IT Architecture & Security Assistant Manager

Ray Sigorta A.Ş.

Qualifications

• Minimum 3 years professional experience in Information Security / Data Protection in a complex IT and Network environment
• Experience in enterprise security planning, design, configuration, installation, troubleshooting, integration, security performance monitoring, product maintenance, and security product configuration enhancements
• Knowledge of information security technologies, complex network architecture, internet connectivity and DMZ strategies
• Knowledge of data management and data classification concepts, architecture, federation, PKI and cryptography.
• Knowledge of data privacy regulations, and compliance issues.
• Knowledge of Information Security technologies such as SIEM, DLP, Data Classification, Firewalls, DDoS, UAC, DAM, Anti-spam, Anti-Malware, MDM etc.
• Knowledge of standards and certificates such as: CISSP, ISO27001, Risk Management, COBIT, TOGAF, ISMS and ITIL Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, preferred.
• Excellent communication skills at all levels.
• Fluency in English.

Job Description

• Lead day to day IT security operations
• Implementing global VIG IT security policies and standards
• Manage and coordinate operational components of incident management, including detection, response and reporting.
• Manage production issues and incidents, and participate in problem and change management forums.
• Assist and guide the disaster recovery planning in the selection of recovery strategies and the development, testing and maintenance of disaster recovery plans.
• Assist with the implementation and maintenance of ISO 27001 controls across the company.
• Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
• Provide security communication, awareness and training for audiences
• Serve as an active and consistent participant in the information security governance process.
• Periodically measuring and improving effectiveness of information security controls, reporting to stakeholders and upper management
• Assist with the design and compliance of internal security policies and applicable laws and regulations.
• Provide support and guidance for legal and regulatory compliance efforts, including audit support.
• Documenting current systems, assets and relationship between CIs
• Recommends and participates in the development of architecture blueprints for related systems.
• Identifies implementation risks and analyses potential impact on the enterprise and on the achievement of scheduled objectives.