If you want to be a part of the Tüpraş family, let's get to know each other better.
At Tüpraş, we work passionately as a pioneering company that respects the environment and life values to create a better future with our R&D and advanced technology competencies.
The trust, respect and mutual understanding we have for each other unite us around our common goals to achieve better with a safe and agile mind, and we produce holistic solutions with the responsibilities and initiatives we take.
We are prone to teamwork, adopt an agile work culture, work innovation and future-oriented, and carry each other and our business forward through cooperative dialogues.
What You’ll Do?
Our expectations from an Information Security Consultant within Tüpraş's work culture are as follows:
- Leading information security projects under their responsibility.
- Coordinating the organization's information security strategy initiatives.
- Providing information security consultancy and monitoring in projects and processes managed by other business units.
- Performing tasks within the annual PDCA (Plan-Do-Check-Act) cycle as part of the ISO 27001 Information Security Management System.
- Managing maturity analysis projects within the scope of other IT security quality regulations, standards, and frameworks (e.g., ISO 22301/2000/31000, SANS, NIST, Cobit, KVKK, GDPR, ITIL) and designing additional compliance controls as needed.
- Preparing and delivering presentations for the Information Security Committee and management review meetings, as well as following up on decisions and actions.
- Leading information security awareness efforts and designing and managing social engineering tests and campaigns.
- Working closely with Internal Audit, Risk Management, and Compliance teams to coordinate internal and external audit activities within the organization and monitoring action plans and management reporting.
- Fulfilling reporting and follow-up requirements within the scope of information security incident management and case analysis processes.
- Conducting log monitoring and review activities related to information security breaches and data security.
- Exploring improvement opportunities to address deficiencies in security strategies by reviewing information security best practices.
- Managing IT governance, risk, and compliance processes and leading automation transformation efforts.
- Establishing an IT internal control compliance program, monitoring it periodically, and delivering management reports.
- Providing process support in IT quality and ITIL processes.
What We Look For?
- Graduated from quantitative departments such as Computer Engineering, Software Engineering, Electrical-Electronics Engineering, Mathematics Engineering, etc.
- Minimum of 5 years of experience in different areas and roles within IT security.
- Proficient in written and spoken English.
- Able to think analytically, enjoy research, demonstrate an agile approach, possess strong communication skills, and have a high level of representation capability.
- Solution- and result-oriented, with a preference for working in a planned manner.
- Adaptable to multitasking and skilled in prioritizing work.
- Strong understanding of risk and control concepts.
- Knowledgeable, and preferably experienced, in information security requirements, governance, and best practices.
- Actively involved in transformation/implementation projects within frameworks and standards such as ISO 27001, ISO 27019, ISA-99/IEC 62443, COBIT, NIST SP 800-82, CIS, SANS, and other IT/OT security frameworks/standards/regulations.
- Experienced in data classification, data security, threat and vulnerability management, cyber incident management, and cloud security standards.
- Preferably holds internationally recognized certifications in various areas of information/cybersecurity (e.g., CISA, CISM, ISO 27001, ITIL-F, COBIT-F).
- Adaptable to a fast-paced and agile work culture
- Great problem-solving, communication, and interpersonal skills
- Thriving by different perspectives and showing flexibility
- Having an analytical, innovative mindset, and taking initiative
- A great team player with a go-getter attitude
How will you be notified about the progress of the application process?
We will notify you by email at the end of each step. Therefore, we kindly ask you to actively check the mailbox (including junk/spam/junk folders) of the e-mail address you applied to.
*The only criterion evaluated in recruitment and employment is suitability for the job; equal opportunity is provided without any discrimination.
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
Cyber Security Consultant / Senior Consultant
2026-06-18
Intermediate Analyst, ICS Cybersecurity
2026-06-17
Cyber Consultant / Senior Consultant
2026-06-19
- Posted
- Jan 15, 2025
- Type
- Full-time
- Level
- Associate
- Location
- Istanbul
- Company
- Tüpraş
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
Cyber Security Consultant / Senior Consultant
2026-06-18
Intermediate Analyst, ICS Cybersecurity
2026-06-17
Cyber Consultant / Senior Consultant
2026-06-19