Position

Cyber Security Architect

Published on 18/11/2022

Hizmetler

IT

Esenler, 34

Job Description:

Wyser is the international company within Gi Group in charge of searching for and selecting specialized middle and senior management.


We are looking for a 'Cyber Security Architect' for our client of Information Technologies industry.


Responsibilities

  • Identifying and establishing the security needs and controls required for a layered IT security architecture,
  • Researching new security technologies and solutions, conducting PoC activities,
  • Determining and monitoring the controls on security devices and identifying necessary improvements,
  • Determining information security requirements of the projects and activities carried out by other departments and teams
  • Conducting threat modeling and risk assessment activities on existing processes and new projects Evaluating identity and access requests for information systems,
  • Determining and evaluating security controls on SDLC processes,
  • Monitoring new security threats and vulnerabilities, identifying solutions and communicating with retaled parties to take necessary actions,
  • Performing infrastructure and application (web, mobile, API, etc.) security tests within the scope of vulnerability management process,
  • Managing the tools and platforms used in the vulnerability management process,
  • Organizing annual penetration tests with regard to BRSA regulations,
  • Advising and consulting security teams with information security subject matter expertise.


Qualifications

  • Minimum 5 years of experience in information security Knowledge of information systems processes and infrastructure,
  • Knowledge of Windows/Unix/Linux operating systems and TCP/IP protocols,
  • Basic scripting knowledge (JavaScript, PHP, Python, SQL etc.),
  • Knowledge of Next Generation Firewall, IPS, WAF, EPP, EDR, HSM, SIEM, DLP, E-Mail Security, URL Filtering, DDoS, PAM, IDM solutions,
  • Knowledge of information security policies and regulations (BRSA regulations, KVKK) Knowledge of frameworks and standards such as NIST CSF, PCI DSS, ISO 27001,
  • Knowledge of application development lifecycle (SDLC) security tools (SAST, DAST, SCA, etc.) Analytical thinking and result oriented,
  • Preferably at least one of CISSP, CISM, CISA, OSCP, OSCE, OSCE, OSEE, OSWE, OSWP, GPEN, GWAPT, GXPN, GMOB, eJPT, eWPT, eCPTX, eWPTXv2, eMAPT, LPT certifications.

Industrial sector

Hizmetler

Reference code

4091

Consultant

Kendi Funda, is our consultant who manages this job opportunity.

Discover all the news on
the world of work