Information Security Risk Management Expert

About the job:

The Cyber Security Risk Professionals ensures that all projects and operations within the organization are carried out with a risk-aware perspective. The role is responsible for identifying, analyzing, and managing cyber security risks, while contributing to the development and implementation of the company’s corporate risk management framework and mitigation strategies.

This position will be

• Identify, assess and monitor information security risks to organizations information systems and data.
• Conduct security risk assessments on systems, applications, vendors, and business processes to identify potential information security threats and vulnerabilities.
• Conduct comprehensive information security and privacy risk assesments based on ISO27001 and ISO 27701 frameworks.
• Align and collborate with compliance team to fullfill regulatory standards and meet risk process requirements.
• Collaborate with IT, security, and business units to document and track mitigation strategies for identified risks.
• Recommend security controls and mitigation strategies to reduce identified risks. Collaborate with IT teams to implement controls.
• Track remediation efforts and verify effectiveness of implemented controls.
• Continously monitor risks, organizations risk posture and risk register.
• Develop and maintain risk registers and dashboards.
• Assess and explain technical risks to C levels and stakeholders
• Prepare and deliver periodic risk assesment reports to senior management.
• Provide clear and concise risk reports and updates to CISO and C levels.

How we describe perfect match

• Technical knowledge in security (applications, systems and related environments)
• Experience and knowledge in information security risk analysis and assesment.
• Experience and knowledge in ISO 27001 and ISO 31000 standards
• Holding the industry certificates like, CRISC (preferred), CISM.
• Ability to advise on how to mitigate security risks is essential.
• Demonstrated success in implementing security controls and risk mitigation strategies.
• Experience in cybersecurity risk assesment frameworks(e.g., NIST) and developing policies.
• Strong understanding of cyber threat landscapes, vulnerability management, data protection and privacy
• Ability and knowledge in analyzing threat intelligence and vulnerability reports to assess impact and prioritize responses.
• Experience in working with different departments to document and track mitigation strategies for identified risks.
• Experience in working with compliance/legal departments to address regulatory standards
• Min 5 years experience in information security area.
• Experience in risk reporting, C level reports/presentations.
• Strong communication and presentation skills (especially to executive leadership).
• Ability to assess and explain technical risks to non-technical stakeholders.
• Analytical thinking and attention to detail.

Who We Are?

We are the technology leader of the aviation and air cargo industry in Turkey! We are an innovative and successful team that does not fit into the mold, constantly enlarges its target and pushes the standards in global competition...

We design and develop technology with the spirit of R&D, where human, engineering and software are the most perfect components. We use trend technologies such as big data, cloud computing, artificial intelligence, fintech, cybersecurity and blockchain which we can compete in the sky. We move forward confidently and successfully with the power of our knowledge and experience into the future.

Obviously, We don't dream too much as “what will happen in the future?”, because we are designing the future from today...

We are a strong team of more than 2000 valuable talents that shed their minds in offices equipped with modern technology in Istanbul, Ankara and Izmir. Team play is our favorite system! We focus on the same goal – winning – and continue to work together with the motivation to achieve this.

If you want to have your name in the success story of a globalizing company, we look forward to your application to the winners team!

Benefits Of Working With Us

In addition to having the opportunity to grow and be challenged, and to be part of a life, our people enjoy a range of rewarding benefits:

• Flexible working arrangements, generous personal, parental and cultural leave
• Competitive remuneration
• Free and subsidized health and wellbeing services
• Discounts on a wide range of products and services
• Career development opportunities
• A buddy who will guide and accompany you during your onboarding process
• A great number of online courses and technical trainings that will support your development
• Personalized development plan for you
• Using CED & Pass Flight for travelling experience with your family
• Support payment for childcare

Be Yourself

We value the unique backgrounds, experiences and contributions that each person brings to our team and encourage and celebrate diversity.

If you would like to get to know more about Turkish Airlines Technology, please follow us on Instagram and LinkedIn;

https://www.instagram.com/turkishairlinstechnology/

https://www.linkedin.com/company/thyteknoloji/