Information Security Manager

Remote: Turkey

About Revolut

People deserve more from their money. More visibility, more control, and more freedom. Since 2015, Revolut has been on a mission to deliver just that. Our powerhouse of products — including spending, saving, investing, exchanging, travelling, and more — help our 70+ million customers get more from their money every day.

As we continue our lightning-fast growth,‌ 2 things are essential to our success: our people and our culture. In recognition of our outstanding employee experience, we've been certified as a Great Place to Work™. So far, we have 13,000+ people working around the world, from our offices and remotely, to help us achieve our mission. And we're looking for more brilliant people. People who love building great products, redefining success, and turning the complexity of a chaotic world into the simplicity of a beautiful solution.

About the role

Our Information Security team protects Revolut's systems, data, and people. They combine technical expertise with a proactive, risk-based mindset to stay ahead of threats and keep our technology and customers secure at every step.

We're looking for an Information Security Manager to lead our local security strategy and collaborate with regulators, management, and the Risk and Compliance team. You’ll oversee the entire security lifecycle, from identifying risks and managing vulnerabilities to ensuring our third-party vendors meet strict standards.

Up to shape what's next in finance? Let's get in touch.

What you'll be doing

• Classifying information assets according to security requirements and maintaining detailed asset and data inventories
• Developing, implementing, and regularly updating information security policies, procedures, and standards in line with regulatory requirements (BDDK, ISO 27001, PCI-DSS)
• Establishing identity authentication mechanisms and network security control systems according to regulatory standards
• Protecting confidential information and managing limited access permissions for third-party service providers and vendors
• Establishing and managing cyber incident response processes
• Identifying, assessing, and prioritising information security risks across systems, networks, and data assets while monitoring mitigation controls
• Overseeing periodic vulnerability assessments and penetration tests and tracking the remediation of identified weaknesses
• Ensuring full alignment with BDDK's IT regulations, KVKK, and other applicable frameworks while supporting regulatory audits
• Designing and testing business continuity and disaster recovery plans to ensure operational resilience
• Conducting information security awareness activities, including bulletins, communications, and regular phishing simulation tests
• Providing regular reporting to the board, senior management, and regulatory bodies regarding security posture and control effectiveness

What you'll need

• 7+ years of experience in information security management, ideally within a regulated financial institution (financial services, banking, or payments)
• Relevant certifications, such as CISM, CISSP, ISO 27001 Lead Implementer
• Knowledge of BDDK BS regulation, KVKK, ISO 27001, PCI-DSS, and COBIT
• A university degree in computer engineering, information systems, or related field
• Expertise in managing outsourced IT and InfoSec services
• Experience delivering localised IT and InfoSec policies aligned with regulatory standards
• Excellent stakeholder management and communication skills

Building a global financial super app isn’t enough. Our Revoluters are a priority, and that’s why in 2021 we launched our inaugural D&I Framework, designed to help us thrive and grow everyday. We're not just doing this because it's the right thing to do. We’re doing it because we know that seeking out diverse talent and creating an inclusive workplace is the way to create exceptional, innovative products and services for our customers. That’s why we encourage applications from people with diverse backgrounds and experiences to join this multicultural, hard-working team.

Important notice for candidates:

Job scams are on the rise. Please keep these guidelines in mind when applying for any open roles.

• Only apply through official Revolut channels. We don’t use any third-party services or platforms for our recruitment.

• Always double-check the emails you receive. Make sure all communications are being done through official Revolut emails, with an @revolut.com domain.

We won't ask for payment or personal financial information during the hiring process. If anyone does ask you for this, it’s a scam. Report it immediately.

By submitting this application, I confirm that all the information given by me in this application for employment and any additional documents attached hereto are true to the best of my knowledge and that I have not wilfully suppressed any material fact. I confirm I have disclosed if applicable any previous employment with Revolut. I accept that if any of the information given by me in this application is in any way false or incorrect, my application may be rejected, any offer of employment may be withdrawn or my employment with Revolut may be terminated summarily or I may be dismissed. By submitting this application, I agree that my personal data will be processed in accordance with Revolut's Candidate Privacy Notice