Information Security Governance, Risk, and Compliance (GRC) Senior Expert
What We Do in Dias ? / About Dias
We are one of the top 5 technological solution providers in the world with the product tracking and tracing systems we develop. Thanks to our expertise in the field of Tracking and Tracing Systems development, we offer the most effective marking and tracking technologies tailored to the production, distribution and logistics infrastructure and business needs of different sectors.
The solutions produced by Dias provide the following advantages:
- It protects consumers from counterfeit, smuggled and illegal products.
- It prevents activities that harm the public sector by reducing unregistered economic activities.
- It supports domestic technology production by employing domestic labor in technology solutions.
- It reduces dependency on foreign countries in production and technology applications by increasing efficiency in the use of domestic resources.
- It ensures that these goals are achieved more effectively, quickly, planned and economically thanks to the Product Tracking Platform.
We are looking for “Information Security Governance, Risk, and Compliance (GRC) Senior Expert” to join the inspiring journey of Dias, a unique technology solutions provider in its field in Turkey.
Job Overview:
We are seeking an experienced Governance, Risk, and Compliance (GRC) Expert to join our Information Security team. The GRC Expert will play a crucial role in overseeing our organization's cybersecurity governance, managing risk assessments, and ensuring compliance with various cybersecurity standards. The ideal candidate will have a strong background in cybersecurity, risk management, and compliance with standards such as ISO 27001, NIST CSF, PCI standards, HIPAA, GDPR, and ISO/IEC 27701.
What we expect? / Duty And Responsibilities :
- Develop and maintain a comprehensive governance framework to ensure information security policies and practices comply with regulatory and organizational standards.
- Conduct regular risk assessments and and actively maintain and update the risk register. This includes identifying, evaluating, and reporting on information security risks in a manner that meets compliance and regulatory requirements across the organization.
- Track and report on vulnerabilities within the organization’s infrastructure, working closely with all relevant department to prioritize and mitigate risks.
- Ensure compliance with various standards and best practices like ISO 27001, ISO22301, NIST 800-53, PCI, KVKK and other advisories.
- Provide guidance and leadership on cybersecurity matters to various stakeholders within the organization.
- Coordinate with different departments to ensure that the security policies are being implemented effectively across the organization.
- Stay informed on the latest security threats and trends, as well as evolving compliance requirements.
- Develop and monitor security metrics to measure the effectiveness of the cybersecurity program and make recommendations for improvement.
- Prepare and present regular reports to the CISO and other senior management on the status of the information security program.
Qualifications We Are Looking For :
- A university degree in Information Security, Cybersecurity, Computer Science, or relevant demonstratable work experience.
- Relevant professional certifications (e.g., ISO27001LA, ISO22301LA, CISA, CISSP).
- Proven experience in information security governance, risk management, and compliance.
- Strong knowledge of cybersecurity controls, tooling, frameworks and regulatory requirements.
- A working understanding of IT & Network environments being protected.
- Detail oriented with strong analytical and problem-solving skills.
- Strong communication and interpersonal skills.
Preferred Skills:
- Experience in creating integrated checklists tailored to specific contexts for various compliance standards.
- Ability to work proactively and collaboratively with a wide range of stakeholders.
- Project management skills.
Working Conditions:
This role is based in Istanbul. It may require occasional travel and the flexibility to respond to security incidents outside of standard working hours. Role may lead to a hybrid working model.
What is in it for you?
• Creating Impact in Different Sectors: Dias' projects that include technology solutions create great economic and social impacts with its wide stakeholder networks. By taking part in the development of these projects, you can gain rich experiences and contribute to the benefits that will make a difference throughout the country.
• Taking Initiative in Innovative Projects: The opportunity to work in a dynamic and innovative work environment where you can take initiative in the design of projects that have not been implemented before awaits you.
• Work and Life Balance: In our different offices throughout Istanbul, you can work in harmony with our valuable team members in a work environment that supports work and private life balance.
• Culture that values people: You can have the chance to be a part of a technology group that sees human resources as the most important value.
Key Skills
Ranked by relevance
Related Jobs
3 roles aligned with this opportunity
Senior Software Engineer
2026-06-16
Cybersecurity Engineer
2026-06-19
Software Engineer
2026-06-19
- Posted
- Apr 02, 2025
- Type
- Full-time
- Level
- Associate
- Location
- Istanbul
- Company
- DİAS Teknoloji
Industries
Categories
Related Jobs
3 roles aligned with this opportunity
Senior Software Engineer
2026-06-16
Cybersecurity Engineer
2026-06-19
Software Engineer
2026-06-19