Cyber Security Specialist

The Cybersecurity Specialist is responsible for leading and coordinating Gülermak’s global IT security operations in close collaboration with cybersecurity vendors. This role ensures the development, implementation, and enforcement of corporate security policies and procedures across all environments.

The position includes continuous monitoring and response to security incidents, execution of internal audits and penetration tests, and maintaining compliance with international standards and regulatory frameworks. The specialist will also be accountable for designing and maintaining secure configurations across IT networks, infrastructure, applications, and devices.

In addition to technical responsibilities, the role involves driving company-wide security awareness initiatives and working cross-functionally with internal teams and external partners to strengthen Gülermak’s overall security posture.

• Coordinate with cybersecurity vendors to ensure continuous protection
• Develop, update, and enforce corporate cybersecurity policies and procedures
• Monitor, analyze, and report on security incidents to senior management
• Plan and execute penetration tests and internal security audits
• Proactively monitor cyber threats and implement preventive measures
• Lead incident response and forensic investigations in case of breaches
• Conduct risk assessments and vulnerability management
• Develop mitigation plans and track remediation efforts
• Ensure compliance with KVKK, GDPR, HIPAA, NIST, ISO 27001 and similar frameworks
• Manage and optimize security solutions including Azure Security, M365 Security, firewalls, and endpoint protection
• Experience in configuration of IT network, infrastructure, applications, and devices in secure environments
• Maintain documentation for disaster recovery and business continuity
• Organize -plan & execute- security awareness programs for employees and promote a culture of security across departments
• Stay up to date with emerging threats, vulnerabilities, and best practices

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field
• Minimum 4 years of experience in cybersecurity roles
• Strong knowledge of Microsoft, Linux, ERP systems, M365, Azure, and network security
• Hands-on experience with SIEM, IDS/IPS, firewall management, and endpoint protection
• Familiarity with regulatory frameworks (KVKK, GDPR, HIPAA, NIST, ISO 27001)
• Experience in threat detection, incident response, and vulnerability remediation
• Proficiency in Azure Security Center (Microsoft Defender for Cloud), Microsoft Defender, and related tools
• Preferred certifications: CIS, CISSP, CISM, CEH, CompTIA Security+, Microsoft Security certifications: SC900, SC-200
• Strong communication and coordination skills
• Ability to translate technical risks into business language for non-technical stakeholders
• Proactive, analytical, and detail-oriented mindset