Overview
Information Security Manager Jobs in Istanbul, Türkiye at Token Finansal Teknolojiler
Title: Information Security Manager
Company: Token Finansal Teknolojiler
Location: Istanbul, Türkiye
Token Financial Technologies is a company of Koç Group, the largest conglomerate in Turkey. Token produces revolutionary, innovative products, value-added retail and payment services for retailers and creates a safe open platform for the Fintech ecosystem. Token creates the devices and infrastructures to deliver intelligent payment and retail platforms, which shape future products and services while creating new revenue streams.
What we expect
Want to be a part of the future of payment systems? Come and join us!
Token transforms insights into real-world products and hence create an exceptional seamless customer experience allowing merchants to run their business at maximum efficiency. We are looking for aLead / Manager – Information Securitywho will work forToken Payment Services and E- Money Team/ Ödero.
Job description
• Focusing on the improvement of Information Security to prepare a checklist for the information security management system and perform periodical checks),
• Reviewing and updating Information Security Policies and Procedures annually and as needed and executing necessary approval processes. Conducting reviews and controls necessary for the implementation of policies and procedures,
• To conduct controls and compliance requirements with merchants and business units for service excellence and work with internal/external auditors accordingly,
• Conducting information security audits with relevant authorities,
• Analyzing needs, communicating with business units to manage service quality and KPIs,
• Reporting to IT Director, Internal Control Manager, Risk Management Director and relevant parties based on compliance assessments for information security,
• Conducting creative activities for Information Security awareness,
• Reviewing and controlling the effectiveness of log management activities; responding to log requests from legal authorities and/or internal business units,
• Reviewing the access levels and rights of end-users within the institution for network/server/application/automation/data; establishing and documenting user account and password policies, as well as the institution’s Information Security policies,
• Taking necessary preventive, detective and corrective actions to prevent Information Security breaches,
• Conducting periodic Information Security Assessment studies,
• Executing controls and reports related to information security legislation, CBRT, and Board of Directors,
• Verifying that all system backups are accessible and stored in compliance with regulations,
• Periodically evaluating the effectiveness and adequacy of third parties,
• Periodically monitoring and reviewing third parties’ access,
• Analyzing needs arising from studies and controls conducted for information security and ensuring necessary improvements are fulfilled,
• Checking the regular update of information system inventories (data inventory, asset inventory, and hardware inventory) and associating them with risks,
• Periodically reviewing information security risks based on legislation, national, and international standards and following up on action plans to remediate findings.
• Conducting risk analysis studies requested in audits based on national and international standards.
Qualifications
• A Bachelor’s Degree in a relevant discipline (e.g., Engineering, MIS, Business) is required.
• A Master’s Degree in a relevant discipline is preferred.
• More than 8 years of …
