Job Overview:

Responsible for developing and executing enterprise information security strategies that comply with Turkish laws and regulations (such as KVKK and Law No. 5651 on Internet), ensuring data privacy, network security, and business continuity. Lead responses to localized cyber threats and regulatory compliance requirements in Turkey.

Key Responsibilities:

• Ensure that company operations comply with the Turkish Personal Data Protection Law (KVKK), data protection regulations in electronic communications, and cybersecurity directives for the financial industry.
• Regularly submit compliance reports to the Turkish Personal Data Protection Authority (KVKK Kurumu).
• Identify Turkey-specific cyber threats (e.g., APT attacks targeting financial infrastructure).
• Implement an Information Security Management System (ISMS) that meets Turkish Standard (TS 13613).
• nterface with regulatory bodies such as the Banking Regulation and Supervision Agency (BDDK) and the Capital Markets Board (SPK).
• Train local teams to understand the Turkish cybersecurity culture and legal environment.

Qualifications:

Required

• Bachelor's degree or higher in Computer Science/Information Security.
• Over 3 years of experience in information security management.

Preferred

• Experience with security projects in Turkish government or financial institutions.
• Familiarity with the Turkish Digital Signature (E-İmza) system integration.
• Understanding of Turkish cybersecurity incident response standards (BTK Yönergesi).