Information Security Specialist

Sisal Sans, established in partnership with Sisal S.p.A and Demirören Holding, is an organization that provides services in both the retail and digital sectors, authorized to carry out the games of chance in Turkey for 10 years in 2020.

We are looking for an Information Security Specialist to join our team and play a critical role in safeguarding the confidentiality, integrity, and availability of our clients’, employees’, and business partners’ data. The position reports to the Head of Information Security.

Responsibilities

Monitoring regulations

• Monitor ISO 27001 & WLA SCS regulations to ensure that the compliance program is kept updated.
• Collaborate with the Compliance Team to monitor compliance with legislation provisions and maintain up-to-date documentation.

Information Security Risk Management

• Participate in risk identification and assessment processes in line with ISO 31000 standards.
• Support the Head of Information Security in defining and mitigating risks.

Information Security Governance

• Oversee and guide all activities within the scope of Information Security Governance, in line with the directives of the Head of Information Security
• Provide training to new trainees and general oversight to business partners, employees, and alliances to ensure appropriate information security clearance
• Prepare and update Information Security Management procedures and policies in alignment with stakeholder documentation
• Support internal and external audits to maintain certifications
• Prepare and deliver internal audit reports.

Operations

• Review and analyze PAM logs
• Monitor and update firewall rules
• Manages e-mail archiving system
• Administer Data Loss Prevention (DLP) systems

Skills and Qualifications

• Strong command of written and spoken English.
• Bachelor’s degree in Computer Science or a related field.
• In-depth knowledge of ISO 27001 and related standards; ISO 27001 Internal Auditor certification required.
• Hands-on expertise in DLP, NAC, PAM, and firewall technologies.
• Additional certifications such as CISSP, CISM, or CISA are highly advantageous.

“Suitability for the job is the only criterion evaluated in the recruitment and employment. We provide candidates with equal opportunity without any discrimination.”

“Please refer to https://sisalsans.com/tr/internal-kvkk to review our enlightenment notice on processing personal data pursuant to Law No. 6698 on Protection of Personal Data.”