Access Security Team Lead

At Hepsiburada, we are driven by our mission to improve people's lives by developing innovative products and services. Prioritizing customer satisfaction, we offer over 280 million products across more than 30 categories. Through our marketplace model, we bring together over 100,000 businesses. With Türkiye’s and the region's largest Smart Operations Center, industry-leading R&D initiatives, and innovative solutions, we contribute significantly to the growth of the e-commerce ecosystem. For the past two years, we have proudly held the title of Turkey's most recommended e-commerce platform.

Through our innovative services like HepsiJET, Hepsipay, HepsiLojistik, HepsiAd, and Hepsiburada Global, we create value for all our stakeholders. Committed to harnessing technology for social benefit, our “Technology Empowerment for Women Entrepreneurs” program has connected thousands of women entrepreneurs with e-commerce, supporting their growth. Our goal is to leverage digitalization and e-commerce to enable greater economic participation.

With 25 years of experience driven by innovation and entrepreneurship, we proudly continue our journey as “Türkiye’s Hepsiburada” and the first and only Turkish company listed on NASDAQ, the world's leading technology exchange.

For our colleagues, we offer a work environment that supports creating together and adding more meaning to our work. As a team full of opportunities, we are happy to develop, produce and succeed together.

If you want to be part of a team that creates value for everyone and makes life easier through innovative products and services—and contribute to exciting success stories—the future starts here.

Responsibilities:

• Ensuring that Identity and Access Management processes are automated, improved and executed effectively by the team.
• Coordinating team activities related to identity, access, role/authorization management, risk, internal control and auditing.
• Managing SoD analyses with the team to ensure compliance with internal and external audits, identifying role conflicts and developing strategies for solution,
• Managing access controls at the application, database and operating system level, planning and implementing measures to minimize security vulnerabilities,
• To direct the processes of preparing and updating identity and access management matrices,
• Creating policies to reduce risks by integrating authority management processes with SOD analysis,
• Leading and executing identity and access management systems (preferably SailPoint) and integration projects,
• Analyzing business needs and planning system design and development activities together with the team,
• Managing periodic review studies to ensure compliance with security policies,
• Supporting the development of team members, distributing tasks and monitoring project deliveries,
• Making strategic plans for the continuous improvement of identity management development and access policies,
• To report regularly to senior management and direct the actions to be taken

Qualifications:

• Graduated from universities with a Bachelor's degree, preferably from Industrial Engineering or equivalent departments.
• At least 7 years of experience in information security, identity and access management, identity lifecycle processes.
• Expert in performing SoD (Segregation of Duties) analyses, capable of identifying role conflicts and developing solution suggestions.
• Experienced in optimizing organizational access policies by analyzing application authorizations.
• Experienced in improving identity and access management (IDM) processes and creating matrix-based authorization processes.
• Strong leadership skills; experience in team management, task distribution and performance monitoring.
• Analytical thinking skills are developed, competent in problem solving, creative, result and solution oriented.
• Advanced presentation, reporting and communication skills with senior management.
• Advanced knowledge of authentication protocols and mechanisms (LDAP, Radius, SAML, OAuth2, etc.).
• Knowledge of the security of operating systems (Linux, Windows).
• Knowledgeable about regulations such as PCI DSS, ISO 27001, KVKK, SOX and experienced in the implementation of these regulations.
• Good written and spoken English communication skills.

https://medium.com/hepsiburadatech

https://stackshare.io/hepsiburada

"Bu ilan sebebiyle yapacağınız başvurular aracılığıyla toplanacak kişisel verileriniz veri sorumlusu D-Market Elektronik Hizmetler ve Ticaret A.Ş (“Hepsiburada”) tarafından 6698 sayılı Kişisel Verilerin Korunması Kanunu (“KVKK”) ve ilgili mevzuat kapsamında iş başvuru süreçlerinin yürütülmesi amacıyla otomatik yollarla işlenecektir. Detaylı bilgi için lütfen Aydınlatma

Metni’ndeki Çalışan Adayı (https://www.hepsiburada.com/kisisel-verilerin-korunmasi) kişi kategorisini inceleyiniz.”