-
Tüpraş

Information Security Senior Consultant

Tüpraş
Turkey · Full-time · Associate

If you want to be a part of the Tüpraş family, let's get to know each other better.

At Tüpraş, we work passionately as a pioneering company that respects the environment and life values to create a better future with our R&D and advanced technology competencies.

The trust, respect and mutual understanding we have for each other unite us around our common goals to achieve better with a safe and agile mind, and we produce holistic solutions with the responsibilities and initiatives we take.

We are prone to teamwork, adopt an agile work culture, work innovation and future-oriented, and carry each other and our business forward through cooperative dialogues.


What You’ll Do?


Our expectations from an Information Security Consultant within Tüpraş's work culture are as follows:

  • Leading information security projects under their responsibility.
  • Coordinating the organization's information security strategy initiatives.
  • Providing information security consultancy and monitoring in projects and processes managed by other business units.
  • Performing tasks within the annual PDCA (Plan-Do-Check-Act) cycle as part of the ISO 27001 Information Security Management System.
  • Managing maturity analysis projects within the scope of other IT security quality regulations, standards, and frameworks (e.g., ISO 22301/2000/31000, SANS, NIST, Cobit, KVKK, GDPR, ITIL) and designing additional compliance controls as needed.
  • Preparing and delivering presentations for the Information Security Committee and management review meetings, as well as following up on decisions and actions.
  • Leading information security awareness efforts and designing and managing social engineering tests and campaigns.
  • Working closely with Internal Audit, Risk Management, and Compliance teams to coordinate internal and external audit activities within the organization and monitoring action plans and management reporting.
  • Fulfilling reporting and follow-up requirements within the scope of information security incident management and case analysis processes.
  • Conducting log monitoring and review activities related to information security breaches and data security.
  • Exploring improvement opportunities to address deficiencies in security strategies by reviewing information security best practices.
  • Managing IT governance, risk, and compliance processes and leading automation transformation efforts.
  • Establishing an IT internal control compliance program, monitoring it periodically, and delivering management reports.
  • Providing process support in IT quality and ITIL processes.


What We Look For?


  • Graduated from quantitative departments such as Computer Engineering, Software Engineering, Electrical-Electronics Engineering, Mathematics Engineering, etc.
  • Minimum of 5 years of experience in different areas and roles within IT security.
  • Proficient in written and spoken English.
  • Able to think analytically, enjoy research, demonstrate an agile approach, possess strong communication skills, and have a high level of representation capability.
  • Solution- and result-oriented, with a preference for working in a planned manner.
  • Adaptable to multitasking and skilled in prioritizing work.
  • Strong understanding of risk and control concepts.
  • Knowledgeable, and preferably experienced, in information security requirements, governance, and best practices.
  • Actively involved in transformation/implementation projects within frameworks and standards such as ISO 27001, ISO 27019, ISA-99/IEC 62443, COBIT, NIST SP 800-82, CIS, SANS, and other IT/OT security frameworks/standards/regulations.
  • Experienced in data classification, data security, threat and vulnerability management, cyber incident management, and cloud security standards.
  • Preferably holds internationally recognized certifications in various areas of information/cybersecurity (e.g., CISA, CISM, ISO 27001, ITIL-F, COBIT-F).
  • Adaptable to a fast-paced and agile work culture
  • Great problem-solving, communication, and interpersonal skills
  • Thriving by different perspectives and showing flexibility
  • Having an analytical, innovative mindset, and taking initiative
  • A great team player with a go-getter attitude


How will you be notified about the progress of the application process?


We will notify you by email at the end of each step. Therefore, we kindly ask you to actively check the mailbox (including junk/spam/junk folders) of the e-mail address you applied to.


*The only criterion evaluated in recruitment and employment is suitability for the job; equal opportunity is provided without any discrimination.

Key Skills

Ranked by relevance

itil nist cloud security cloud gdpr cisa cism cis
Login to Apply
Posted
Jan 15, 2025
Type
Full-time
Level
Associate
Location
Istanbul
Company
Tüpraş

Industries

Oil Gas

Categories

Consulting

Related Jobs

3 roles aligned with this opportunity

View all jobs
View Job Details
Deloitte
Related

Cyber Security Consultant / Senior Consultant

2026-06-18

Full-time
Associate
Luxembourg
Business Consulting
Analyst
View Job Details
BBA Consultants
Related

Intermediate Analyst, ICS Cybersecurity

2026-06-17

Full-time
Associate
Canada
Renewable Energy Semiconductor Manufacturing
Design
View Job Details
Deloitte
Related

Cyber Consultant / Senior Consultant

2026-06-19

Full-time
Associate
Turkey
Business Consulting
Consulting