Information Security Engineer - Governance

Trendyol · Istanbul / Maslak

Company

Trendyol

Location

Istanbul / Maslak

Type

Full Time

Job Description

Team: Tech Security

About the Team
At Trendyol Tech, our mission is to create a positive impact in our ecosystem by enabling commerce through technology.
We solve complex problems with data, creativity, and agility — always driven by real outcomes. With a culture built on learning, collaboration, and ownership, we grow together while building what’s next.

About the Role
As an Information Security Specialist, you'll be a key part of our team, responsible for developing and implementing security policies and procedures. This role involves more than just risk management; you'll also ensure our systems and products meet critical compliance standards like KVKK, GDPR, and PCI-DSS. You'll use your expertise to conduct technical reviews, manage security incidents, and collaborate with engineering, product, and legal teams to mitigate risks and maintain a robust security posture.

Responsibilities

  • Development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security, risk, and compliance.
  • Good knowledge of operating systems, network infrastructure, firewalls, and database security,
  • Identifying security risks, creating and monitoring an action plan to eliminate risks
  • Maintaining KVKK, GDPR, PCI-DSS, ISO 27001, BDDK, TCMB and ETK compliance and periodic audits and controls within this scope. Also, help the Technology team in the phase of implementation of these regulations.
  • Taking part in periodic and effective user awareness programs
  • Helping to reduce information security risks generated inside Trendyol 
  • Monitor and manage the security risks coming from third parties
  • Conduct technical reviews for new features and identify security, privacy, and compliance risks. Work closely with technical and non-technical teams, including Engineering, Product and Legal in order to mitigate security, privacy and compliance risks.
  • Fluency in English
  • Expected Qualifications

  • 5+ years of experience in security
  • Proficiency in developing information security policies and procedures
  • Proven records of executing programs that meet the objectives of excellence in a dynamic environment
  • Play a key role in driving large cross-company security, privacy, and compliance reviews of products and features.
  • Being a critical thinker, with strong problem-solving skills and also having project management skills
  • Manage information security related incidents,
  • Knowledge and understanding of relevant legal and regulatory requirements, such as PCI-DSS, KVKK, GDPR, TCMB, and BDDK regulations
  • Having CISSP certification
  • 2+ years of experience with Security Risk Management and Banking regulations
  • Having experience with coding and system design review
  • Apply Now

    Date Posted

    11/24/2021

    Views

    0

    Back to Job Listings Add To Job List Company Profile View Company Reviews
    Neutral
    Subjectivity Score: 0
    142,000+ Jobs Tracked
    12,400+ Companies
    1,930 Categories