Istanbul, Turkey


Information Technology



Job ID


PMI wants to work with the best talent available. Our diverse workforce of around 73,500 people speaks more than 80 languages. Our priority is to attract, support, and retain individuals from across the planet – no matter their age, gender, religion, or disability. Our people are our greatest strength, and we're proud of our culture of openness and respect. We believe that this is a big part of what makes PMI such a great place to work. Do you have strong social skills, are you customer oriented and do you want to work for a Top Employer with international career opportunities? If so, then please keep on reading. The Information Security team in PMI has an established practice of many years with the mandate to respond to the increasing cyber threats across the globe, has a global function and is looking for an autonomous/self-starter Information Security expert who is willing to work in a demanding environment. The Information Security Officer MEA will report to the Regional Information Security Officer of Eastern Europe (EE) & MEA as part of PMI’s Global Information Security team. Read further if you want to learn what the main responsibilities of the role are: The Information Security Officer’s (ISO) mission is to provide an effective Cyber and Information Security capability to proactively protect the confidentiality, integrity and availability of PMI data, intellectual property and Information & Technology assets. ISO supports the PMI Chief Information Security Officer in fulfilling his mandate with the following security and regulatory activities in the region: • Be the face of Information Security in the region. Maintain strong stakeholder relationships, evangelize security, and find opportunities for security to add value within the region • Deliver the Global Security program to the region. Support local entities including specific initiatives with ISO relevance. • Partner with other ISOs and Global Information Security team, to define and implement a regional security engagement strategy. • Understand the security posture and business processes of markets and in order to effectively engage them in the Security Program. Actively govern Cyber and Information Security risks in the region in a manner that meets compliance, regulatory requirements and PMI’s risk appetite. • Communicate and support adherence of PMI’s IT policies and standards within the region. Work with global teams to ensure IT policies, standards, and control frameworks consider regional nuances responding to local laws, regulations and other local requirements. • Advise and support market business and enabling teams in implementing practices that meet defined policies and standards for information security. Work with project management offices and relevant teams to ensure embedding security-by-design into local and/or regional projects involving PMI systems and/or data. (Build Clean) • Conduct risk and maturity assessments from a cybersecurity risk perspective, evaluate compliance of IT services with relevant security and regulatory requirements. (Stay Clean) • Embed ownership of Information and Cyber Security in the company through continuous training and awareness. • Support regional execution of cyber-attack simulations and table-top exercises, coordinate Information Security Incident Response and Cyber Crisis Management within the region • Operate regional security governance structure and report to global security committees and market and regional management teams. This position can be something for you if you recognize yourself in the below profile. You have: • 10+ years information security and/or related technology experience and track record in information security and risk management, including experience guiding and assisting organizations in implementing appropriate IT Security practices and mitigating risk with sustainable controls • Must have at least a bachelor's degree, preferably in computer science • Ability to collaborate with top management and business management in both domestic and international corporate environments to drive decisions and communicate effectively • Ability to communicate technical subjects to both IT and business–centric audiences to build champions and deliver results • Knowledge and understanding of meaningful legal and regulatory information security requirements • Knowledge and experience in Cybersecurity, IT and Governance frameworks such as NIST, ISO 27001, SOX, PCI DSS, GDPR, COBIT, ITIL • High degree of initiative, dependability and ability to work with little supervision • Strong influencing and negotiation skills and diplomacy • Strong leadership skills and ability to lead and motivate multi-functional, interdisciplinary teams to achieve tactical and strategic goals • Team player with ability to build pro-active, co-operative working relationships with customers, peers and key stakeholders based on respect and teamwork • Flexible approach to travel (10-15%) • Excellent command of English and Turkish. • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials is desired This role will start as a remote position, but it might transfer to our HQ either partially or fully, after we start to work from the office again. At Philip Morris International, employee health and safety are our top priority. For our employees, we have implemented strict processes and precautions to prevent spread of COVID-19 including -but not limited to- providing gloves, masks, and hand sanitizers, temperature checks before entering to facilities and frequent sanitizing of touched surfaces throughout the day. One more thing: at Philip Morris we see equal pay for equal work between woman and men as the baseline standard for equality. Our good intentions do match our practices as we achieved the Global Equal Salary Certification. Moreover, we invest in creating a diverse workforce & a culture based on personal and career development, both on local as well as international level. How does this sound? If you are interested, go ahead and apply! #LIJobs