Key skills
AWSCloudAIRisk ManagementCommunicationCollaborationCloud Security
About this role
Role Overview
- We are looking for a highly motivated and detail-oriented Information Security Specialist to join our growing security team. The ideal candidate will be responsible for ensuring the organization’s compliance with security standards such as ISO 27001 and SOC 2 Type 2, managing business continuity processes, and supporting security governance on AWS environments. This role requires a proactive mindset, strong technical knowledge, and a good understanding of both internal IT systems and regulatory frameworks like KVKK and GDPR.
- Drive the implementation and continuous improvement of the ISO 27001 Information Security Management System (ISMS)
- Conduct and document internal audits and follow up with action plans
- Coordinate and enhance business continuity and disaster recovery processes
- Support SOC 2 Type 2 compliance efforts and evidence collection
- Provide governance support for AWS infrastructure and cloud security configurations
- Collaborate with internal Red Team and Blue Team to follow up on technical findings
- Maintain, update, and implement security policies, standards, and procedures
- Plan and execute security awareness programs (training, campaigns, gamification, etc.)
- Assess third-party security through security assurance reviews
- Support security incident handling and security reporting processes
- Provide input on privacy regulations (KVKK, GDPR) and ensure alignment with global policies
- Act as a security consultant to business units and IT teams
Requirements
- Deep knowledge of ISO 27001, internal audits, and risk management practices
- Experience in Business Continuity Management (BCM) processes
- Hands-on knowledge of AWS services and cloud governance best practices
- Familiarity with the SOC 2 Type 2 framework and security control families
- Solid understanding of databases, data classification, and data protection methods
- Strong documentation and reporting skills, especially for audit and compliance deliverables
- Experience in preparing and filling out customer security requirements
- Understanding of KVKK, GDPR, and related data privacy regulations
- Strong analytical thinking and ability to ask the right questions
- Ability to follow through on complex tasks with minimal oversight
- Excellent written and verbal communication skills
- Strong interpersonal skills; ability to collaborate with technical and non-technical teams
- Ability to understand the business value of security within the product and tech ecosystem
- Capable of organizing and reviewing the security posture of network, application, and endpoint layers
- Comfortable providing consultancy and training to internal stakeholders
- Willingness to provide on-call support when necessary
- Takes ownership of complex security projects and delivers end-to-end
- Works cross-functionally to re-test, validate, and close security findings
- Capable of raising internal tickets and driving the resolution of issues found via audits or reviews
- Actively contributes to team collaboration and gives constructive feedback
- Maintains a positive mindset and can communicate clearly with both internal and external partners
- Advanced in English (written and spoken)
Tech Stack
- AWS
- Cloud
Benefits
- Enjoy a monthly meal allowance designed to enhance your daily routine.
- Access comprehensive private health insurance.
- Feed your curiosity with access to Spotify, LinkedIn Learning, Blinkist, MasterClass, Neoskola, and CloudGuru.
- Level up with internal trainings covering AI fundamentals, coding, foreign languages, and a wide range of personal development skills.
- Be part of a diverse team that’s as global as it gets, where every voice is heard and 50+ nationalities build together.
- Become a Shareowner through our eligibility-based “ESOP” and own a piece of what you build.
- Help build the team you want to work with and enjoy rewarding referral bonuses.
- Opportunities to give back to your community through volunteering and purpose-driven social impact projects.
- From global retreats to team-building activities, expect year-round events that turn into lifelong memories.
- Get inspired by the greatest minds in the tech industry through events like our Tech & Dev Talks.
- Work from anywhere in Turkey through our fully remote setup.