Information Security Engineer (Banking)

RoofStacks is seeking an Information Security Engineer with strong experience in banking processes for a strategic project in the Banking/Fintech sector. The role involves managing security systems (Firewall, IPS/IDS, DDoS, Antivirus, Web Gateway), monitoring daily operations, and ensuring compliance with banking regulations like BDDK, KVKK, and ISO 27001. The engineer will also contribute to secure architectural designs, perform vulnerability detection, and handle incident response. Candidates should have at least 3 years of system security experience.

Must Have

• Manage security systems (Firewall, IPS/IDS, DDoS, Antivirus, Web Gateway)
• Monitor daily security operations and analyze alarms/events
• Manage rule sets, policies, and access controls
• Identify vulnerabilities and perform risk analysis
• Respond to security incidents and conduct Root Cause Analysis (RCA)
• Ensure compliance with banking regulations (BDDK, KVKK, ISO 27001)
• Support system security in Disaster Recovery (DR) and business continuity processes
• Prepare and maintain security product logs, reports, and documentation
• At least 3 years of experience in system security
• Experience with security solutions like Firewall, IPS/IDS, DDoS, Antivirus
• Knowledge of network and system security principles (NAT, VPN, segmentation)
• Experience in log management, alarm monitoring, and security event analysis
• Adaptability to highly regulated environments (banking, finance, telecom)

Good to Have

• Learning agility
• Ability to express ideas clearly
• Professional communication with all stakeholders
• Clear, concise, and persuasive communication
• Early problem detection and resolution
• Support team in creating quality and sustainable products
• Provide practical solutions
• Guide technical and non-technical discussions to positive outcomes
• Understand and resolve team, task, or customer issues in collaboration with managers
• Act prudently when solving problems

RoofStacks has been carrying out innovative projects since 2015. We aim to be a global player in our areas of expertise: Tourism Systems, Extended Reality (AR/VR), Blockchain Technologies, Game Development, and Financial Technology.

We focus on making a difference and designing the future with the technologies we develop. In addition to our head office in Istanbul/Ataşehir, we have branches in Antalya and Elazığ in Turkey. We have also strengthened our position in the global market by opening a new office in Austin, USA, which hosts technology giants from all over the world.

We are looking for an "Information Security Engineer" with strong experience, especially in banking processes, to take part in the strategic project we are carrying out in the Banking/Fintech field.

Key Responsibilities

• Carry out installation, configuration, and operation activities of security systems (Firewall, IPS/IDS, DDoS, Antivirus, Web Gateway, etc.) used in the bank's infrastructure.
• Ensure daily operations of security devices are monitored, alarms and events are analyzed, and necessary actions are taken.
• Manage rule sets, policies, and access controls related to system and network security.
• Conduct studies for the detection of security vulnerabilities, risk analysis, and their remediation.
• Respond to security incidents, perform root cause analysis (RCA), and report.
• Work in accordance with banking regulations (BDDK, KVKK, ISO 27001, etc.) and internal security policies.
• Contribute to secure architectural designs in coordination with system and network teams.
• Support system security requirements in disaster recovery (DR) and business continuity processes.
• Prepare and keep up-to-date logs, reports, and documentation related to security products.
• Conduct technical communication with third-party vendors and security service providers.

Required Qualifications

• Graduated from Electronics, Computer, Communications, or related engineering departments.
• At least 3 years of experience in system security.
• Experienced in security solutions such as Firewall, IPS/IDS, DDoS protection systems, Antivirus, and similar.
• Knowledgeable about network and system security principles (NAT, VPN, segmentation, access control, etc.).
• Experienced in log management, alarm monitoring, and security event analysis.
• Able to adapt to the working discipline in highly regulated institutions (bank, finance, telecom, etc.).

Communication Skills

• Learning agility
• Ability to express ideas easily
• Professional communication with all stakeholders
• Being clear, concise, short, and persuasive in all communications
• Ability to detect and solve problems at an early stage

Teamwork Expectations

• Ability to support the team while creating higher quality and sustainable products
• Ability to offer practical solutions
• Ability to guide all technical and non-technical discussions to a positive outcome
• Ability to understand team, task, and/or customer issues well and quickly resolve them in cooperation with relevant managers
• Acting prudently when solving problems