Mahir Çoktan

About

Information Security | ISO 27001/27701/42001 LA | SOC2 & Cloud Security | Governance, Risk and Compliance | KVKK | BDDK | GDPR Passionate about #InformationSecurity, #CyberSecurity, and #RiskManagement. With a strong background in #ISO27001, #SOC2, #ISO22301, and #GDPR I specialize in securing digital assets, ensuring compliance, and mitigating security risks. Expertise in #SecurityAudits, #SecurityAwarenessTraining, #BusinessContinuity, #VendorRiskManagement, #ThreatDetection, #IncidentResponse, #VulnerabilityManagement, and #ThirdPartyRiskAssessment.

Experience

• Information Security Officer at DenizBank
  Jun 2026 - Jun 2026 · 1 mo

  Deniz Yatırım | Deniz Portföy | Deniz GYO

• Information Security & Data Protection Officer at Deniz Faktoring A.Ş.
  Jul 2025 - Jun 2026 · 1 yr

• Information Security Lead at Insider
  Oct 2021 - Jul 2025 · 3 yrs 10 mos

  Insider is a leading SaaS company specializing in AI-powered marketing and customer experience solutions. As an Information Security Specialist, I ensure the security of Insider’s systems, data, and operations while maintaining compliance with global security standards. •Developed and implemented information security policies and procedures aligned with ISO 27001, 22301, SOC 2, CSA STAR, GDPR, KVKK, and ePrivacy seal assessments. •Conducted risk assessments and business continuity planning to minimize security threats. •Managing the company's processes such as preparation and coordination of independent audit processes. •Ensure implementation of security reporting and senior management reporting that minimizes partner questions and security concerns. •Lead internal security audits and ensure compliance with regulatory requirements. •Managed third-party security assessments and vendor risk evaluation processes. •Provided security awareness training for employees to strengthen the security culture.

• Information Security Specialist at Katılımevim
  Apr 2021 - Oct 2021 · 7 mos

  Katılımevim is a financial services company offering home financing solutions. I was key in securing the company’s IT infrastructure and ensuring regulatory compliance. •Established and maintained Information Security Management System (ISMS) Policies & Procedures. •Lead BDDK (Banking Regulation and Supervision Agency) compliance audits. •Coordinating and conducting internal and external audit processes. •Conducted network security assessments and penetration testing. •Managed security awareness programs and employee training sessions. •Coordinate KVKK and Data Privacy regulations. •Oversaw the installation and configuration of firewalls across branch offices.

• IT Ops & Information Security Consultant at İnvekor Bilgi Teknolojileri
  Apr 2019 - Apr 2021 · 2 yrs 1 mo

  Invekor is a technology consulting firm providing IT security and infrastructure solutions. I worked closely with multiple clients to enhance their cybersecurity and IT operations. •Provided technical security consultancy to clients under ISO 27001 compliance. I joined independent audit phases and conducted internal audit activities. •Lead network security, firewall management, and vulnerability assessments. •Managed backup and disaster recovery solutions using QNAP & Veeam Backup. •Conducted penetration testing with Nessus and Netsparker. •Supported GDPR/KVKK compliance with policy implementation and technical consultancy. •Oversaw Active Directory, GPO, and Windows Server security configurations.