Contact information

The job seeker has entered a phone number , email and address.

You can get this candidate's contact information from https://www.work.ua/resumes/9148565

Work experience

Information Security Manager

from 12.2021 to now (2 years 5 months)
Gedik Investment, Other countries (Finance, banking, and insurance)

Support and facilitate creation of Information Technologies security, compliance and risk management policy, procedures and standards,
Delivering Information Security Awareness training,
Improvement of Management and Operation of Vulnerability Management Process using various tools including Nessus, Outpost24 etc.,
Managing Symantec DLP, continuous oversight of operations, improvement of DLP rules,
Coordination of Penetration Tests and follow-up of the mitigation of IT related risks,
Improvement of Management and Operation of Security and Event Management Process,
Log management for Legal and Regulatory compliance with regulations using Arcsight,
Consultancy in IT Project related to Information Security and regulatory compliance,
Supervision of the Business Continuity (remote site) and Disaster Recovery Tests,
Ensure third party risks are assessed before service onboarding and reassessed at annually to ensure risks identified are managed inline the risk appetite,
Improvement of IT Controls Framework to cover all internal and external requirements such as
Cobit, Nist, Owasp Top 10, Sans Top 25, Mitre
Reviewiny security reports from security applications - daily operations - Symantec Endpoint Protection, QRadar SIEM, Crowdstrike Falcon XDR, FortiAnalyzer, Cryptolog, DNSSense.

Information Technology Controller

from 12.2020 to 12.2021 (1 year)
Bank of China Turkey, Other countries (Finance, banking, and insurance)

Performing periodic ITGC and application controls, reporting any findings to Senior Management and Audit Committee,
Validating the effectiveness of existing controls,
Participating in change management board meetings,
Performing periodic business process controls, reporting any findings to Senior Management and Audit Committee.

Information Technology Auditor

from 01.2017 to 12.2020 (3 years 11 months)
A&T Bank, Other countries (Finance, banking, and insurance)

IT auditing to increase process maturity levels with reference to COBIT 4.1 and ISO 27001 standard,
Follow up the penetration test findings.

Internal Auditor

from 08.2012 to 12.2016 (4 years 4 months)
A&T Bank, Other countries (Finance, banking, and insurance)

Performing banking process audits.

Assistant Auditor

from 09.2011 to 08.2012 (11 months)
Deloitte, Other countries (Consulting, accounting and auditing)

Process and financial audits of the financial industry clients such as banking, factoring and leasing.

Education

Yeditepe University

Management Information Systems, Istanbul
Higher, from 2017 to 2020 (3 years)

Thesis Subject: Examination of the Performance Change in Companies
which Use Cloud Computing Systems

Istanbul University

Economics in English, Istanbul
Higher, from 2006 to 2011 (5 years)

Additional education and certificates

CISA

2017

CISM

2024

Language proficiencies

• English — above average
• Turkish — fluent
• Russian — beginner