Cyber Security Expert - Strategy

We are a team of Cyber Strategy. The purpose of this role is to design the right cyber security strategy for Vodafone Turkiye ecosystem. To constantly keep adding up solutions and knowledge to reduce our risks within the challenging cyber landscape.

• Supporting, evaluating and consulting internal and Vodafone owned external projects from a cyber security perspective. Providing Security Architecture support in the form of security assessment and risk mitigation for all other projects and change requests.
• Support the creation and development of the technical cyber security solution strategy
• Advising and propagating cyber security knowledge as a “Security Guru” among the team and the stakeholders.
• Using best practice knowledge to maintain and improve the log review processes in line with cyber security policies and procedures.
• Understanding the business needs and defining security requirements in accordance with company’s strategy and new technological solutions
• Designing and implementing scenarios that will benefit the system with the relevant product annually and reduce the security risk.
• Ensuring that the application works in a healthy and uninterrupted manner, to determine the required application scope according to existing policies and checking with SIEM operation teams and system owners to confirm that specified applications are logged.
• Continuous supervision of the playbooks and log sources/correlation engines for several types of assets and actions (active directory, database, applications, network, OS, user behavior etc.) in accordance with requirements defined by the governance team and required standards and regulations like Presidency Information and Communication Security Guide , Banking Regulation and Supervision Agency and Information and Communication Technologies Authority regulations, PCI-DSS, ISO 27001, ISO 27701, COBIT, KVKK, GDPR, SOX, etc.
• Attending internal and external audits and preparing evidence when required,
• Continuous development of correlation rules for effective security monitoring.
• Effective reporting of log review activities on both executive and technical level.
• Planning for the implementation of Secure By Design approach to the digital platforms. Supporting to maintain the secure software development lifecycle. Defining security controls and ensuring that the controls are in place,
• Performing risk management activities and working with teams for reporting cyber security risks to top management.
• Planning any required expansion for log management systems, Data Loss Prevention (DLP), User Access Management (UAM), data classification products tools and implementing the solution.
• Supporting SOC team for a better and more effective security monitoring against evolving threats.
• Supporting Cyber Defence team in line with Vodafone Cyber Security Baselines.

• Bachelor/ Master/ PhD degree in Computer Science / Information Technology or equivalent experience.
• At least 5 years of work experience in information security, network administration or IT security.
• Strong knowledge on IT security controls.
• Knowledge on Linux/Microsoft OS, DB systems and hardening baselines.
• Understanding of Network protocols and packet analysis, having CCNA/CCNP certificates is an advantage.
• Knowledge on Log Management systems.
• Telecommunications industry experience is an advantage.
• Commitment to ensuring the team succeeds with all tasks, duties, and projects.
• Knowledge of, or experience implementing or maintaining compliance with, Industry Standards, Regulations, and Legislative Instruments such as: NIST Cyber Security Framework (CSF), MITRE ATT&CK, Cyber Kill Chain, ISO 27001, PCI-DSS, GDPR/KVKK.
• Critical thinking with strong attention to details and follow up.
• Having low level security understanding but ability to present it in a high level
• Strong analytical deduction.
• Being creative, problem solving and result oriented.
• Ability to work in tight deadlines and delivering solutions within defined time periods.
• Experience working in complex operational ICT environments.
• Effective verbal and written communication skills and strong interpersonal skills, good in reporting.
• Demonstrated ability to work effectively with 3rd party suppliers and internal stakeholders.
• Deep knowledge and skills in policies, standards and required controls (both technical and compliance based).
• Certifications in CISSP, CISA, CISM, ISO27001, CEH, CompTIA Security+ etc. are highly preferred.
• Fluent in English both written and spoken.

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about Inclusion for All and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in.

We like to keep them flexible:

• Vflexy: Flexible Benefits Program

• Hybrid working kit

• Ergonomic kit allowance

• Digital meal voucher

• Flexible transportation allowance.

• Employee assistance hotline & counselling

• Comprehensive and flexible private health insurance

• Discounted price deals for wide range of products & services

Plus, plenty more to enjoy!

#LI-Hybrid

Data Privacy

By applying for this job, you accept the Vodafone Privacy Policy. Please visit Privacy Policy web page at https://careers.vodafone.com/privacy-policy/turkey/ for further details.

You may have already heard of Vodafone - We're a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.

As part of our global family, whether that's Vodafone, Vodacom or _VOIS, you'll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. 

Together we can.