Senior Information Security Engineer

🕒 April 21

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Insider One

WebsiteLinkedInAll Job Openings

1001 - 5000 employees

Founded 2012

☁️ SaaS

🤖 Artificial Intelligence

🤝 B2B

💰 $500M Series E on 2024-12

SaaS • Artificial Intelligence • B2B

Insider One is an AI-native customer engagement and personalization platform delivered as SaaS. It provides a unified customer data platform (CDP), personalization, journey orchestration, reporting/analytics, and behavioral insights, and connects to 100+ integrations to support multichannel marketing across web, email, mobile apps, site search, SMS/RCS, WhatsApp, push, and conversational CX. The platform targets marketing and customer engagement teams at enterprise and e-commerce brands to improve engagement, conversions, and lifetime value.

📋 Description

• Drive the implementation, maintenance, and continuous improvement of the ISO 27001 Information Security Management System (ISMS), including control maturity tracking and audit readiness • Support SOC 2 Type II compliance efforts, including control implementation, evidence collection, and audit coordination • Conduct and document internal audits, manage findings, and follow up on remediation plans across teams • Own and evolve the company-wide risk management program, including risk register, scoring methodology, risk acceptance, and exception processes • Provide governance and security oversight for AWS environments, including cloud security posture, access controls, and configuration baselines • Collaborate with Red Team and Blue Team to track, prioritize, and close technical security findings • Maintain, update, and enforce security policies, standards, and procedures across the organization • Design and execute security awareness and training programs tailored to different roles (engineering, ops, business) • Lead third-party/vendor security assessments, including risk evaluation, tiering, and continuous monitoring • Support and coordinate security incident handling, reporting, and post-incident review processes • Contribute to data protection and privacy governance (KVKK, GDPR), including DPIA processes and data lifecycle management • Drive AI / LLM governance practices, including secure usage policies, data exposure controls, and risk assessments for AI tools • Act as a security consultant to business units and engineering teams, supporting secure architecture, design reviews, and risk-based decision making • Contribute to security architecture and design review processes, including threat modeling and secure design guidance • Coordinate and enhance business continuity and disaster recovery (BCP/DR) processes, including testing, documentation, and continuous improvement

🎯 Requirements

• Strong knowledge of ISO 27001, ISMS processes, internal audits, and control frameworks • Hands-on experience with risk management practices, including risk identification, scoring, and mitigation tracking • Experience in Business Continuity Management (BCM) and disaster recovery planning • Solid understanding of AWS services and cloud security governance, including IAM, logging, and baseline hardening • Familiarity with SOC 2 Type II framework and control domains • Understanding of data security concepts, including data classification, data inventory, and data protection mechanisms • Experience with vendor security and third-party risk management processes • Knowledge of privacy regulations such as KVKK and GDPR, including practical implementation • Familiarity with AI/LLM risks and governance concepts is a strong plus • Strong documentation and reporting skills for audits, compliance, and executive visibility • Experience in responding to customer security questionnaires and audits • Strong analytical thinking and ability to assess both technical and business risks • Ability to take ownership of security domains and drive initiatives end-to-end • Excellent written and verbal communication skills in English • Strong collaboration skills with both technical (engineering, DevOps) and non-technical teams • Ability to understand and communicate the business impact of security decisions • Capable of evaluating the security posture across cloud, application, endpoint, and data layers • * Comfortable acting as a trusted advisor and consultant to internal stakeholders * • Proactive mindset with a focus on continuous improvement • * Willingness to provide on-call support for security-related incidents when necessary * • Ownership of security projects from planning to execution and closure • * Ability to track, validate, and close findings from audits, pentests, and internal reviews * • Experience working with ticketing systems (Jira, etc.) to manage security tasks and follow-ups • Actively contributes to team collaboration, knowledge sharing, and process improvement • Ability to communicate clearly with internal teams, auditors, and external stakeholders • Maintains a positive and solution-oriented mindset in a fast-paced environment

🏖️ Benefits

• Enjoy a monthly meal allowance designed to enhance your daily routine. • Access comprehensive private health insurance. • Feed your curiosity with access to Spotify, LinkedIn Learning, Blinkist, MasterClass, Neoskola, and CloudGuru. • Level up with internal trainings covering AI fundamentals, coding, foreign languages, and a wide range of personal development skills. • Be part of a diverse team that’s as global as it gets, where every voice is heard and 50+ nationalities build together. • Become a Shareowner through our eligibility-based “ESOP” and own a piece of what you build. • Help build the team you want to work with and enjoy rewarding referral bonuses. • Opportunities to give back to your community through volunteering and purpose-driven social impact projects. • From global retreats to team-building activities, expect year-round events that turn into lifelong memories. • Get inspired by the greatest minds in the tech industry through events like our Tech & Dev Talks. • Work from anywhere in Turkey through our fully remote setup.