Cyber Security Manager

Türk Telekom

Desired Skills & Experience

This position which will be located in İstanbul or Ankara will manage a team of highly technical skilled ethical hackers, fraud, SIEM and blue/purple team professionals. The goal is to provide assessments of security threats via hands on blue/purple team exercises aimed at strengthening our defenses and our threat detection and response capability.

• Bachelor’s Degree in Computer Science, Computer Engineering, Information Security, Criminal Justice, or a related field. Minimum 5 years' or more experience working within Digital Forensic and Incident Response Teams, Law Enforcement, and/or Military experience may be accepted in lieu of this requirement.
• A minimum of 8-10 years' or equivalent of information security experience, specializing in Digital Forensics , SIEM, Fraud, Incident Response etc. (including Windows disk forensics, Unix & Linux disk forensics, memory forensics, cloud forensics, and static & dynamic malware analysis)
• A minimum of 2 years' experience leading a technical team of cyber security experts.
• Currently maintaining two or more professional certifications related to Digital Forensics or Incident Response (e.g., GCFE, GCFA, GREM, EnCe, MCFE, CFCE, CEH, OSCP, Security+). Management Certifications (CISSP, CISM) are a plus.
• Proficiency in forensic investigation techniques using a variety of commercial and open source digital forensic tools (e.g., AXIOM, EnCase, FTK, X-Ways, SANS SIFT Workstation, NUIX, etc.).
• Experience in supervising complex Incident Response, Fraud and Forensic investigations; including cyber security incidents, intellectual property theft, fraud and abuse, asset misuse, reported criminal activity, and violations of corporate policy; within a global enterprise across multiple platforms and technologies.
• Strong understanding of file system forensics and user & system artifacts within a variety of operating systems (e.g., Windows, Linux, Mac OSX).
• Experience in SIEM Environments (i.e. IBM Qradar, Splunk, Archsight).
• Full knowledge of EDR solutions ( i.e. Carbon Black, Crowd Strike, SentinelOne )
• Experience in Antivirus systems (i.e. SEP, Trendmicro, Kaspersky, MCafee )
• Good working knowledge of Cloud and Container technologies is a plus
• Good working knowledge of FMS (Fraud Management Systems) technologies is a plus
• Good working knowledge of networking protocols, security technologies, and application services is a plus.
• Experience in rule writing, use case design, playbook design for SIEM and SOAR platforms.
• Ability to create a defense and detection mechanism against current vulnerabilities and threats with MITRE ATT&CK® and Defend frameworks.
• Ability to interpret device and application logs from a variety of sources (e.g. Firewalls, Proxies, Netflow, Web Servers, System Logs, Splunk, Packet Captures ) to identify anomalies or evidence of compromise.
• Excellent report writing skills and the ability to present findings to management, legal, business leaders, and executives.
• Experience in programming languages or scripting (e.g. C++, Python, Go) is a plus.

Job Responsibilities:

• We are looking for a Cyber Security Manager (at least 8 years exp.) to lead a group of Cyber Security professionals.
• Recommend technical measures to protect the victim’s data, its network and intellectual properties
• Kick a stealthy adversary out of the network
• Guide the victim out of the situation towards recovery mode
• Provide constant updates and coordinate situation reporting back to senior management
• Determine the attacker/s tactics, techniques, and procedures and their capabilities
• Trace the lateral move path of the attacker, attribute their motive
• Put all the above findings timely into an investigation report
• Mail security solutions
• SIEM solutions
• EDR solutions
• FMS use case design
• Security Playbook Design
• Cyber threat intelligence and threat hunting
• Security Orchestration, Automation and Response (SOAR) management
• Other than that, relevant certifications are beneficial.