IT Compliance Analyst

, Türkiye

Job Family Group:

Information Technology (IT)

Worker Type:

Regular

Posting Start Date:

June 2, 2026

Business Unit:

Projects and Technology

Experience Level:

Experienced Professionals

Job Description:

Job Purpose

Ensure that Security controls for Systems are in place, provide for support IS027001 Certification Process and to implement IT Security Policies as necessary.

Accountabilities:

• Working in full compliance with ISO9001 Quality Management System and ISO/IEC 27001 Information Security Management System.

• Fully compliant with TS EN ISO 14001 Environmental Management System standards/procedures/work instructions.

• Directly drives Shell Turkey’s annual ISO/IEC 27001 surveillance audits and the full recertification process conducted every three years, ensuring organizational readiness, evidence coordination, audit execution, and timely closure of all findings.

• Responsible for protecting IT infrastructure by ensuring confidentiality, integrity and availability of information assets.

• Responsible for ensuring that all applications supported in Turkey undergo regular penetration testing, managing the end‑to‑end process including coordination of tests, sharing of findings, and driving the timely remediation of all identified vulnerabilities.

• Represents IT in all company-wide compliance activities and provides organization‑wide guidance on Shell’s information security requirements, ensuring alignment with corporate policies, ISO/IEC 27001 standards, and overall security posture.

• Participate in the establishment and maintenance of information security policies and standards that support business goals and objectives 

• Fully responsible for monitoring, managing, and coordinating all security incidents occurring in Turkey, ensuring end‑to‑end engagement with IRM, driving the incident process, and providing timely updates to senior management.

• Apply metrics to measure, monitor, and report on the effectiveness of information security controls and compliance with information security policies 

• Control and ensure that information security is not compromised 

• Report on the performance of the information security management system to top management. 

• Responsible for planning, coordinating, and delivering all information security awareness trainings for all users across Turkey in line with ISO/IEC 27001 requirements.

·         Responsible for creating PRs/POs, monitoring invoices, and capitalizing IT assets.

Dimensions:

• Individual contributor

• No direct budget responsibility

• Typical Job Grade of Supervisor/Manager: JG4 or higher

Skills & Requirements:

• Minimum 7 years' experience in IT Security or Cyber Defense and ability to adopt new security techniques quickly.

• Preferred Experienced in ISO27001 Process  and Information Security Guideline.

• Experience and knowledge of IT Security Policies.

• Good team player and able to efficiently work and communicate with 3rd party service providers

• IT Security focused and able to provide trainings to the users.

• Able to deliver under time pressure and deliver on strict deadlines

• Excellent communication skills.

• Good Business English, written and oral

• Good Analytical skills

• Result oriented

Special Challenges:

• The operational nature of the role will require out-of-hour working, sometimes unplanned and on call

• Needs to be able to deal with state of the art, differentiated and often unproven technologies which require some learning on the job

• Needs to be comfortable with sometimes vague and changing scope and priorities in a rapidly changing environment

• Ability to ensure one team mindset across the various teams to drive effective delivery

-

DISCLAIMER:

Please note: We occasionally amend or withdraw Shell jobs and reserve the right to do so at any time, including prior to the advertised closing date. Before applying, you are advised to read our data protection policy. This policy describes the processing that may be associated with your personal data and informs you that your personal data may be transferred to Shell/Shell Group companies around the world. The Shell Group and its approved recruitment consultants will never ask you for a fee to process or consider your application for a career with Shell. Anyone who demands such a fee is not an authorised Shell representative and you are strongly advised to refuse any such demand. Shell is an Equal Opportunity Employer.