Senior Information Security Specialist

Hi, I've got something to share with you!

My name is Pazarama.

Who am I?

I’m an e-commerce platform that makes life easier for my customers and business partners—a place where you can find everything you need. My name is a blend of the words "Bazaar" and "Panorama." I'm here to offer a panoramic view of the e-commerce world, creating a marketplace where everyone can find what they’re looking for. Plus, with the strength of being a subsidiary of İş Bank and my broad perspective, I aim to create a sustainable shopping ecosystem.

I’m everywhere, making it easy for you to reach me: Pazarama mobile, the Pazarama website, İşCep, Maximum Mobile, Samsung Wallet, and physical stores.

From hotel and flight bookings to car rentals, online shopping to transportation card top-ups, even fuel payments without leaving your car, and exciting sweepstakes—I provide an all-in-one platform to meet all your needs.

But that's not all... I aim to please those who choose me by offering payment options packed with discounts, instalment plans, and rewards. I don't just make shopping easier; I make it more rewarding with everything I’ve mentioned. I’m constantly evolving, enhancing myself and my technologies for my users and business partners.

So, what can I do for you?

This is a journey, and we’re in it together. We’ll enhance your skills with career-supporting training and create opportunities to achieve your dreams together. Every step of the way, we’ll make this journey more vibrant with your ideas, enthusiasm, and talents. In this adventure, where you won’t be afraid of making mistakes, we can turn your dreams into reality together.

If you want to join me on this journey, apply for the position below and become part of our team!

Pazarama is with you on your career journey 💙

QUALIFICATIONS

• Graduate of Computer Science /Electronics / Telecommunication / Other engineering streams.
• At least 4 years of experience in information systems, the majority of which should have been in information security and cyber security operations management.
• Excellent command of both written and spoken English.
• Security expertise on Active Directory will be considered a plus.
• Good understanding of IT Infra and Technologies on Azure platforms.
• Experience with container security, such as Docker and Kubernetes.
• Interpersonal and collaborative skills and the ability to communicate security and risk related concepts to technical and non-technical audiences.
• Ability to develop information security policies and procedures in a highly dynamic environment.
• Knowledge and understanding of common information security management frameworks, audits and regulatory requirements such as PCI DSS, NIST, ISO, KVKK regulations.
• Manage and configure SIEM in an enterprise level environment.
• Troubleshoot and resolve complex network security incidents, including packet capture and analysis, log review and critical thinking.
• Perform vulnerability assessments, penetration testing, security hardening, application security.
• Knowledge of DLP infrastructure and management of DLP infrastructure
• Expertise in Cyber Kill Chain, MITRE ATT&CK, or other relevant cybersecurity defence and intelligence frameworks
• Poise and ability to act calmly and competently in high-pressure, high-stress situations
• High level of personal integrity and the ability to handle confidential matters in a professional manner, demonstrating appropriate judgement and maturity.
• CISSP, CISA, CISM, OSCP, PCI-ISA certifications are highly desirable.

RESPONSIBILITIES

• Managing Cloud Security Technologies with related Vendors.
• Evaluation of new Technologies and POC studies in the scope of Information Security.
• Manage the development and implementation of security policies, standards, guidelines and procedures to ensure the ongoing maintenance of security.
• Maintain security-related certification standards at the corporate level and liaise with external consultants for independent security audits.
• Lead security investigations and forensics to determine what went wrong in a breach and implement corrective actions.
• Identify vulnerabilities related to APIs, containers, services, applications and assist developers in mitigating vulnerabilities.
• Apply metrics to measure, monitor and report on the effectiveness of information security controls and compliance with information security policies.
• Perform regular vulnerability assessments to evaluate the effectiveness of existing controls.
• Responsible for network security architecture, information security architecture, network access and monitoring policies, information security awareness programme, etc.
• Oversee incident response planning and investigation of security breaches, and assist with disciplinary and legal matters related to such breaches as required.
• Support the business in participating in security processes (application assessments, product certification, intranet and internet connectivity).
• Responsible for delivering regular information security awareness programmes
• Participates in business continuity and disaster recovery planning

Bu ilan sebebiyle yapacağınız başvurular aracılığıyla toplanacak kişisel verileriniz, veri sorumlusu Topkapı Danışmanlık Elektronik Hizmetler Pazarlama ve Ticaret A.Ş. tarafından 6698 sayılı Kişisel Verilerin Korunması Kanunu (“KVKK”) ve ilgili mevzuat kapsamında iş başvuru süreçlerinin yürütülmesi amacıyla otomatik yollarla işlenecektir. Aydınlatma Metni’ne https://cdn.pazarama.com/docs/is-basvurusu-aydinlatma-metni.pdf linkinden ulaşabilirsiniz. İlanımıza başvuru yapmanız halinde ilgili metnin tümünü onaylamış kabul edileceksiniz.