Bilgi Güvenliği Yöneticisi

Açıklama:

QUALIFICATIONS AND JOB DESCRIPTION

We are looking for a "GRC Manager" who has the following qualifications and competencies for our company operating in the fields of Cyber Security and Information Security.

Job description:

• Customers' DDO BIGR, ISO 27001 ,KVKK, GDPR, ISO 27701 , ISO 22301, NIST and other information security compliance projects, to prepare and update the necessary documentation, to ensure the effectiveness and sustainability of the management systems by taking the determined actions,

• Performing information technologies risk management and analysis activities,

• Creating information security strategies and ensuring that policies are created in accordance with those strategies,

• Establishing and updating procedures (processes) within the scope of information security strategies and policies,

• By constantly following the information security standards, ensuring that the necessary updates are made in the processes of the customers within the scope of the updated standards,

• To determine the situations arising from the lack of information security to prepare/update trainings for awareness and implementation and to provide trainings to customers,

• To plan and implement the necessary activities for the establishment of the internal audit structure of the customers,

• To carry out/manage the communication and operation processes necessary to meet customer demands in the most effective way,

• Working in cooperation and coordination with the sales, business development and MSSP departments by taking part in the process of determining the human resources and technologies that customers will need within the scope of information security processes,

• To provide active support to new customer acquisition processes,

• To plan and manage team member

• To prepare reports on all activities carried out and present them to the senior management.

General Qualifications:

• Preferably graduated from Computer Engineering, Computer Science, Management Information Systems and similar engineering departments of universities,
• Fluent in English,
• Has ISO 27001 Lead Auditor certificate,
• Take part in ISO 27001 certification processes for at least 5 years,
• Experienced in ISO 27001 implementation processes,
• Knowledge and experience in KVKK and/or GDPR processes,
• Preferably has ISO 27701 and ISO 22301 Lead Auditor certificate,
• Preferably holding the DDO BİGR D1-D2 auditor certificate and having knowledge about audit processes,
• Preferably has knowledge of NIST,
• Preferably holds PMP certificate and has project management experience,
• Preferably has ITIL and/or COBIT certificates or has knowledge and experience about these processes,
• Able to work result-oriented with analytical thinking and problem-solving competencies,
• Able to work in teams, give importance to personal development and closely follow new technologies,
• Not related to military service for male candidates,
• Active driver,
• Knowledgeable about MS Office programs,
• No travel and accommodation barriers.

If you want to be a part of this team composed of cyber artists, we are waiting for your application!