Senior Information Security Analyst

Job Description

What is the Main Aim of This Position?
To prevent possible security breaches by ensuring compliance with information security standards and legal regulations.

What We Expect From You?

• To contribute to the development and implementation of the company's information security policies and procedures. Ensure that security policies are implemented across all business units,
• To conduct regular risk analyses to identify potential threats and vulnerabilities to information assets and develop risk mitigation measures,
• To ensure that the inventory of information assets and risks under the responsibility of IT is kept up to date,
• To monitoring requirements for the auditee's compliance with relevant legislation, including internal procedures and policies, and working with other units to implement them,
• To ensure that the data entry-exit points are determined and the records of the transactions made are kept, to implement the necessary policies to prevent data loss, to ensure that they are implemented in other departments,
• To periodically review the functionality and effectiveness of the security infrastructure through the Digital & Information Systems Department KPIs,
• To monitor cyber intelligence channels, prepare and publish the necessary content for the publication of the intelligence obtained within the Company,
• To ensure the coordination of the process between third parties and internal resources within the security services provided by external resources and monitor the effectiveness of the process,
• To carry out effective access management controls in compliance with laws, regulations and policies,
• To take necessary actions for the control and closure of information systems technical vulnerabilities,
• To take an active role in internal and external audits, identifying information security needs, preparing and reporting action plans,
• To manage the software used in information security management processes (portal, document management systems, GDPR applications, etc.).

Why You?

• If you hold a bachelor’s degree in Computer Engineering, preferably with a master's degree,
• If you have at least 3 years of experience in the fields of system security mechanisms, access control systems and methodologies,
• If you have experience with security software and hardware (Firewall, IDS/IDPS, content control, anti-virus software, attack and vulnerability detection etc.),
• If you are familiar with, and preferably have expertise with, ISO 27001 standards,
• If you have a background in security auditing, risk analysis, vulnerability analysis, telecommunication and network security, PKI technologies and encryption mechanisms, business / IT continuity,
• If you can use MS Office programs effectively,
• If you have excellent command of written and spoken English, you are exactly the one we are searching for. you are exactly the one we are searching for.

What Brings You at the Front?

• Being strongly result-oriented and making quick decisions,
• Being innovative and open to learning,
• Being a team player,
• Having improved presentation abilities,
• Having strong communication & negotiation skills,
• Having coordination skills,
• Being able to reside in Eskisehir or İstanbul.