Information Security - GRC Assistant Specialist/Specialist

Bupa Türkiye serves as an integrated healthcare services company in line with Bupa's growth strategy in the field of healthcare in Türkiye in parallel to Bupa's global vision.

With the goal of becoming Türkiye's most customer-centric healthcare company with a sustainable approach, Bupa offers the right solutions to its customers, providing them with a positive experience and enabling them and their families to look to the future with confidence.

Bupa focuses on the growth of the sector in Türkiye, developing practices that support both social integrated health awareness and healthy living with different approaches, and delivering its products and services to all segments of society.

Qualifications:

• 0-2 years information security and/or related technology experience and track record in information security and risk management.
• Bachelor's degree, preferably in computer science or engineering.
• Knowledge and experience in Cybersecurity, IT and Governance frameworks such as NIST, ISO 27001/27002, SOX, PCI/DSS, GDPR, KVKK, COBIT, ITIL.
• Knowledge and experience in Data Protection Tools (DAM, DLP and etc.)
• Excellent verbal and written communication skills in English.
• Professional security management certification, such as a CISA, CISM, ISO27001 LA or other similar credentials is desired.
• Experience in developing, documenting and maintaining security procedures.
• Strong analytical and problem-solving skills.

Job Description:

• Work on the definition of risk and information governance policies.
• Ensure that the governance of information is carried out according to the standards and policies defined by the company, Bupa and regulatory bodies.
• Carry out the analysis of the processes and identify risks in the critical assets of the company.
• Proactively manage information security risks, propose corrective measures for identified risks.
• Execute the Information Security training and awareness plan.
• Manage data protection tools such as DAM and DLP.
• Consolidation of metrics and KPIs/KRIs related to the effectiveness of the controls associated with the reported risks.
• Manage regulatory compliance, including technical KVKK controls (GDPR), audits and policy compliance.

What is expecting you?

• A fun and social working environment that prioritizes employee happiness, with a strong company culture and passionate colleagues all working towards the same goal, under a transparent management approach.
• A working model focused on people and culture, in line with global business practices (Hybrid, remote, in-office).
• Continuous learning environment supported via on the job commercial and technical trainings and knowledge transfer as well as receiving on time support, coaching and feedback
• Employer-sponsored retirement plans and health insurance, including coverage for family members, as well as personal accident insurance.
• Birthday leave.
• Transportation and meal support.
• Benefits of the senCard Flexi advantages world.