Token Financial Technologies is a company of Koç Group, the largest conglomerate in Turkey. Token produces revolutionary, innovative products, value-added retail and payment services for retailers and creates a safe open platform for the Fintech ecosystem. Token creates the devices and infrastructures to deliver intelligent payment and retail platforms, which shape future products and services while creating new revenue streams.
What we expect
Want to be a part of the future of payment systems? Come and join us!
Token transforms insights into real-world products and hence create an exceptional seamless customer experience allowing merchants to run their business at maximum efficiency. We are looking for a Lead / Manager - Information Security who will work for Token Payment Services and E- Money Team/ Ödero.
Job description
• Focusing on the improvement of Information Security to prepare a checklist for the information security management system and perform periodical checks),
• Reviewing and updating Information Security Policies and Procedures annually and as needed and executing necessary approval processes. Conducting reviews and controls necessary for the implementation of policies and procedures,
• To conduct controls and compliance requirements with merchants and business units for service excellence and work with internal/external auditors accordingly,
• Conducting information security audits with relevant authorities,
• Analyzing needs, communicating with business units to manage service quality and KPIs,
• Reporting to IT Director, Internal Control Manager, Risk Management Director and relevant parties based on compliance assessments for information security,
• Conducting creative activities for Information Security awareness,
• Reviewing and controlling the effectiveness of log management activities; responding to log requests from legal authorities and/or internal business units,
• Reviewing the access levels and rights of end-users within the institution for network/server/application/automation/data; establishing and documenting user account and password policies, as well as the institution's Information Security policies,
• Taking necessary preventive, detective and corrective actions to prevent Information Security breaches,
• Conducting periodic Information Security Assessment studies,
• Executing controls and reports related to information security legislation, CBRT, and Board of Directors,
• Verifying that all system backups are accessible and stored in compliance with regulations,
• Periodically evaluating the effectiveness and adequacy of third parties,
• Periodically monitoring and reviewing third parties’ access,
• Analyzing needs arising from studies and controls conducted for information security and ensuring necessary improvements are fulfilled,
• Checking the regular update of information system inventories (data inventory, asset inventory, and hardware inventory) and associating them with risks,
• Periodically reviewing information security risks based on legislation, national, and international standards and following up on action plans to remediate findings.
• Conducting risk analysis studies requested in audits based on national and international standards.
• A Bachelor's Degree in a relevant discipline (e.g., Engineering, MIS, Business) is required.
• A Master's Degree in a relevant discipline is preferred.
• More than 8 years of relevant experience in information security and risk management.
• Strong interpersonal skills; Comfortable interacting with team members at all levels.
• Strong communication and presentation skills; Ability to convey complex analyses in technical and non-technical terms (written and verbal).
• Ability to take initiative and work independently under tight schedules.
• Ability to think outside the box.
• Ability to effectively manage multiple projects and priorities simultaneously.
•ISO 27001 or relevant certificate is preferred
What will you find
• An open-minded, innovative and supportive working environment,
• Strong teamwork with Agile principles,
• An international work experience,
• Flexible working hours,
• Birthday leave,
• Continuous technical and leadership development opportunities via Koc Holding Lead programs,
• Emeritus, HBS, Udacity, A Cloud Guru, in-house Token Fintech Academy, Inspiring Talks, etc.
• Social responsibility – “kadın gücü” & “işletmeler büyüsün diye”
Serenay Aksu - Sorumlu – Yetenek Kazanımı ve Gelişimi
Sorunsuz bir Koç Kariyerim deneyimi için Google Chrome, Firefox, Safari veya Microsoft Edge ile giriş yapmalısın.
Daha yüksek ekran çözünürlüğünü desteleyen bir cihaz kullanarak Koç Kariyerim'e giriş yapabilirsin. En az 1024 piksel genişliğinde bir ekrana ihtiyacın var.
-Logo.wine@3x.png){kind=logo}
