Information Security Engineer - Security and Risk Management
Istanbul / Maslak
Engineering, Technology & Product – Tech Security /
Full-time /
Hybrid
About the Team
At Trendyol Tech, our mission is to create a positive impact in our ecosystem by enabling commerce through technology.
We solve complex problems with data, creativity, and agility — always driven by real outcomes. With a culture built on learning, collaboration, and ownership, we grow together while building what’s next.
About the Role
As an Information Security Specialist, you'll be a key part of our team, responsible for developing and implementing security policies and procedures. This role involves more than just risk management; you'll also ensure our systems and products meet critical compliance standards like KVKK, GDPR, and PCI-DSS. You'll use your expertise to conduct technical reviews, manage security incidents, and collaborate with engineering, product, and legal teams to mitigate risks and maintain a robust security posture.
Responsibilities
- Development and implementation of security policy, standards, guidelines and procedures to ensure ongoing maintenance of security, risk, and compliance.
- Good knowledge of operating systems, network infrastructure, firewalls, and database security,
- Identifying security risks, creating and monitoring an action plan to eliminate risks
- Maintaining KVKK, GDPR, PCI-DSS, ISO 27001, BDDK, TCMB and ETK compliance and periodic audits and controls within this scope. Also, help the Technology team in the phase of implementation of these regulations.
- Taking part in periodic and effective user awareness programs
- Helping to reduce information security risks generated inside Trendyol
- Monitor and manage the security risks coming from third parties
- Conduct technical reviews for new features and identify security, privacy, and compliance risks. Work closely with technical and non-technical teams, including Engineering, Product and Legal in order to mitigate security, privacy and compliance risks.
- Fluency in English
Expected Qualifications
- 5+ years of experience in security
- Proficiency in developing information security policies and procedures
- Proven records of executing programs that meet the objectives of excellence in a dynamic environment
- Play a key role in driving large cross-company security, privacy, and compliance reviews of products and features.
- Being a critical thinker, with strong problem-solving skills and also having project management skills
- Manage information security related incidents,
- Knowledge and understanding of relevant legal and regulatory requirements, such as PCI-DSS, KVKK, GDPR, TCMB, and BDDK regulations
- Having CISSP certification
- 2+ years of experience with Security Risk Management and Banking regulations
- Having experience with coding and system design review
What We Offer
- Hybrid working model with flexibility: a schedule that helps you find the right balance between flexibility and team bonding, including work-from-abroad opportunities and a summer working model.
- Customisable FlexBenefits budget: Adjust your daily meal allowance, choose your health insurance package (and extend it to your spouse or children), and pick from additional benefits like fuel support or Trendyol shopping credits.
- Well-being support: Access to location-based in-house doctors, as well as psychologist and dietitian support, and HPV vaccination provision.
- Personalised training allowance and learning opportunities: Use your annual budget for any training or conference of your choice, explore our Learning Management System (LMS) anytime, and join in-person learning sessions offered throughout the year.
- Responsibility from day one: Take full ownership from the start in a culture where every voice is heard and valued.
- A diverse, international team: Collaborate with global peers across our offices in Berlin, Amsterdam, Dubai, and beyond, in a startup-spirited and collaborative environment.
- Opportunities to grow with the best: Tackle meaningful challenges, develop through hands-on experience, and grow with the support of expert guidance and global mentoring.
- Meaningful connections beyond tasks: Be part of team rituals, events, and social activities that help us stay connected and inspired.
Take the Next Step
If this role excites you, apply today, we look forward to taking the next step with you.
Want to get to know the team better first? Explore our Career Website, LinkedIn, or YouTube to learn more about #LifeatTrendyol and how we work.
