Senior Security Engineer 'Vulnerability Management'

Yapı Kredi Technology is a technology company that produces innovative, high quality, and high value-added products and solutions in the finance sector. With more than 2,000 employees, it aims to create products that will shape the sector for Yapı Kredi Bank and to be the undisputed leader in the field of technology by using modern architectural systems and cloud technologies. It also contributes to the development of new and exemplary products for the sector by using natural language processing, machine learning, artificial intelligence, and data mining technologies with its R&D team.

At Yapı Kredi Technology, we research with passion, wonder as we learn, and implement innovations that shape the future together. We take responsibility from the first day with our expert colleagues and work with all our strength for pioneering applications. We make quick decisions and take action. We quickly adapt to innovations and changes.

Opportunity to work in hybrid model

Opportunity to work in Koç Group Community Companies\' offices

Chance to discover the natural wonders and amenities offered at Koç Toplululuğu Spor Kulübü (KTSK)

Career development opportunities in a structured technology career path

Opportunity to benefit from BizClub and KoçAilem privileges exclusive to Yapı Kredi Technology employees

Company-contributed individual retirement insurance

Birthday off day.

• Conduct regular vulnerability assessments and scans using various tools to identify potential security weaknesses
• Analyze scan results to identify vulnerabilities and prioritize them based on severity and potential impact
• Collaborate with other teams to assess the risk associated with vulnerabilities and develop remediation plans
• Conduct network penetration tests and simulate real-world attack techniques while maintaining system safety and availability
• Generate detailed reports on the status of vulnerabilities, including findings, remediation efforts, and compliance status
• Develop and enforce security policies and procedures related to vulnerability management
• Stay updated with the latest security trends, vulnerabilities, and attack vectors to continuously improve the organization’s security posture
• Manage vulnerability management solutions, ensuring they are effectively integrated into the overall cyber security ecosystem

• Bachelor’s degree in Computer Engineering, Electronics Engineering, Communication Engineering, Mathematics or relevant fields is a must
• Proficiency with vulnerability scanning tools (Nessus, Tenable, Qualys, Rapid7 etc.) and working knowledge of operating systems, network protocols, and security architectures are required
• 4+ years of related cyber security, offensive security and/or vulnerability management experience
• Working knowledge with one or more scripting languages (Pyhton, Powershell etc.) and experience with writing scripts for automation, penetration testing and integration is highly preferable
• Experience with vulnerability management of cloud and container environments is strongly preferred
• Experience with one or more of Tanzu, Azure, Openshift, Kubernetes environments and/or working knowledge of container architectures are a plus
• Having one or more of following the certificates is a plus: OSCP, GPEN, CISSP, Security+, CySA+ etc.
• Master’s degree in cyber security or in a relevant field is a plus
• Strong analytical and problem-solving skills and field knowledge to assess and mitigate vulnerabilities effectively
• Excellent written and verbal communication skills for reporting findings and collaborating with various teams
• Openness to the continuous acquisition of new skills and competencies
• Excellent time management and organizational skills
• Good command of written and spoken English

Our recruitment process for all positions typically encompasses technical interviews, director assessments, competency evaluations, and personality tests. We will extend our offer to candidates who have successfully completed a positive evaluation process.

If you would like to get to know more about Yapı Kredi Technology, you can follow us!

https://www.ykteknoloji.com.tr

https://medium.com/yapi-kredi-teknoloji

Kişisel verilerin korunmasıyla ilgili aydınlatma metni: https://kariyerim.yapikredi.com.tr/Account/StaticKvkk