Description

ParamTech is a leading company in the field of financial technology, developing technology for many companies in the fintech industry in Turkey, as well as for Param, Param UK, Finrota, and Kredim. It continues to be a pioneer in the financial technology sector with more than 30 products. We are looking for “Security Compliance Senior Specialist” for our strong team. If you want to work in the fintech industry and be part of both ParamTech's experienced team, and global projects as well as technology transformations, we are looking forward to your application. Basic Qualifications; Bachelor’s Degree in Computer Science, Computer/Math Engineering, MIS or a related technical discipline,4 or more years of experience Information Security, IT Security, IT Audit, IT Risk etc.Preferably one or more advanced security certifications such as; ISO27001-LA, CISSP, CISA, CISM etc.Knowledge and understanding of relevant legal and regulatory requirements, such as PCI-DSS, ISO 27001, KVKK and BDDK regulations,Experienced in GRC tool implementation and scenario creating processes is an asset,Understanding of one or more cloud security standards and frameworks such as CIS, NIST, CSA, etcStrategic thinking based on general knowledge of known frameworks such as ISO27001, NIST-CSF, CIS, and PCI-DSS etc.Experience and passion for learning (technical and professional skills); implementing practices from others; trying, failing, and learning from both successes and failures; sharing practices and knowledge for others’ benefitGeneral knowledge on local regulations which are especially related with information security.Understanding of 3rd Party Cyber Risk Management conceptsGood organizational skills with attention to details and time management skills,Good analytical problem solving skills,Good command of written and spoken English,Having project management skills,Great team player. Responsibilities; Customer and Regulator Issue Management,Standardization and Documentation,Standardize compliance solutions into repeatable approaches,Prepare excellent documentation that exists at the intersection of regulatory requirements and technical features,Handle proactive projects related to compliance, privacy, regulatory affairs, or data governance as assigned,Use knowledge of customer context, solution or portfolio expertise, and technical and industry knowledge to build credibility with customers as a trusted advisor for Microsoft Security and Compliance,Build and maintain relationships with key customer stakeholders and decision-makers, acting as their trusted advisor and advocate,Partner with product and engineering teams to provide feedback and insights from the field, influencing the roadmap,Stay updated on the latest trends and developments in the data governance and compliance domain, sharing best practices and learnings with the broader technical community,Coach the team in addressing customer digital transformation and leveraging insights to align new or changing technology to customer compliance needs,Execute audit programs according to the risk based audit plan and supports delivering the key messages to the business at the end of the audit project,Provide process improvement recommendations having impact on the processes of the company,Follow up the best practices within the related industries, processes and sub-processes and contributes their implementation within company,Perform well-prepared risk analysis to maintain effective and efficient internal control environment within the company,Follow up and ensures all identified findings and their corrective action plans are completed in accordance with the audit methodology,Work closely with process owners to ensure corrective action plans are in place and to remedy gaps in controls,Provide high quality advice, expertise and guidance across of the risk types of technology (including cyber and data) risk,Performing advisory role in internal and external audits, providing subject matter expertise on IT-related matters and assisting in the resolution of audit findings.