Information Security Expert

ENGLISH HOME

Responsible for support and operations of particular infrastructure components based on the specialization of the role. The Information Security Expert is a service provider for the IT service management processes, i.e. ensuring the faultless operation of the infrastructure and supporting project and development activities.

Qualifications 

• Bachelor degree from departments such as Computer Engineering, Computer Science - Informatics, etc.
• More than 4 years of experience in related field,
• Knowledge of speciality level of ISO 27001 Information Security Standard,
• Knowledge in Information Security Standards and main issues regarding Data Privacy,
• Knowledge of Risk Assessment and Risk Treatment methodology,
• Knowledge of Business Continuity Management,
• Good knowledge of operating systems, network infrastructure, firewalls, and database security,
• Excellent written and verbal command of English,
• Analytical thinking/problem solving skills,
• Good team player, disciplined, attentive, and excellent interpersonal skills.

Job Decribtion 

• Create and apply information security policies, procedures and systems for information security processes,
• Responsibility of ISO 27001 certification compatibility,
• Detect and report information security issues,
• Management of access controls,
• Management and monitoring of log controls,
• Planning and conducting an internal audits,
• Management of Information Security Incidents,
• Management of Business Continuity activities,
• Security consulting for ongoing projects in line with EHM Turkey and EHM Global,
• Participate in compatibility and infrastructure projects.
• Manage overall capacity utilization of Server/hardware environment ensuring it is optimized to meet business requirements
• Propose & Deliver IT departmental projects to align with the overall business strategy as well as corporate strategy
• Develop and implement hardware and software standards for network, servers, databases, wireless technology, file & print services, etc.
• Develop and implement data retention standards
• Develop and maintain overall backup and recovery strategy (Disaster Recovery & Business Continuity)
• Develop, implement, and maintain processes and procedures for effective delivery of services and compliance with regulatory guidance