Information Security Analyst

Sabanci Üniversitesi

Sabancı University Information Technologies department will be hiring an Information Security Analyst with the below mentioned qualifications.

Experience, Education and Skills Required:

·         Bachelor’s degree preferably in Engineering departments

·         +10 years of experience, at least 5 years focused on security

·         Experience in security architecture and design for end-to-end architecture lifecycles (e.g., conceptual, logical, physical) for medium/large organizations

·         Valid CISSP, CISA, CISM or ISO27001 LA certificate holders preferred

·         Experienced preferably in SIEM and Log Analysis

·         Competent preferably in COBIT, ITIL and ISO 27001 processes

·         Experienced in creating technical document and reporting

·         Experienced preferably in preparing, updating and monitoring policies and procedures of Information Security

·         Excellent command of English

·         Strong domain expertise, implementation and/or integration skills in two or more of following areas:

·         Presidency of the Republic of Turkey, Digital Transformation Office “Information and Communication Security Guide”

·         Turkish Personal Data Protection Law, GDPR and/or industry-specific regulations

·         ISO 27001, PCI DSS, NIST CSF and other information security standards

·         Identity and Access Management

·         Security Incident and Event Management

·         Threat Intelligence and Modelling

·         Security technologies (e.g., firewalls, security event monitoring, intrusion detection and prevention, malware detection)

·         Network and Infrastructure Security

Responsibilities:

·         Managing, maintaining and updating of all the security products

·         Implementing and maintaining administrative and technical steps of “Information and Communication Security Guide”

·         Determining security criteria for the products used in IT infrastructure and ensuring the controls and reporting

·         Monitoring and reporting of security records (log) and evaluating the results

·         Complete security background covering encryption, networks, and authentication

·         Analyzing information security violations and taking necessary precautions

·         Performing ISO 27001, KVKK controls, creating documentation and ensuring the coordination and planning of the audits in the working areas

·         Operating the ISMS and maintaining the continuity of the ISMS through ISO / IEC 27001 audits

Sabancı University is committed to the principle of equal opportunity and equal treatment in education and employment. The University respects all individuals without any discrimination of gender, religion, national and ethnic origin, race, color, physical disability, physical appearance, marital or parental status, sexual orientation, age, or political affiliation in the administration of its educational, admission and employment policies, and its scholarship and university-sponsored programs.