GENEL NİTELİKLER VE İŞ TANIMI
Desired Skills & Experience
This position which will be located in İstanbul or Ankara will manage a team of highly technical skilled ethical hackers, fraud, SIEM and blue/purple team professionals. The goal is to provide assessments of security threats via hands on blue/purple team exercises aimed at strengthening our defenses and our threat detection and response capability.
- Bachelor’s Degree in Computer Science, Computer Engineering, Information Security, Criminal Justice, or a related field. Minimum 5 years' or more experience working within Digital Forensic and Incident Response Teams, Law Enforcement, and/or Military experience may be accepted in lieu of this requirement.
- A minimum of 8-10 years' or equivalent of information security experience, specializing in Digital Forensics , SIEM, Fraud, Incident Response etc. (including Windows disk forensics, Unix & Linux disk forensics, memory forensics, cloud forensics, and static & dynamic malware analysis)
- A minimum of 2 years' experience leading a technical team of cyber security experts.
- Currently maintaining two or more professional certifications related to Digital Forensics or Incident Response (e.g., GCFE, GCFA, GREM, EnCe, MCFE, CFCE, CEH, OSCP, Security+). Management Certifications (CISSP, CISM) are a plus.
- Proficiency in forensic investigation techniques using a variety of commercial and open source digital forensic tools (e.g., AXIOM, EnCase, FTK, X-Ways, SANS SIFT Workstation, NUIX, etc.).
- Experience in supervising complex Incident Response, Fraud and Forensic investigations; including cyber security incidents, intellectual property theft, fraud and abuse, asset misuse, reported criminal activity, and violations of corporate policy; within a global enterprise across multiple platforms and technologies.
- Strong understanding of file system forensics and user & system artifacts within a variety of operating systems (e.g., Windows, Linux, Mac OSX).
- Experience in SIEM Environments (i.e. IBM Qradar, Splunk, Archsight).
- Full knowledge of EDR solutions ( i.e. Carbon Black, Crowd Strike, SentinelOne )
- Experience in Antivirus systems (i.e. SEP, Trendmicro, Kaspersky, MCafee )
- Good working knowledge of Cloud and Container technologies is a plus
- Good working knowledge of FMS (Fraud Management Systems) technologies is a plus
- Good working knowledge of networking protocols, security technologies, and application services is a plus.
- Experience in rule writing, use case design, playbook design for SIEM and SOAR platforms.
- Ability to create a defense and detection mechanism against current vulnerabilities and threats with MITRE ATT&CK® and Defend frameworks.
- Ability to interpret device and application logs from a variety of sources (e.g. Firewalls, Proxies, Netflow, Web Servers, System Logs, Splunk, Packet Captures ) to identify anomalies or evidence of compromise.
- Excellent report writing skills and the ability to present findings to management, legal, business leaders, and executives.
- Experience in programming languages or scripting (e.g. C++, Python, Go) is a plus.
Job Responsibilities:
- We are looking for a Cyber Security Manager (at least 8 years exp.) to lead a group of Cyber Security professionals.
- Recommend technical measures to protect the victim’s data, its network and intellectual properties
- Kick a stealthy adversary out of the network
- Guide the victim out of the situation towards recovery mode
- Provide constant updates and coordinate situation reporting back to senior management
- Determine the attacker/s tactics, techniques, and procedures and their capabilities
- Trace the lateral move path of the attacker, attribute their motive
- Put all the above findings timely into an investigation report
- Mail security solutions
- SIEM solutions
- EDR solutions
- FMS use case design
- Security Playbook Design
- Cyber threat intelligence and threat hunting
- Security Orchestration, Automation and Response (SOAR) management
- Other than that, relevant certifications are beneficial.