As a Turkey Information Systems Security Officer in Central Europe, Middle East, Sub-Sahara Africa and Turkey Cybersecurity and Technology controls team, you will contribute to the successful management of technology-aligned aspects of Governance, Risk, and Regulatory Compliance in line with the firm's standards and country specific requirements. Leverage your broad knowledge in risk management principles and practices to assess and monitor risks and implement effective controls. Your role in regulatory compliance assessments, risk identification, control evaluation, and security governance is crucial in advising on complex situations and enhancing the firm’s risk posture. Through collaboration and analytical skills, you will contribute to the overall success of the Technology Risk & Services team and ensure compliance with regulatory obligations and industry standards.
Job responsibilities
- Assess and monitor technology risks, ensuring compliance with firm standards, Turkey regulatory requirements, and industry best practices
- Support regulatory audits
- Support implementation of effective controls in collaboration with cross-functional teams and stakeholders
- Evaluate the effectiveness of existing controls, identify gaps, and recommend improvements to mitigate risks and enhance the firm's risk posture
- Analyze complex situations, provide advice on risk management strategies, and support the implementation of risk mitigation measures
Required qualifications, capabilities, and skills
- Bachelor’s degree or 5+ years of experience in an International Bank’s technology risk management, information security, or a related field.
- Experience in risk identification, assessment, and control evaluation, with a strong understanding of industry standards.
- Demonstrated ability to analyze complex issues, develop and implement risk mitigation strategies, and communicate effectively with senior stakeholders.
- Proficient knowledge of risk management frameworks, regulations, and industry best practices
- Excellent proven problem-solving and troubleshooting skills.
- Good interpersonal and stakeholder management skills.
- Fluent in writing, speaking, and listening in Turkish and English
- Ability to handle multiple issues through channels like intake portal, symphony, and emails.
- Ability to document business processes and flows.
- Ability to work with technology teams to integrate systems into business operations and services.
- General knowledge about Cloud (AWS, Azure, GAIA etc)
Preferred qualifications, capabilities, and skills
- CISM, CRISC, CISSP, or other industry-recognized risk and risk certifications preferred