Position Overview

• The Information Security Engineer is responsible for ensuring the effective governance of information systems, compliance with international and national information security standards, risk management, and internal audit activities within the company. The role includes monitoring information security processes, implementing controls, raising awareness, and supporting the management of information systems in alignment with the company's strategic objectives.

Key Responsibilities

• Ensure that the necessary objectives are achieved in alignment with the company’s strategic plans.
• Monitor compliance with IT standards and ensure the governance of Information Systems Management Directorate units.
• Oversee Information Security Management System (ISMS) activities in accordance with international standards (ISO 27001, COBIT) and national regulations (Defense Industry Security Directive, etc.).
• Identify and assess risks to company assets, determine risk values, and manage information system risks.
• Plan and implement measures to reduce, eliminate, or transfer identified risks and threats to ensure information security.
• Plan and conduct internal audits related to information systems security, prepare audit reports, and coordinate with relevant units to address nonconformities.
• Participate in the preparation and management of Non-Disclosure Agreements (NDAs) related to services provided and received by Information Systems.
• Establish a recording system for information security incidents, create an incident management platform, and ensure its operation and functionality.
• Organize and deliver internal training to raise information security awareness among employees.
• Ensure that IT systems and services are maintained, updated, and audited according to ITIL guidelines, including monitoring administrator access and log records, and execute other tasks assigned by the manager within company interests.

Requirements

• Bachelor’s or Master’s degree in Information Technology, Cybersecurity, Computer Engineering, or a related field
• Minimum 3–5 years experience in information security, IT governance, or ISMS implementation
• Strong knowledge of ISO 27001, COBIT, ITIL, and other international information security frameworks
• Experience with risk management, internal audits, and compliance reporting
• Practical experience in system monitoring, incident management, and NDA handling
• Strong analytical, problem-solving, and coordination skills
• Ability to develop and deliver internal information security training
• Familiarity with system and database administration monitoring tools and log management
• English – advanced level, Russian – preferred, Turkish – an advantage

Interested candidates are requested to submit their CVs to the e-mail address in the Apply for job button with “Information Security Engineer” indicated in the subject line.

Note: Only shortlisted candidates will be contacted