Information Security Analyst

Viennalife Emeklilik ve Hayat A.Ş.

This position primarily requires to play an important role in protecting the organisation against the loss of confidential or commercially sensitive data, personal data, and financial loss. This person will be responsible to manage and carry out information security activities in order to help drive the security strategy and policy across the organization.

Job Description

·       Conduct and document regular internal audits with all functions within the organisation to ensure working practices align with the security policy set

·       Work in coordination with the Head of Information Security, help manage the internal and external audit processes

·       Regularly review the information security policy set and make improvements and updates where appropriate

·       Periodically review processes within the business to ensure that information security is maintained to an appropriate level throughout

·       Assist in the management and documentation of security incidents

·       Help manage the Vulnerability and Risk registers, i.e. identification, documentation, risk asset and remediation

·       Monitor and measure IS objectives and metrics of ISMS

·       Create and deliver information security training and awareness content to employees and 3rd party partners

·       Assist in the management of automated vulnerability scanning and utilise web application security testing tools including assessment and documentation of the results

·       Help with the gap analysis and implementation of PCIDSS compliance

·       Monitor, measure, and report on the effectiveness of the process to make sure that it contributes to our customer experience values

·       Continually improve and automate the process

·       Help establish alignment between ITIL/COBIT frameworks and the Agile way of working

·       Research and evaluate new technologies

·       Maintain constant situational awareness on cybersecurity world and vulnerabilities, make sure necessary updates are in place

Qualifications

·       At least 2 years of relevant and recent work experience in a similar role.

·       Experienced in an IT service management process, process performance analysis and reporting.

·       Have insight into the relationship between security processes, information flows and oversee relations with other disciplines (helicopter view).

·       Analytic, service oriented, proactive, flexible, energetic and stress resistant.

·       A team player who takes ownership, with good communication skills and capable of actively building, expanding and utilising a network of internal and external stakeholders.

Able to analyze critical systems and make suggestions for information security implemen