Cyber Defence Senior Expert

What you’ll do

The purpose of this role is to drive the offensive security program for VF Turkey ecosystem to constantly keep adding up solutions and knowledge to reduce our risks within the challenging cyber landscape.

You will be the single point of contact for providing guidance on all offensive security activities like penetration testing, red teaming, exploit development, purple team activities etc. and work closely with solution, product, or infrastructure owners.

• Having a strong security architect mindset and using best practice knowledge from an attackers point of view to proactively detect, identify and respond to cyber events, known and unknown threats, security risks and vulnerabilities with effective management of response plans, across the security platform lifecycle in line with cyber security policies and procedures,
• Driving offensive security program including attack vector simulation, planning & scheduling of all security testing activities, reporting, remediation support, false positive check and maintenance of tools,
• Regular reconnaissance & red teaming activities for populating and confirming asset inventory both for internal and external network,
• Creating procedures, flowcharts and playbooks relevant to tasks performed continuously,

Who you are

• BSc. in Computer / Electrical & Electronics / Industrial Engineering is desired,
• Master’s degree (preferably in Computer Science, Cyber Security) or equivalent information security experience is desired,
• At least 6 years of proven experience in performing hands-on penetration testing, and/or adversary simulation, red teaming exercises, vulnerability assessments in complex operational ICT environments,
• CISSP, OSCP, OSCE, GXPN, GPEN, GWAPT, CySA+, CEH or equivalent would be a plus,
• Familiarity with industry standards like OWASP TOP10, OWASP ASVS, OWASP MSTG, OSSTMM, CVSS, STRIDE, CIS, NIST etc.
• Ability to translate highly technical findings and recommendations into visual format for different technical and non-technical stakeholders,
• Excellent understanding of attacker tools, tactics and techniques and referencing on MITRE ATT&CK, strong knowledge of MITRE Shield.
• Solid knowledge of security principles and practices,
• Proven experience in one or more of the following topics are also desired:

o Threat modeling, risk management,

o TCP/IP, computer networking, routing and switching,

o Network protocols and packet analysis tools,

o Windows, UNIX and Linux operating systems,

o Firewall, WAF and intrusion detection/prevention protocols,

o DLP, anti-virus and anti-malware,

o Python, Go, Bash or any other programming/scripting language,

o Cloud computing,

o SaaS, PaaS models,

o Security Information and Event Management (SIEM),

o Incident Management/Response

• Excellent problem-solving, analytic and documentation skills,
• Critical thinking with strong attention to details and follow up,
• Technically competent to contribute towards the preparation and implementation of control processes, procedures and guidelines,
• Fluent in English (both verbal and written).

Not a perfect fit?

Worried that you don’t meet all the desired criteria exactly? At Vodafone we are passionate about Inclusion for All and creating a workplace where everyone can thrive, whatever their personal or professional background. If you’re excited about this role but your experience doesn’t align exactly with every part of the job description, we encourage you to apply as you may be the right candidate for this role or another role, and our recruitment team can help you see how your skills fit in.

What’s in it for you

• Vflexy: Flexible Benefits Program
• Hybrid working kit
• Ergonomic kit allowance
• Digital meal voucher
• Flexible transportation allowance.
• Employee assistance hotline & counselling
• Comprehensive and flexible private health insurance
• Discounted price deals for wide range of products & services

Plus, plenty more to enjoy!

#LI-Hybrid 

Data Privacy

By applying for this job, you accept the Vodafone Privacy Policy. Please visit Privacy Policy web page at https://careers.vodafone.com/privacy-policy/turkey/ for further details.

Who we are

You may have already heard of Vodafone – We’re a leading Telecommunications company in Europe and Africa. But what you might not know is that we are continuously investing in new technologies to improve the lives of millions of customers, businesses and people around the world, creating a better future for everyone.

As part of our global family, whether that’s Vodafone, Vodacom or _VOIS, you’ll feel a sense of pride and purpose as you contribute to our culture of innovation. We pursue equality of opportunity and inclusion for all candidates through our employment policies and practices. 

Together we can.

Read Full Description