The #1 platform that brings everything marketing and customer engagement teams need in one place, to become unstoppable.
Information Security Specialist
Location
Turkey
Posted
77 days ago
Salary
0
Seniority
Senior
Job Description
Information Security Specialist
Insider One
• We are looking for a highly motivated and detail-oriented Information Security Specialist to join our growing security team. The ideal candidate will be responsible for ensuring the organization’s compliance with security standards such as ISO 27001 and SOC 2 Type 2, managing business continuity processes, and supporting security governance on AWS environments. This role requires a proactive mindset, strong technical knowledge, and a good understanding of both internal IT systems and regulatory frameworks like KVKK and GDPR. • Drive the implementation and continuous improvement of the ISO 27001 Information Security Management System (ISMS) • Conduct and document internal audits and follow up with action plans • Coordinate and enhance business continuity and disaster recovery processes • Support SOC 2 Type 2 compliance efforts and evidence collection • Provide governance support for AWS infrastructure and cloud security configurations • Collaborate with internal Red Team and Blue Team to follow up on technical findings • Maintain, update, and implement security policies, standards, and procedures • Plan and execute security awareness programs (training, campaigns, gamification, etc.) • Assess third-party security through security assurance reviews • Support security incident handling and security reporting processes • Provide input on privacy regulations (KVKK, GDPR) and ensure alignment with global policies • Act as a security consultant to business units and IT teams
Job Requirements
- Deep knowledge of ISO 27001, internal audits, and risk management practices
- Experience in Business Continuity Management (BCM) processes
- Hands-on knowledge of AWS services and cloud governance best practices
- Familiarity with the SOC 2 Type 2 framework and security control families
- Solid understanding of databases, data classification, and data protection methods
- Strong documentation and reporting skills, especially for audit and compliance deliverables
- Experience in preparing and filling out customer security requirements
- Understanding of KVKK, GDPR, and related data privacy regulations
- Strong analytical thinking and ability to ask the right questions
- Ability to follow through on complex tasks with minimal oversight
- Excellent written and verbal communication skills
- Strong interpersonal skills; ability to collaborate with technical and non-technical teams
- Ability to understand the business value of security within the product and tech ecosystem
- Capable of organizing and reviewing the security posture of network, application, and endpoint layers
- Comfortable providing consultancy and training to internal stakeholders
- Willingness to provide on-call support when necessary
- Takes ownership of complex security projects and delivers end-to-end
- Works cross-functionally to re-test, validate, and close security findings
- Capable of raising internal tickets and driving the resolution of issues found via audits or reviews
- Actively contributes to team collaboration and gives constructive feedback
- Maintains a positive mindset and can communicate clearly with both internal and external partners
- Advanced in English (written and spoken)
Benefits
- Enjoy a monthly meal allowance designed to enhance your daily routine.
- Access comprehensive private health insurance.
- Feed your curiosity with access to Spotify, LinkedIn Learning, Blinkist, MasterClass, Neoskola, and CloudGuru.
- Level up with internal trainings covering AI fundamentals, coding, foreign languages, and a wide range of personal development skills.
- Be part of a diverse team that’s as global as it gets, where every voice is heard and 50+ nationalities build together.
- Become a Shareowner through our eligibility-based “ESOP” and own a piece of what you build.
- Help build the team you want to work with and enjoy rewarding referral bonuses.
- Opportunities to give back to your community through volunteering and purpose-driven social impact projects.
- From global retreats to team-building activities, expect year-round events that turn into lifelong memories.
- Get inspired by the greatest minds in the tech industry through events like our Tech & Dev Talks.
- Work from anywhere in Turkey through our fully remote setup.
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Senior Security Engineer – Blue Team
Insider OneThe #1 platform that brings everything marketing and customer engagement teams need in one place, to become unstoppable.
• Management and Maintenance of SIEM Tools: Configuring, monitoring, and enhancing SIEM functionalities. • Rule Creation and Optimization: Developing rules, reports, dashboards, and use cases to detect threats and attacks. • Threat Analysis: Analyzing threats using logs, IPS/IDS, cyber intelligence reports, and other data sources. • MITRE ATT&CK Framework Integration: Reviewing existing rules and developing new attack detection scenarios. • Incident Response: Taking an active role in detecting, analyzing, and mitigating security incidents. • False Positive Reduction: Working with CDC Engineers to optimize detection logic and minimize false positives. • Log Management: Importing and troubleshooting logs from various security products and company-wide log sources. • Security Metrics & Reporting: Defining and monitoring key security metrics, creating dashboards and reports. • Database and EDR Tool Management: Maintaining, optimizing, and enhancing security configurations. • Cyber Intelligence & Threat Hunting: Staying updated with the latest cyber threats and integrating threat intelligence into security operations.
Senior Security Engineer – Red Team
Insider OneThe #1 platform that brings everything marketing and customer engagement teams need in one place, to become unstoppable.
• performs web, mobile application, and internal penetration tests, source code reviews, threat analysis, social-engineering assessments, • supports blue teams when needed, • researches new attack vectors and stays current with cybersecurity news and trends, • trains Quality Assurance and Development teams in standard security testing techniques and secure software development.
• Drive ISO 27001 certification and SOC 2 Type II attestation initiatives end-to-end • Build and mature NetBrain’s GRC (Governance, Risk & Compliance) program • Translate compliance framework requirements into practical security policies and procedures • Define and enforce IAM (Identity & Access Management) standards • Implement and manage SIEM platforms for centralized security monitoring • Own the vulnerability management lifecycle • Develop and maintain incident response plans, playbooks, and escalation procedures • Evaluate and manage third-party vendor risk • Design and deliver security awareness training programs • Serve as the trusted security subject matter expert across business units
Senior Offensive Security Consultant – Alpha Group
VerSprite CybersecurityA counterculture cybersecurity firm emulating cybercriminal intent for the purposes of refined risk identification.
• Lead penetration testing engagements across web applications, APIs, and enterprise infrastructure • Perform advanced application security testing including business logic flaws and authentication weaknesses • Conduct internal and external network penetration testing • Lead Red Teaming engagements. • Perform threat modeling exercises (e.g., PASTA methodology) • Conduct cloud security assessments across AWS, Azure, and GCP • Perform mobile application security testing (Android and iOS) • Develop custom payloads and exploitation techniques • Produce detailed technical reports including proof-of-concept exploitation scenarios • Communicate technical findings and risk to client stakeholders • Mentor junior consultants during engagements • Contribute to internal research initiatives and security methodology improvements
