IT Audit Infrastructure, Assistant Vice President
State Street
CloudCyber SecurityFirewalls
Information Security Engineer – Security and Risk Management
Trendyol Group
full-time
Posted on:
Origin: • 🇹🇷 Turkey
Visit company websiteJob Level
Mid-LevelSenior
Tech Stack
Firewalls
About the role
- About the Role
- As an Information Security Specialist, you'll be a key part of our team, responsible for developing and implementing security policies and procedures. This role involves more than just risk management; you'll also ensure our systems and products meet critical compliance standards like KVKK, GDPR, and PCI-DSS. You'll use your expertise to conduct technical reviews, manage security incidents, and collaborate with engineering, product, and legal teams to mitigate risks and maintain a robust security posture.
Requirements
- Responsibilities
- - Development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security, risk, and compliance.
- - Good knowledge of operating systems, network infrastructure, firewalls, and database security,
- - Identifying security risks, creating and monitoring an action plan to eliminate risks
- - Maintaining KVKK, GDPR, PCI-DSS, ISO 27001, BDDK, TCMB and ETK compliance and periodic audits and controls within this scope. Also, help the Technology team in the phase of implementation of these regulations.
- - Taking part in periodic and effective user awareness programs
- - Helping to reduce information security risks generated inside Trendyol
- - Monitor and manage the security risks coming from third parties
- - Conduct technical reviews for new features and identify security, privacy, and compliance risks. Work closely with technical and non-technical teams, including Engineering, Product and Legal in order to mitigate security, privacy and compliance risks.
- - Fluency in English
- Expected Qualifications
- - 5+ years of experience in security
- - Proficiency in developing information security policies and procedures
- - Proven records of executing programs that meet the objectives of excellence in a dynamic environment
- - Play a key role in driving large cross-company security, privacy, and compliance reviews of products and features.
- - Being a critical thinker, with strong problem-solving skills and also having project management skills
- - Manage information security related incidents,
- - Knowledge and understanding of relevant legal and regulatory requirements, such as PCI-DSS, KVKK, GDPR, TCMB, and BDDK regulations
- - Having CISSP certification
- - 2+ years of experience with Security Risk Management and Banking regulations
- - Having experience with coding and system design review
