Kolay Gelsin stands out in the cargo sector with its innovative business model and solutions. We evolve every day and move forward with excitement, curiosity and a smile.

We prioritise the happiness of our colleagues and the satisfaction of our customers. Our technology-focused steps and innovative structure add value to the transport sector.

If you want to be part of this dynamic team, we are waiting for your application!

Qualifications:

• Bachelor’s degree (Computer Engineering, Information Systems, or related fields preferred),
• Minimum 5+ years of hands-on experience in enterprise cyber security roles,
• Advanced English (technical documentation and communication),
• Proven experience designing and operating enterprise-scale security architectures,
• Advanced expertise in Firewall, IPS/IDS, WAF, DDoS, EDR/XDR, SIEM, DLP technologies,
• Strong background in log management, correlation, and incident analysis,
• Hands-on experience with vulnerability management, attack surface analysis, and risk-based remediation,
• Solid knowledge of Threat Intelligence and proactive security controls,
• Practical experience with Windows, Linux, Network, and Application hardening,
• Strong understanding of Incident Response and Digital Forensics processes,
• Working knowledge of Cloud Security (Azure / AWS / Microsoft 365),
• Strong network and system fundamentals (TCP/IP, DNS, Active Directory, VPN, Proxy, Load Balancers),
• Hands-on experience with ISO 27001 ISMS processes and security governance,
• Awareness of KVKK / GDPR and regulatory compliance requirements,
• Ability to make fast, informed decisions during security incidents and crises,
• Strong documentation, communication, and stakeholder management skills.

Responsibilities:

• Define and own the organization’s cyber security strategy, architecture, and security roadmap,
• Act as the technical decision maker for enterprise cyber security technologies and platforms,
• Lead the end-to-end management of security solutions including Firewall, IPS/IDS, WAF, DDoS, EDR/XDR, SIEM, Web & Mail Security, DLP, Attack Surface Management and Vulnerability Management,
• Own the SIEM platform, including use-case design, correlation rules, alert tuning, incident handling, reporting, and continuous improvement,
• Lead incident response, crisis management, root cause analysis, post-incident reviews, and lessons learned processes,
• Analyze threat intelligence feeds and proactively implement preventive and corrective security controls,
• Define and enforce hardening standards across servers, networks, endpoints, and applications
• Review vulnerability assessments, penetration tests, and attack surface analysis results; make risk-based security decisions and track remediation,
• Evaluate new security technologies and lead POC (Proof of Concept) activities and vendor assessments,
• Collaborate with infrastructure, system, and application teams to ensure secure-by-design architecture and change management,
• Establish and maintain security policies, procedures, and technical documentation,
• Act as the security lead in ISO 27001, KVKK/GDPR, internal and external audit processes.