Istanbul, Türkiye
A cybersecurity and governance, risk, and compliance (GRC) professional with over 20 years of experience in developing and implementing security frameworks that ensure compliance with international standards. Currently serving as the Chief Information Security Officer (CISO) at Finagotech, leading information security strategies and operations across the group companies. Skilled in information security management, ITSM, and SDLC, with a focus on regulatory compliance and risk mitigation. Holds globally recognized certifications, including CGEIT, CISA, and ITIL-MP, reflecting expertise in cybersecurity, governance, and IT service management. Committed to building robust information security frameworks, driving organizational compliance, and enhancing cyber resilience in financial ecosystems.
Leading the information security strategy and operations for Finagotech and its group companies. Developing and implementing security frameworks and policies to ensure compliance with international standards, including ISO 27001, COBIT, and DORA. Utilizing skills in SDLC and ITSM to prepare IT departments for regulatory compliance.
Offering consultancy services focused on enhancing corporate governance and information security. Assisting businesses in complying with local and global standards through effective GRC system design and strategic planning. Providing expert training on information security frameworks such as ISO 27001, NIST, and COBIT. Leveraging skills in strategic planning for cyber resilience and data governance.
Establishing and managing the bank's information systems security and IT governance structures. Implementing information architecture and data classification models and developing IT process frameworks using COBIT and ISO 27001 standards. Leading the bank's license audits and ensuring compliance with relevant standards. Utilizing skills in IT governance and information security management.
Managing and achieving ISO 20000-1 Service Management certification. Implemented the NIST Cybersecurity Framework to bolster cyber resilience. Managing the compliance program and implementing controls and operations for the BRSA's information system and electronic banking regulations. Directing comprehensive Disaster Recovery Center (DRC) tests, ensuring robust business continuity operations for the group.
Overseeing cyber security processes including employee security awareness, application security, segregation of duties, physical security, and data security. Leading the GoldenHorn project, designing the IT Governance Model using a BPMN platform based on the CONIG Framework. Designing and implementing the Enterprise Information Architecture and Data Governance Framework. Coordinating audits and penetration tests for COBIT, ISO 27001 and ISO 22301 standards, and international partners such as JP Morgan, HSBC, Bank of America...etc Managing the Security Operation Center (SOC) and related projects for the Istanbul Stock Exchange Group, setting up the department with components such as SIEM, SOAR, Red Team, and Threat Intelligence. Managing the security program for the Nasdaq Genium INet platform for the Istanbul Stock Exchange system and Clearing House.
Establishing quality and compliance standards for the organization. Providing technical support to risk management and project management teams. Designing IT governance frameworks and corporate organizational structures using ISO 27001 and ITIL. Applying expertise in enterprise architecture and IT service management.