Senior Cyber Security Specialist

Eminevim

Istanbul

Description

About US Our company Eminevim, the leader of the savings finance sector, continues its activities as a leading brand with 164 branches across the country, nearly 3000 employees and a market share of more than 50%.

Eminevim, which has touched millions of people and enabled more than 300 thousand families to achieve their goals, has been awarded Diamond awards in the housing and automobile categories at the A.C.E. Awards Excellent Customer Satisfaction Achievement Awards in 2021 and 2022 with this approach while moving forward with the understanding of providing the best experience by meeting the expectations and needs of its customers at the highest level.

If you would like to be a part of our team that adopts the understanding of "excellence" in corporate development processes, #We Are Here For You! #Eminevim

About the Job

We are seeking an experienced Senior Cyber Security Specialist to join our Information Security team. In this role, you will be responsible for managing enterprise security technologies, improving security configurations, leading vulnerability management processes, and continuously enhancing security controls designed to protect the organization’s critical information assets.

You will work across multiple security domains including data security, web application security, endpoint security, database security, identity security, and security operations. The position also plays an important role in supporting compliance requirements and strengthening the organization’s cyber resilience.

Job Description

  • Manage and maintain Data Loss Prevention (DLP) solutions, data classification, and data protection initiatives.
  • Develop, optimize, and monitor DLP policies and investigate data leakage incidents.
  • Manage Web Application Firewall (WAF) solutions and improve protection against OWASP Top 10 threats.
  • Perform WAF rule tuning, false positive/negative analysis, and support web application security assessments.
  • Administer and maintain Endpoint Detection and Response (EDR/XDR) platforms.
  • Investigate security incidents, develop detection use cases, and contribute to threat hunting activities.
  • Manage Database Activity Monitoring (DAM) solutions and monitor critical database activities.
  • Develop controls to detect unauthorized access and protect sensitive data assets.
  • Assess and improve Active Directory security configurations and Group Policy security standards.
  • Support Identity and Access Management (IAM) processes and privileged account security controls.
  • Lead vulnerability management processes, including risk assessment, prioritization, tracking, and remediation coordination.
  • Perform security assessments and report remediation progress to stakeholders.
  • Develop and maintain secure configurations for servers, endpoints, and infrastructure systems.
  • Implement and monitor Microsoft Security Baselines and CIS Benchmark compliance.
  • Execute system hardening activities and continuously improve security configuration management processes.
  • Analyze critical security events and support incident response activities.
  • Conduct root cause analysis and coordinate corrective actions with relevant teams.
  • Evaluate and improve email security controls, including SPF, DKIM, and DMARC technologies.
  • Support anti-phishing and data leakage prevention initiatives.
  • Provide technical support during internal and external audits.
  • Contribute to compliance initiatives related to information security, personal data protection, and financial sector requirements.
  • Prepare technical reports, risk assessments, and executive-level summaries.
  • Research emerging cybersecurity technologies, threat trends, and industry best practices.
  • Recommend and implement improvements to the organization’s security architecture, processes, and controls.

Qualifications

  • Bachelor's degree in Computer Science, Computer Engineering, Cyber Security, Information Systems, or a related field.
  • Minimum 5 years of experience in Information Security or Cyber Security roles.
  • Hands-on experience managing enterprise security technologies.
  • Experience with DLP, WAF, EDR/XDR, DAM, SIEM, Vulnerability Management, and Security Hardening solutions.
  • Strong knowledge of Windows Server environments, Active Directory, and Group Policy administration.
  • Knowledge of Linux systems, network technologies, and security architectures.
  • Understanding of DNS, DHCP, PKI, and certificate management.
  • Experience with CIS Benchmarks, Microsoft Security Baselines, and OWASP Top 10.
  • Familiarity with NIST Cybersecurity Framework and ISO/IEC 27001 standards.
  • Knowledge of personal data protection requirements and cybersecurity regulations.
  • Strong analytical thinking, problem-solving, and incident analysis capabilities.
  • Experience preparing technical documentation, reports, and executive summaries.
  • Knowledge of Python, PowerShell, or Go is considered an advantage.
  • Experience with security automation, SOAR platforms, and API integrations is a plus.
  • Experience with cloud security technologies (Azure, AWS, or GCP) is preferred.
  • Experience in banking, financial services, fintech, or other regulated industries is considered an advantage.
  • Relevant certifications such as CISSP, CISM, CompTIA Security+, Microsoft Security Certifications, or GIAC Certifications are preferred.
  • Strong communication, stakeholder management, and teamwork skills.
  • Passion for continuous learning and improving the organization’s security posture.

What We Offer

  • Technical and leadership training through Emin Academy, designed to support your career development
  • Supplementary health insurance provided for all employees
  • Social support in cases such as marriage, childbirth, and bereavement
  • Special leave days for occasions such as birthdays, children’s first day of school or report card day, and wedding anniversaries
  • Cultural and social programs for employees, nutrition consultancy, and Idea Cube (Fikir Küpü) awards
  • Competitive compensation, bonus, and reward system that recognizes and rewards success
  • “My Emin Buddy” mentoring program, ensuring fast adaptation and continuous support
  • Equal opportunities for all employees and an inclusive working environment