Bu İşi Paylaş

Cyber Defence Expert - Vulnerability Management

Tarih: 15.Oca.2022

Konum: Istanbul, TR

Şirket: Vodafone

Description

Join our journey as we connect for a better future. Ready?

We are looking for a

Cyber Defence Expert - Vulnerability Management


#Vodafonespirit


Our purpose at Vodafone is to connect for a better future. As a Global Communications Technology company, we put the customer at the heart of everything we do. We are forever challenging, pushing boundaries and discovering innovative ways to connect our customers with their digital societies.

We connect people, businesses, and communities across the globe to create the future. We earn customer loyalty, experiment, learn fast and get it done, together. As you can imagine, this means that we have a vibrant and diverse mix of skills and people making Vodafone a great place to work.


ROLE PURPOSE

We are a team of security defenders. The purpose of this role is to drive the vulnerability management program for VF Turkey ecosystem to constantly keep adding up solutions and knowledge to reduce our risks within the challenging cyber landscape.

You will be the single point of contact for providing guidance on the remediation of security findings and work closely with solution, product, or infrastructure owners. 

Your place in the team

• Having a strong security analyst mindset and using best practice knowledge from an attackers point of view to detect, identify and respond to cyber events, known and unknown threats, security risks and vulnerabilities with effective management of response plans,  across the security platform lifecycle in line with cyber security policies and procedures,
• Driving vulnerability management program including planning, scheduling, scanning operations, reporting, remediation support, false positive check and maintenance of tools,
• Continuous security testing for internal and external web applications including planning, scheduling, scanning operations, reporting, remediation, false positive checks,
• Penetration testing activities for internal, external assets, one-off projects and web applications including planning, scheduling, reporting, remediation, false positive check and verification activities,
• Regular reconnaissance activities for populating and confirming asset inventory both for internal and external network,
• Creating procedures, flowcharts and playbooks relevant to tasks performed continuously,

Uzun Tanım

We are looking for you if you have

• BSc. in Computer / Electrical & Electronics / Industrial Engineering is desired,
• Master’s degree (preferably in Computer Science, Cyber Security) or equivalent information security experience is desired,
• At least 5 years of proven experience in performing vulnerability assessments, penetration testing, and/or adversary simulation exercises in complex operational ICT environments,
• OSCP, OSCE, GXPN, GPEN, GWAPT, CySA+ ,CISSP or equivalent would be a plus,
• Familiarity with industry standards like OWASP TOP10, OWASP ASVS, OWASP MSTG, OSSTMM, CVSS, STRIDE etc.
• Ability to translate highly technical findings and recommendations into visual format for different technical and non-technical stakeholders,
• Excellent understanding of attacker tools, tactics and techniques and referencing on MITRE ATT&CK, strong knowledge of MITRE Shield.
• Solid knowledge of security principles and practices,
• Proven experience in one or more of the following topics are also desired:
    o Threat modeling, risk management,
    o TCP/IP, computer networking, routing and switching,
    o Network protocols and packet analysis tools,
    o Windows, UNIX and Linux operating systems,
    o Firewall, WAF and intrusion detection/prevention protocols,
    o DLP, anti-virus and anti-malware,
    o Python, Go, Bash or any other programming/scripting language,
    o Cloud computing,
    o SaaS, PaaS models,
    o Security Information and Event Management (SIEM),
    o Incident Management/Response
• Excellent problem-solving and analytical skills,
• Critical thinking with strong attention to details and follow up,
• Technically competent to contribute towards the preparation and implementation of control processes, procedures and guidelines,
• Fluent in English (both verbal and written),


Get to know us

If you want to know more about us and what we do, then visit our website: www.vodafone.com.tr
Instagram: https://www.instagram.com/vodafonekariyer/
Youtube: https://www.youtube.com/user/VFTurkiye


Diversity and Inclusion

At Vodafone, we embrace and welcome everyone. We believe that we can operate more successfully and effectively with diverse teams. And we can only leverage this diversity by building an inclusive culture where everyone is respected, can be themselves and strive to be their best. That way we can create a better future for our employees, our partners, the communities we work in and our customers.