructure and System projects, provide the units with information as consultant, support project coordination
•Regularly conduct security screening and vulnerability analysis tests, analyze the results, plan the required actions and report them to related groups
•Develop application recommendations on responsible areas by following developments and innovations
•Analyze information security needs, receive and evaluate expectations and keep internal customer satisfaction at the highest level.