Information Security Specialist

This is a fully remote position, open to applicants in Turkey.

📋 Description

• We are seeking a driven and detail-oriented Information Security Specialist to join our expanding security team. The ideal applicant will be tasked with ensuring the organization's adherence to security standards such as ISO 27001 and SOC 2 Type 2, managing business continuity procedures, and supporting security governance within AWS environments. This position demands a proactive attitude, extensive technical expertise, and a solid understanding of both internal IT systems and regulatory frameworks like KVKK and GDPR.

• Lead the implementation and ongoing enhancement of the ISO 27001 Information Security Management System (ISMS).

• Conduct and document internal audits and follow up with actionable plans.

• Coordinate and improve business continuity and disaster recovery processes.

• Aid in SOC 2 Type 2 compliance initiatives and evidence gathering.

• Provide governance support for AWS infrastructure and cloud security configurations.

• Collaborate with internal Red Team and Blue Team to address technical findings.

• Maintain, revise, and enforce security policies, standards, and procedures.

• Organize and implement security awareness initiatives (training, campaigns, gamification, etc.).

• Evaluate third-party security through security assurance assessments.

• Assist in managing security incidents and reporting processes.

• Offer insights on privacy regulations (KVKK, GDPR) and ensure compliance with global policies.

• Serve as a security consultant to business units and IT teams.

⛳️ Requirements

• Profound knowledge of ISO 27001, internal audits, and risk management practices.

• Experience in Business Continuity Management (BCM) processes.

• Practical knowledge of AWS services and best practices in cloud governance.

• Familiarity with the SOC 2 Type 2 framework and associated security control families.

• Strong understanding of databases, data classification, and data protection methodologies.

• Excellent documentation and reporting skills, particularly for audit and compliance outputs.

• Experience in preparing and completing customer security requirements.

• Understanding of KVKK, GDPR, and relevant data privacy regulations.

• Strong analytical skills with the ability to ask pertinent questions.

• Capability to follow through on intricate tasks with minimal supervision.

• Outstanding written and verbal communication skills.

• Strong interpersonal abilities; adept at collaborating with both technical and non-technical teams.

• Ability to appreciate the business value of security within the product and technology landscape.

• Proficient in organizing and assessing the security posture of network, application, and endpoint layers.

• Comfortable providing consultancy and training to internal stakeholders.

• Willingness to provide on-call support when necessary.

• Takes ownership of complex security projects and ensures delivery from start to finish.

• Works cross-functionally to retest, validate, and resolve security findings.

• Able to raise internal tickets and drive the resolution of issues identified during audits or reviews.

• Actively participates in team collaboration and offers constructive feedback.

• Maintains a positive attitude and communicates clearly with both internal and external partners.

• Proficient in English (both written and spoken).

🏝️ Benefits

• Enjoy a monthly meal allowance designed to enhance your daily routine.

• Access comprehensive private health insurance.

• Feed your curiosity with access to Spotify, LinkedIn Learning, Blinkist, MasterClass, Neoskola, and CloudGuru.

• Level up with internal trainings covering AI fundamentals, coding, foreign languages, and a wide range of personal development skills.

• Be part of a diverse team that’s as global as it gets, where every voice is heard and 50+ nationalities build together.

• Become a Shareowner through our eligibility-based “ESOP” and own a piece of what you build.

• Help build the team you want to work with and enjoy rewarding referral bonuses.

• Opportunities to give back to your community through volunteering and purpose-driven social impact projects.

• From global retreats to team-building activities, expect year-round events that turn into lifelong memories.

• Get inspired by the greatest minds in the tech industry through events like our Tech & Dev Talks.

• Work from anywhere in Turkey through our fully remote setup.