Information Security Specialist

Toyota Turkey Marketing and Sales Inc. is an international distributor responsible for the marketing, sales, and after-sales services of Toyota and Lexus branded vehicles in the automotive sector.

Our employee value proposition is "We Respect We Kaizen!", which reflects our two most important values, "Respect for People" and "Kaizen".

The common characteristics of Toyota employees who say "We Respect We Kaizen!" are as follows:

• Love job and do it with passion!
• Work with a smile and have fun!
• Make an effort to create happy environment!
• Value everyone for being human!
• Work with team spirit for better results.

We are looking for Information Security Specialist to work with our teams.

Qualifications;

• Bachelor’s Degree from related fields,
• Minimum 2 years of experience in Information Security, Cybersecurity, and Data Security,
• Knowledge of System Security, Application Security, Firewall, IPS/IDS, EDR, SIEM, and Vulnerability Management,
• Familiar with ISO27001 and ISO22301 standards,
• Strong analytical thinking skills, disciplined, researcher, creative, solution-oriented and teamwork-oriented.

Main Responsibilities;

• Ensuring the analysis of network and cybersecurity systems, and plan necessary changes or improvements
• Performing information security management functions; collecting logs from systems and applications such as Firewall, IDS/IPS, EDR, reviewing existing rules and writing new rules,
• Conducting necessary researches based on regular vulnerability scan results or potential incidents, assessing risks and developing actionable solutions,
• Playing an active role in aligning Information Systems projects with security standards and operational objectives,
• Working on the preparation, design, and continuity of ISO27001 and ISO22301 systems; regularly monitoring supporting documents such as forms and schedules, organizing/coordinating necessary drills and reporting findings,
• Leading the team in information security breach incidents and coordinating with relevant units and authorities when necessary,
• Following the latest cybersecurity threats and security trends; performing regular monitoring, audits and reviews for risk management.