Ingenico is a global leader in the fintech market, with more than three decades of experience. Its footprint gives scale to projects and talents.
Innovation is part of our DNA and our diverse community of experts keep anticipating the evolution of commerce worldwide.
We are shaping the future of payments.
We are looking for an Internal Controller who is reporting to the Group Internal Control and ORM Director, that ensure the implementation and effective operation of the Internal Control framework within Turkey entity.
Reporting to the Group Internal Control and ORM Director, you ensure the implementation and effective operation of the Internal control framework within Turkey entity.
Main responsibilities are detailed below :
Design with 1st line of Defense the Permanent controls to implement to mitigate their risks
Coordinate with Internal Control team to standardize and get homogenized permanent controls within the Group and to enforce them inside Group Policies & Procedure
Ensure regular review of permanent controls
Build KPIs and reports to escalate conclusions of permanent controls completion to Top Management
Provides objective evaluations of security controls, mechanisms and goals in comparison to best practices.
Ensures policies, procedures, standards, and system configurations are documented and tracked
Recommends, manages, and implements required changes to IT control & risk & security policies and procedures.
Reviews risk assessments, analyzes the effectiveness of information security control activities, and reports on them with actionable recommendations
Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.
Operational Risk Management
Support the mapping of Operational Risks (in relationship with ERM team)
Deploy the approach and methodology for ORM to increase Risk awareness in Turkey entity
Ensure that all compliance policies and procedures are in place and up-to-date
Develop and oversee control systems to prevent and deal with violations of regulatory requirements and internal policies
Promote, in collaboration with other departments and functions, a strong compliance culture within the organisation, including through training and communication programmes
Monitor regulatory developments and best practices and provide ongoing advice and analysis on the regulatory landscape relevant to the organisation
Act as the point of contact regarding data protection matters
Regularly report to Chief Group Compliance Officer on key matters
IT audit / security certification(s) : CISA, CISM, CRISC CISSP etc.
Min. 5 years’ experience in IT audit, IT risk management, compliance or control
Knowledge on frameworks such as COBIT, PCI, ITIL, ISO27001, ISO22301, ISO2000 etc.
An understanding of operational risk management and implementation in practice or have a strong interest to develop expertise in this area
Experience in data analysis and presentation of results (MS Excel, MS PowerPoint)
A great communicator, able to interact with stakeholders at all levels in multiple locations
Able to multitask, work on different projects in parallel and drive things forward
Able to surface and address issues, control deficiencies and emerging risks
Able to provide practical solutions to sustainably remediate and minimize risks and control deficiencies
Able to work with tight deadlines
Fluent in English and Turkish
This description of responsibilities and missions is non exhaustive. It may be amended from time to time based on the business needs