We are looking for ''Security Expert '' for a company who is a leading telecom vendor.
• Breaking down high level business requirements in to detailed security requirements
• Validate and approve correct and secure designs, implementation and testing.
• Conduct quick studies and gap analyses
• To aid in the development of secure software and lead activities that improve product security.
• Example of activities:
- Risk analyses.
- Code review.
- Maintaining coding rules and verification system.
- Correcting security trouble reports.
- Educate and coach team members.
- Inform line about current security state
• May be involved in all aspects of product security, from requirement to test and validation.
• Participate in Agile security group meetings and add knowledge to the group.
• Must have degree or diploma in Computer Science, Engineering and Information Systems or related, with a focus or major in IT Security being highly desirable
• Must have at least 3 years of strong hands-on experience in IT Security
• Must have working technical knowledge of security technologies (across multiple domains such as Firewall, Network IPS, SIEM, DLP, Cloud Security etc), information security concepts and familiar with security products (Checkpoint, Palo Alto, Cisco, Splunk, McAfee, Symantec etc) and the security market place.
• Experience in preparing technical architecture blueprint is highly desirable
• Professional security related qualification such as CISSP, CISM, CRISC, CISA, GIAC or equivalent are highly desirable
• Working knowledge and familiarity with GRC and Offensive Security consulting services (e.g. penetration testing, PCI audit, security assessment) is highly desirable
• Working knowledge and familiarity with Virtualization and Cloud technology is desirable
• Experience and understanding of regulatory framework and guidelines in the region is highly desirable
• Experience and understanding of industry standards, framework and best practices such as ISO27001, PCI DSS, NIST, etc is highly desirable
• Experience and understanding of security trend, threat landscape and framework such as the cyber kill-chain
• Excellent English/Turkish oral and written communication skills