Senior Cyber Security Specialist

WeHire

• Preferably graduated from Computer Engineering, Electrical/Electronic Engineering, or related engineering departments,

• Minimum 5-7 years of experience in a similar position,

• Proficient in dealing with cyber attacks, defense techniques, malicious software, and interventions in cyber incidents,

• Experienced in Cyber Security products such as Sandbox, Antivirus, DLP, Web and Email Security, Database Security, Endpoint Security, etc., in hybrid environments,

• Knowledge or experience in SIEM, SOC, Event management,

• Knowledgeable about data classification and data loss prevention processes,

• Experienced in vulnerability management,

• Managed Information Security tools and applications,

• Proficiency in verbal and written English at least at an intermediate level,

• Willingness to solve problems, analytical thinking, systematic work, and self-confidence in managing crisis situations,

• Able to report research and studies in accordance with the institution's formats.

Experience and Competencies:

• Operation and monitoring of Cyber Security applications within the institution,

• Managing and monitoring Cyber Security solutions (EDR, NDR, SOAR, SIEM, DLP, Antivirus, E-Mail, Web Security, etc.),

• Management of SIEM tool and SOC service within the institution; identifying systems to collect logs, preparing correlation rules, operating, and ensuring log control,

• Supporting continuous improvement efforts for processes related to Cyber Security Operation management activities conducted for internal activities,

• Creating rules and reports in SIEM and SOAR products to detect new threats and attacks,

• Reviewing existing rules and developing new scenarios by conducting scenario analysis according to the Mitre ATT&CK Framework,

• Analyzing threat information collected from IPS & IDS, EDR, NDR, SOC alarms and alerts, DLP cases, intelligence reports, and other sources,

• Conducting necessary investigations on SOC, NDR, and EDR alarms, providing guidance to relevant teams, and following up on closure processes,

• Monitoring all activities on the database, generating alarms for critical activities, and ensuring the blocking of requested activities when necessary,

• Analyzing logs to identify potential unauthorized entries and creating rules in SIEM and SOAR products for automatic blocking,

• Preparation for and coordination of internal and external Audit activities,

• Coordinating penetration tests and vulnerability scans, analyzing test results, providing solution proposals, and ensuring closure of identified vulnerabilities,

• Preparation and updating of technical documentation related to responsible products,

• Communication with suppliers and support companies, tracking and managing processes,

• Operation of institutional IT Security policies for all Cyber Security products under IT responsibility and management of operational processes for these products,

• Responding to calls related to cyber security operations directed through the Help Desk.

• Basic level of software development knowledge (Python, Bash, SQL, etc.),

• Compliance with information security policies; support for audit activities such as PCI DSS, PCI CPP, ISO 27001, and ISAE 3402,