Audit, Compliance&Risk Management Team Member, İstanbul | Koç Kariyerim

Our employees are the source of our strength.
We want you to help us grow with the vision of becoming Turkey's most valuable and most preferred industrial company!

We are looking for a passionate, talented “Audit, Compliance & Risk Management Team Member” to join our Audit, Compliance and Risk Management Team. As a Audit ,Compliance & Risk Management Team Member, you will be responsible to ensuring that information systems and infrastructure are secure, compliant and resilient to risks. In this position, you will be responsible for performing audits, compliance, awareness and risk assessments on IT systems and infrastructure. You will work with a community of colleagues across technology and business functions. With its hybrid working model, the location is based in Sancaktepe/Istanbul.

Description:
Audit ,Compliance and Risk Management Team Member,
Coordinate Information Security, checks the compliance of processes within the department, performing supplier audits within the framework of agreements, ensuring that the security requirements of applications and infrastructures are met, detecting nonconformities, reporting them and ensuring their closure, ensuring that Information Security incidents are resolved in accordance with the procedure. Evaluates risks. Typically reports to department leaders.
Your Place in the team:
• Risk assessments on IT systems and infrastructure
• Perform and participate in audits at various Ford Otosan locations and external entities. (Dealer, Supplier, Ford
Inspections, 27001 Inspections, Cyber Security Inspections, Information Security Inspections, Koç Holding
Inspections, 3rd Party Inspections, etc.)
• Manage information technology compliance activities related to laws, regulations, and standards.
• Identifies vulnerabilities and risks and recommends solutions to mitigate them
• Reports and presents audit and risk assessment results
• Works on Information Security Awareness
• Collaborating with our Romania Location to address information security developments and risks, and co-creating
solutions
• Supports Operational Technology compliance
• Collaborates with the department and other teams

• Graduate of a 4-year university's computer science, mathematic ,industrial engineering or related departments,
• At least 5 years of experience in a professional working environment related to Information Security,
• Knowledgeable about IT management frameworks such as COBIT, ISO 27001, ITIL
• Able to evaluate compliance with the laws (KVKK, Law No. 5651, UN Regulation No. 155 Cyber security and cyber
security management system atc.), legislation and standards that need to be compliance within the scope of
Information Technologies, in terms of Information Security, and manage the necessary compliance activities.
• Knowledge of cybersecurity risk elements including vulnerability, cyber threat, likelihood, impact, mitigation and
remediation.
• Able to check that the security activities required for Information Technologies activities are operated in accordance
with the defined security processes,
• Experienced in cyber security, risk management or risk assessment for cloud and on-prem data centers,
• Able to perform information security audits of critical suppliers,
• Preferably have at least one of CRISC, CISSP, ISO27001 LA certificates
• Knowledgeable in Business Continuity and Disaster Recovery processes
• Giving importance to self-improvement and continuous learning
• Fluent in English
• Close to teamwork, high personal motivation