Security Governance, Risk & Compliance (GRC) Engineer

İstanbul, Turkey
Engineering – Security /
Permanent Full-Time /
Hybrid
Apply for this job
At Midas, we are working on real-life engineering problems to transform the world of finance.

We build the fastest products with the purpose of delivering a seamless experience for everyone to manage their money.

At Midas, security is not just a technical domain—it's a business imperative. As a Security GRC Analyst, you will play a key role in defining, measuring, and improving our security posture through robust governance, clear policies, and effective risk management. You'll collaborate across teams to ensure that our fintech operations are secure, compliant, and aligned with regulatory and industry best practices.

What You’ll Ship:

    • Help build development and enforcement of security policies, standards, and procedures across the organization
    • Lead efforts to monitor, interpret, and implement regulatory obligations (e.g., KVKK, MASAK, SPK, ISO 27001), and keep the company ready for audits and regulatory changes.
    • Lead the creation of a ‘Trust Center’ to transparently communicate our security and privacy posture to customers and partners.
    • Set standards and deliver policies on data privacy and consumption for internal & external customers
    • Track, document, and report on the status of security controls, audits, and compliance initiatives
    • Support the design, implementation, and continuous improvement of the information security governance framework
    • Collaborate with security, engineering, infrastructure, and product teams to align controls with business and technical processes
    • Promote security awareness and risk ownership across business units through structured communication and training initiatives

What You’ll Bring:

    • Proven experience in security governance, risk management, or compliance roles
    • Solid understanding of information security principles and regulatory frameworks (e.g., ISO 27001, NIST CSF, COBIT, KVKK, SPK)
    • Familiarity with risk assessment methodologies and tools
    • Experience in writing and maintaining security documentation and policies
    • Ability to translate regulatory and technical requirements into actionable internal processes
    • Strong communication skills with both technical and non-technical audiences
    • A structured, detail-oriented mindset with a passion for consistency and accuracy
    • Fluency in English 
    • Nice to have: Experience working in regulated environments such as fintech, banking, or SaaS
Curious about our tech stack?
Take a look: https://stackshare.io/getmidas/midas-engineering
Also check out our engineering blog: https://engineering.getmidas.com/
Midas Engineering Twitter: https://twitter.com/midas_eng

Why Join Us?

Play to Win, Build with the Best
Collaborate with the brightest minds, who challenge you to grow every day.

Dare to Disrupt
Become an outlier and turn bold ideas into groundbreaking realities.

You will be fully equipped for success:

Great compensation for great talent.
Holistic support for health, well being and nutrition.
Tools to Thrive – everything you need to perform at your best.

Curious about our tech stack?
Explore it here: https://stackshare.io/getmidas/midas-engineering
Check out our blog for engineering challenges: https://engineering.getmidas.com/
Follow Midas engineering X account: https://x.com/midas_eng

Be an Outlier, Build the Future of Money!
Apply for this job

Midas Home Page

Jobs powered by Lever logo