About the Team
At Trendyol Tech, our mission is to create a positive impact in our ecosystem by enabling commerce through technology.
We solve complex problems with data, creativity, and agility — always driven by real outcomes. With a culture built on learning, collaboration, and ownership, we grow together while building what’s next.
About the Role
As the Head of Information Security, you will lead security architecture, governance, risk management, and compliance initiatives while embedding security-by-design principles across technology and business teams. Working closely with senior stakeholders, you will strengthen the organization’s security posture and foster a strong security culture in a fast-paced environment.
Responsibilities
Define and lead the overall security risk, compliance, and governance strategy aligned with organizational objectives and regulatory requirements. Establish and continuously evolve enterprise-wide frameworks, policies, and standards covering information security, risk management, compliance governance, and control monitoring. Provide strategic leadership across security engineering, risk management, and compliance teams, ensuring alignment between operational execution and long-term organizational goals.Oversee regulatory compliance programs (e.g., GDPR, PCI-DSS, ISO 27001, SOX, local regulations) and ensure audit readiness and sustainable control environments.Drive enterprise risk assessment processes, define risk appetite in collaboration with senior leadership, and oversee mitigation strategies.Partner with executive stakeholders, including Engineering, Product, Legal, Internal Audit, and senior business leaders, to embed security and governance practices into business operations. Lead third-party risk management, vendor compliance programs, and external regulatory relationships where applicable.Define KPIs, metrics, and maturity models to measure effectiveness of security and governance programs and drive continuous improvement.Foster a strong security culture through awareness initiatives, training programs, and proactive communication across the organization.Define and drive the enterprise-wide data security strategy, ensuring robust safeguards for sensitive information across cloud services, applications, and endpoints.Lead the security architecture and design of the company's projects, initiatives and infrastructures.Build, mentor, and scale high-performing teams while establishing strong leadership pipelines.
Expected Qualifcations
Bachelor’s or Master’s degree in Information Security, Engineering or a related field.Minimum 10 years of experience in information security, compliance, governance, or risk management roles including significant leadership experience.Proven track record of building and scaling enterprise security governance frameworks and compliance programs.Proficiency in security design and architecture.Significant experience in data security such as data leakage prevention and data classification.Deep understanding of regulatory environments and standards such as ISO 27001, GDPR, PCI-DSS, SOX, or similar.Relevant certifications (e.g., CISSP, CISM, CRISC, ISO 27001 Lead Implementer) are preferred.Strategic thinker with the ability to influence and guide decision-making at the executive level. Excellent leadership, communication, and stakeholder management skills.Capacity to adapt to a fast-paced and evolving environment. Commitment to staying updated on the latest security trends and technologies.Fluency in English (written and verbal).
What We Offer
- Hybrid working model with flexibility: a schedule that helps you find the right balance between flexibility and team bonding, including work-from-abroad opportunities and a summer working model.
- Customisable FlexBenefits budget: Adjust your daily meal allowance, choose your health insurance package (and extend it to your spouse or children), and pick from additional benefits like fuel support or Trendyol shopping credits.
- Well-being support: Access to location-based in-house doctors, as well as psychologist and dietitian support, and HPV vaccination provision.
- Personalised training allowance and learning opportunities: Use your annual budget for any training or conference of your choice, explore our Learning Management System (LMS) anytime, and join in-person learning sessions offered throughout the year.
- Responsibility from day one: Take full ownership from the start in a culture where every voice is heard and valued.
- A diverse, international team: Collaborate with global peers across our offices in Berlin, Amsterdam, Dubai, and beyond, in a startup-spirited and collaborative environment.
- Opportunities to grow with the best: Tackle meaningful challenges, develop through hands-on experience, and grow with the support of expert guidance and global mentoring.
- Meaningful connections beyond tasks: Be part of team rituals, events, and social activities that help us stay connected and inspired.
Take the Next Step
If this role excites you, apply today, we look forward to taking the next step with you.