Trendyol53mo ago

Information Security Engineer - Governance

Istanbul / MaslakFull-timemid

SecurityOtherInformation Security Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

About the Team At Trendyol Tech, our mission is to create a positive impact in our ecosystem by enabling commerce through technology. We solve complex problems with data, creativity,

Technical Tools

SecurityOtherInformation Security Engineer

About the Team

At Trendyol Tech, our mission is to create a positive impact in our ecosystem by enabling commerce through technology.

We solve complex problems with data, creativity, and agility — always driven by real outcomes. With a culture built on learning, collaboration, and ownership, we grow together while building what’s next.

About the Role

As an Information Security Specialist, you'll be a key part of our team, responsible for developing and implementing security policies and procedures. This role involves more than just risk management; you'll also ensure our systems and products meet critical compliance standards like KVKK, GDPR, and PCI-DSS. You'll use your expertise to conduct technical reviews, manage security incidents, and collaborate with engineering, product, and legal teams to mitigate risks and maintain a robust security posture.

Development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security, risk, and compliance.

Good knowledge of operating systems, network infrastructure, firewalls, and database security,

Identifying security risks, creating and monitoring an action plan to eliminate risks

Maintaining KVKK, GDPR, PCI-DSS, ISO 27001, BDDK, TCMB and ETK compliance and periodic audits and controls within this scope. Also, help the Technology team in the phase of implementation of these regulations.

Taking part in periodic and effective user awareness programs

Helping to reduce information security risks generated inside Trendyol

Monitor and manage the security risks coming from third parties

Conduct technical reviews for new features and identify security, privacy, and compliance risks. Work closely with technical and non-technical teams, including Engineering, Product and Legal in order to mitigate security, privacy and compliance risks.

Fluency in English

5+ years of experience in security

Proficiency in developing information security policies and procedures

Proven records of executing programs that meet the objectives of excellence in a dynamic environment

Play a key role in driving large cross-company security, privacy, and compliance reviews of products and features.

Being a critical thinker, with strong problem-solving skills and also having project management skills

Manage information security related incidents,

Knowledge and understanding of relevant legal and regulatory requirements, such as PCI-DSS, KVKK, GDPR, TCMB, and BDDK regulations

Having CISSP certification

2+ years of experience with Security Risk Management and Banking regulations

Having experience with coding and system design review