Information Security Risk&Governance Specialist İş İlanı
İşveren Hakkında
QUALIFICATIONS AND JOB DESCRIPTION
- Work on the definition of risk and information governance policies.
- Identify risks in the treatment of information that may compromise the Information Security of the corporate assets, through the analysis of processes / projects / systems.
- Manage regulatory compliance, especially KVKK (GDPR), audits and policy compliance.
- Ensure that there is an appropriate information security culture throughout the company.
- Carry out the analysis of the processes and identify risks in the critical assets of the company.
- Proactively manage information security risks, propose corrective measures for identified risks.
- Coordinate the implementation of the information risk operating model in the company.
- Execute the Information Security training and awareness plan.
- Provide support to the business areas in terms of privacy.
- Consolidation of metrics and KPIs related to the effectiveness of the controls associated with the reported risks.
- Supervise compliance with the Business Continuity processes defined for critical information assets.
- Work closely with Bupa in matters of risk management and information governance.
- Security assessment of critical suppliers of the company.
- Ensure that the governance of information is carried out according to the standards and policies defined by the company, Bupa and regulatory bodies.
- Consolidation of metrics for the periodic report to Bupa on the degree of compliance with the Information Security policies under the responsibility of information security.
- 3+ years information security and/or related technology experience and track record in information security and risk management.
- Bachelor's degree, preferably in computer science or engineering.
- Knowledge and experience in Cybersecurity, IT and Governance frameworks such as ISO 27001/27002, NIST, SOX, PCI/DSS, GDPR, KVKK, COBIT, ITIL.
- Solid knowledge of security principles and practices.
- Practices and methods of IS strategy, enterprise architecture and security architecture.
- Excellent verbal and written communication skills in English.
- Knowledge and experience in the following topics are desired:
- Windows and Linux based operating systems
- Network protocols, routing and switching
- Firewalls, IDS/IPS, WAF, EDR and SIEM
- Vulnerability management and threat management
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials is desired.
- Experience in developing, documenting and maintaining security procedures.
- Strong analytical and problem-solving skills.
Benzer İş İlanları
