Information Security and Governance Specialist

We are looking for a motivated and detail-oriented Information Security and Governance Specialist to join our Cyber Security team. In this role, you’ll be instrumental in both protecting our digital assets and ensuring that our information security policies, standards, and practices align with regulatory and organizational requirements.

Qualifications

Bachelor’s degree in Information Security, Computer Science, or a related field.

At least five years' experience in Information Security or IT Governance role,

Experience with security standards/frameworks such as ITIL, ISO 27001, ISO 27701, and others,

Knowledge of local and international regulations concerning data privacy, including personal data protection laws,

A strong understanding of network, application, and data security principles,

Familiarity with security products and services like SIEM, DLP, and IDS/IPS,

Professional certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor, or similar is preferred,

Good to have experience with cloud security, including AWS, Azure,

A willingness to learn new technologies and emerging products,

Excellent command of English, both written and spoken.

Job Description

Develop and sustain security policies, standards, and procedures for the organization.

Ensure compliance with relevant security regulations and frameworks (e.g., ISO 27001, NIST, GDPR).

Collaborate with IT and other departments to enforce best security practices.

Assist in risk assessments, audits, and security reviews.

Implement the technical requirements outlined in the Personal Data Protection Law (KVKK, GDPR).

Oversee data integrity and protection processes within the organisation.

Coordinate both external and internal IT audit activities, monitor controls associated with the audits, and report findings to management.

Conduct vulnerability assessments and penetration testing.

Identify, analyze, and respond to security threats and incidents.