Risk and Compliance Manager

At Hepsiburada, we are driven by our mission to improve people's lives by developing innovative products and services. Prioritizing customer satisfaction, we offer over 280 million products across more than 30 categories. Through our marketplace model, we bring together over 100,000 businesses. With Türkiye’s and the region's largest Smart Operations Center, industry-leading R&D initiatives, and innovative solutions, we contribute significantly to the growth of the e-commerce ecosystem. For the past two years, we have proudly held the title of Turkey's most recommended e-commerce platform.

Through our innovative services like HepsiJET, Hepsipay, HepsiLojistik, HepsiAd, and Hepsiburada Global, we create value for all our stakeholders. Committed to harnessing technology for social benefit, our “Technology Empowerment for Women Entrepreneurs” program has connected thousands of women entrepreneurs with e-commerce, supporting their growth. Our goal is to leverage digitalization and e-commerce to enable greater economic participation.

With 25 years of experience driven by innovation and entrepreneurship, we proudly continue our journey as “Türkiye’s Hepsiburada” and the first and only Turkish company listed on NASDAQ, the world's leading technology exchange.

For our colleagues, we offer a work environment that supports creating together and adding more meaning to our work. As a team full of opportunities, we are happy to develop, produce and succeed together.

If you want to be part of a team that creates value for everyone and makes life easier through innovative products and services—and contribute to exciting success stories—the future starts here.

Our Requirements:

• Graduated from Computer Science, Information Technology, Engineering Department from Reputable Universities,
• Minimum 7 years proven experience in ITGC processes and enterprise risk management, or risk consulting,
• Experience in internal auditing, external auditing, and IT compliance
• Strong knowledge of international standards such as ISO, COBIT, ITIL related to ITGC and auditing,
• Strong knowledge of BDDK and TCMB regulations, with a deep understanding of relevant guidelines and compliance requirements,
• Proven experience in Enterprise Risk Management (ERM), including identifying, assessing, and mitigating risks across various business functions,
• Experienced in GRC tool implementation and scenario creating processes is an asset,
• CIA or CRMA certification is strongly desired,
• Excellent command of English,
• Proficient in the use of Microsoft Office Programs, Data analysis experience and SQL knowledge will be an asset,
• Proactive, take decisions in strategic steps, hard worker, enjoy details,problem solver,
• The ability to manage multiple projects in a high-pressure environment,
• Strong analytical, process, business improvement, risk management, and systems skills.

Your Responsibilities:

• Lead the design, implementation, and monitoring of ERM processes across the organization.
• Monitor and track the company's risk landscape as part of the Enterprise Risk Management (ERM) framework, ensuring all risks are identified, assessed, and mitigated in line with regulatory and internal guidelines
• Oversee ITGC procedures in alignment with internal and external audit reports, ensuring compliance with relevant standards.
• Provide consulting on BDDK and TCMB information systems regulations, ensuring alignment with the latest regulatory guidelines and supporting the implementation of required compliance measures
• Perform risk assessments and control evaluations related to IT systems.
• Recommend and implement improvements for key ITGC areas such as application security, access controls, change management, and backup processes.
• Guide and collaborate with internal audit and compliance teams to ensure ITGC processes align with organizational objectives.
• Monitor the performance of IT controls and take actions to enhance their effectiveness.
• Organize training and awareness programs to foster a culture of information security across the company.

"Bu ilan sebebiyle yapacağınız başvurular aracılığıyla toplanacak kişisel verileriniz veri sorumlusu D-Market Elektronik Hizmetler ve Ticaret A.Ş (“Hepsiburada”) tarafından 6698 sayılı Kişisel Verilerin Korunması Kanunu (“KVKK”) ve ilgili mevzuat kapsamında iş başvuru süreçlerinin yürütülmesi amacıyla otomatik yollarla işlenecektir. Detaylı bilgi için lütfen Aydınlatma

Metni’ndeki Çalışan Adayı (https://www.hepsiburada.com/kisisel-verilerin-korunmasi) kişi kategorisini inceleyiniz.”