Istanbul, Istanbul, Türkiye
•Managed SIEM processes and monitored security incidents •Managed the transition from legacy PAM to a new PAM solution, ensuring process improvements •Managed vulnerability management with Tenable, Trend Micro, and other tools, including scoring, remediation, and coordination with technical teams •Managed Trend Micro deployment, optimized security policies, and minimized risk scores •Managed penetration testing activities, tracked results, and ensured timely remediation with responsible teams •Managed security hardening initiatives and developed awareness programs for IT teams and end users •Managed Intune MDM (Mobile Device Management) policies, configurations, and device security compliance •Managed and enhanced security products, including FileOrbis, Thales, Picus, DLP, and threat intelligence solutions •Managed SSL certificate lifecycle (issuance, renewal, monitoring, and compliance) •Managed ISO/IEC 27001 recertification project •Planned and managed ISMS (Information Security Management System) processes •Acted as Security Architect in various projects, providing security design and guidance •Managed SOC operations and consultant activities •Managed mail gateway operations •Managed external security consultancy services •Managed PoC and procurement processes for security solution
•Manages global IT security projects, including project initiation, management, and implementation. •Manages Data Loss Prevention (DLP) solutions, specifically Forcepoint DLP . •Manages and enhances Privileged Access Management (PAM) solutions, including CyberArk. •Manages and conducts audits. •Demonstrated strong knowledge of PCI-DSS, KVKK, and IT Risk Management.
•Managed global IT Security projects, including project initiation, management, and implementation. •Oversaw SIEM and Log Management solutions to enhance security measures. •Successfully handled Privileged Access Management (PAM) solutions. •Efficiently managed Data Loss Prevention (DLP) solutions. •Skillfully oversaw Endpoint Security solutions. •Managed and improved Network Detection and Response (NDR) security solutions. •Provided support for Level-1 security-related tickets to ensure swift issue resolution. •Executed vulnerability scans and generated comprehensive reports. •Demonstrated strong knowledge of PCI-DSS, KVKK, and IT Risk Management. •Proficiently worked with SDLC (Software Development Life Cycle) and related tools. •Prepared technical documents and specifications to facilitate project communication.
• Managed the process of using CyberArk for all users by successfully migrating from the old PAM product to the new PAM product. • Organized various phishing campaigns and training to improve the awareness of employees of the institution. • Developed new rules by managing the Data Loss Prevention solution to detect potential exfiltration. Identified the potential issue by checking security solutions' stability and efficiency regularly. • Performed security tests to find vulnerabilities on the projects in the institution. • Prepared access management procedure by applying compliance checks to meet BNP Group and local standards. • SIEM solution management by editing old rules, developing new rules and preparing reports. • Developed the incident response playbooks to cover potential incidents. • Prepared and submitted the compliance reports within the scope of audits. • Reviewed the Firewall rules to find unexpected issues. • Investigated and analyzed the incidents triggered by local solutions or came from BNP Group.
• Analyzing potential threats by defining rules on the SIEM • Performing security monitoring using SIEM and other relevant tools • Using Threat Intelligence to identify malicious activity • Working closely with IR team to improve analysis and hunting skills • Provide analysis and trending of security log data from a large number of mixed security devices. • Provide Incident Response (IR) support when analysis confirms actionable incident. • Investigate, document, and report on information security issues and emerging trends.