Company Description

Since 1998, Lostar is the leading Information Security firm, with more than 1000 projects.

Its main services are; Information Security Checkups such as Internet-Intranet Penetration Tests, Gap Analysis of world wide best practices like COBIT, ISO 27001, ISO 22301 and ISO 20000, related consultancy and data protection projects and also Employee Security Awareness Methodology trainings. 

Lostar consultants, who are well trained and experienced, create the optimal-cost solutions for their customers with paying attention to technical and commercial needs.

Roots in Turkey, Lostar has 3 offices in 3 different cities such as Istanbul, London and Sakarya.

We work with the best to create the best service and value for our clients.

Job Description

In this multifaceted role, you will be instrumental in evaluating and enhancing the cyber security stance of our diverse client base. Your expertise will not only steer our clients towards robust cyber security practices across essential domains but also provide invaluable guidance to our Pentest and Red Teams during their challenging engagements.

Qualifications

Key Responsibilities: 

• Cyber Security Assessment: Lead comprehensive evaluations of client cyber security postures, pinpointing vulnerabilities across their digital infrastructure, including firewall audits, cloud audits, and Active Directory (AD) audits etc. Devise and recommend holistic improvement strategies tailored to each client's unique environment and needs.
• Expert Consultation: Provide authoritative consultation on critical cyber security domains, including risk management, asset security, security architecture, network security, identity and access management, cyber security operations, and the principles of secure software development.
• Guidance to Pentest and Red Teams: Act as a mentor and strategic advisor to our Pentest and Red Teams, sharing your deep knowledge and insights to bolster their effectiveness in conducting cyber attack simulations and vulnerability discovery.
• Development of Security Strategies: Work in close partnership with clients to craft and roll out innovative cyber security strategies, addressing their specific risks to fortify their defenses against current and emerging threats.
• Client Relationship Management: Forge and nurture robust relationships with clients, ensuring clear, ongoing communication and a thorough understanding of their cyber security landscapes and requirements.
• Continuous Learning and Improvement: Commit to ongoing professional development, staying ahead of the curve on the latest cyber security trends, tools, and best practices. Leverage this knowledge to continuously enhance the quality and impact of the services we deliver to clients.

Required Qualifications:

• A bachelor's degree from relevant university departments is required. A master's degree in a related field is highly preferred, reflecting a strong theoretical foundation and an advanced understanding of cyber security principles.
• At least 5 years’ experience in the related roles and jobs.
• Penetration Testing Expertise: Demonstrable expert knowledge in penetration testing, with a history of identifying, exploiting, and mitigating vulnerabilities within complex digital environments.
• Analytical and Problem-Solving Skills: Exceptional ability to analyze security systems, pinpoint vulnerabilities, and devise effective solutions with a strategic approach to problem-solving.
• Strong consulting skills, capable of offering actionable insights, guiding security strategies, and fostering robust client relationships through outstanding communication abilities.
• Deep knowledge in at least 4 of the following cyber security domains:
• Security and Risk Management
• Asset Security
• Security Architecture and Engineering
• Communication and Network Security
• Identity and Access Management
• Security Assessment and Testing
• Security Operations
• Software Development Security
• Certifications: Holders of prestigious certifications such as CISSP, CCSP, OSCP, or equivalent will be given preference, showcasing a commitment to professional development and expertise in cyber security.

Additional Information

Location: Preferably based in Istanbul.

Flexibility: Primarily remote work (%90+), with the requirement to attend on-site as needed.