Senior Information Security Engineer (Remote) at insiderone

Before jumping into all the information about the role and what you can bring to the table, let us introduce ourselves real quick. About us Insider One is the #1 platform that brings everything marketing and customer engagement teams need in one place so they can reach their peak potential and become unstoppable.  Our story began with six desks and a vision to create a single platform to make industry-first technologies and emerging channels accessible to marketers worldwide. Today, Insider One is powered by 1,500+ team members representing 50+ nationalities across 30+ offices.  With AI at its core and an integrated Customer Data Platform (CDP), Insider One unites data, personalization, and journey orchestration across the most extensive set of natively supported channels, including WhatsApp, SMS, Email, Web, App, and Site Search.  We recently raised one of the largest funding rounds in the industry, a $500M Series E led by General Atlantic. We are backed by top-notch investors, including Sequoia Capital, QIA, Riverwood, and Endeavor Catalyst, and trusted by 2000+ customers from high-growth startups to the most prestigious Fortune 500 companies such as Samsung, Nike, L’Oreal, Singapore Airlines, Nestlé, Nissan, Lenovo, Puma, IKEA, Allianz, Domino's, and the list goes on. Insider One was congratulated for becoming one of the only woman-founded, women-led B2B SaaS unicorns in the world. Loved by customers, recognized by analysts, we are the only vendor recognized as the #1 leader in all the capabilities marketing and customer engagement teams need. Don’t just take our word for it — see for yourself. We consistently outperform and continue our leadership, and the results speak for themselves. From day one, Insider One’s mission has not only been to build a world-class product company, but also to create one of the most socially progressive technology communities in the world. Through our social responsibility initiatives like 100 Social Responsibility Projects, AI Training for Teachers, Code Academy, SheCodes, SheLeads, and SheMarkables, our community has committed to scaling its impact on our communities across 30+ countries, driving initiatives in health, education, farming, animal rights, and increasing women’s representation in STEM. Behind all these achievements is an exceptionally talented, visionary team of overachievers that moves fast and agile, creating cutting-edge products, and focuses on making an impact. If you want to be a part of this journey, just keep reading. What You Will Do • Drive the implementation, maintenance, and continuous improvement of the ISO 27001 Information Security Management System (ISMS), including control maturity tracking and audit readiness • Support SOC 2 Type II compliance efforts, including control implementation, evidence collection, and audit coordination • Conduct and document internal audits, manage findings, and follow up on remediation plans across teams • Own and evolve the company-wide risk management program, including risk register, scoring methodology, risk acceptance, and exception processes • Provide governance and security oversight for AWS environments, including cloud security posture, access controls, and configuration baselines • Collaborate with Red Team and Blue Team to track, prioritize, and close technical security findings • Maintain, update, and enforce security policies, standards, and procedures across the organization • Design and execute security awareness and training programs tailored to different roles (engineering, ops, business) • Lead third-party/vendor security assessments, including risk evaluation, tiering, and continuous monitoring • Support and coordinate security incident handling, reporting, and post-incident review processes • Contribute to data protection and privacy governance (KVKK, GDPR), including DPIA processes and data lifecycle management • Drive AI / LLM governance practices, including secure usage policies, data exposure controls, and risk assessments for AI tools • Act as a security consultant to business units and engineering teams, supporting secure architecture, design reviews, and risk-based decision making • Contribute to security architecture and design review processes, including threat modeling and secure design guidance • Coordinate and enhance business continuity and disaster recovery (BCP/DR) processes, including testing, documentation, and continuous improvement What You Will Need • Strong knowledge of ISO 27001, ISMS processes, internal audits, and control frameworks • Hands-on experience with risk management practices, including risk identification, scoring, and mitigation tracking • Experience in Business Continuity Management (BCM) and disaster recovery planning • Solid understanding of AWS services and cloud security governance, including IAM, logging, and baseline hardening • Familiarity with SOC 2 Type II framework and control domains • Understanding of data security concepts, including data classification, data inventory, and data protection mechanisms • Experience with vendor security and third-party risk management processes • Knowledge of privacy regulations such as KVKK and GDPR, including practical implementation • Familiarity with AI/LLM risks and governance concepts is a strong plus • Strong documentation and reporting skills for audits, compliance, and executive visibility • Experience in responding to customer security questionnaires and audits Soft Skills & Expectations • Strong analytical thinking and ability to assess both technical and business risks • Ability to take ownership of security domains and drive initiatives end-to-end • Excellent written and verbal communication skills in English • Strong collaboration skills with both technical (engineering, DevOps) and non-technical teams • Ability to understand and communicate the business impact of security decisions • Capable of evaluating the security posture across cloud, application, endpoint, and data layers • Comfortable acting as a trusted advisor and consultant to internal stakeholders • Proactive mindset with a focus on continuous improvement Additional Expectations • Willingness to provide on-call support for security-related incidents when necessary • Ownership of security projects from planning to execution and closure • Ability to track, validate, and close findings from audits, pentests, and internal reviews • Experience working with ticketing systems (Jira, etc.) to manage security tasks and follow-ups • Actively contributes to team collaboration, knowledge sharing, and process improvement • Ability to communicate clearly with internal teams, auditors, and external stakeholders • Maintains a positive and solution-oriented mindset in a fast-paced environment What We Offer • Enjoy a monthly meal allowance designed to enhance your daily routine. • Access comprehensive private health insurance. • Feed your curiosity with access to Spotify, LinkedIn Learning, Blinkist, MasterClass, Neoskola, and CloudGuru. • Level up with internal trainings covering AI fundamentals, coding, foreign languages, and a wide range of personal development skills. • Be part of a diverse team that’s as global as it gets, where every voice is heard and 50+ nationalities build together. • Become a Shareowner through our eligibility-based “ESOP” and own a piece of what you build. • Help build the team you want to work with and enjoy rewarding referral bonuses. • Opportunities to give back to your community through volunteering and purpose-driven social impact projects. • From global retreats to team-building activities, expect year-round events that turn into lifelong memories. • Get inspired by the greatest minds in the tech industry through events like our Tech & Dev Talks. • Work from anywhere in Turkey through our fully remote setup. We provide equal opportunity in a zero-discrimination workplace and not just welcome but also embrace everyone without regard to sex, race, color, nationality, religion, gender identity, sexual orientation, disability status, citizenship, or marital status. Please follow Insider One on LinkedIn, Instagram, X, Facebook and Medium!