“Working in the risk industry, every day inspires me to make an impact,” says Merve Sargin, senior manager for software asset management (SAM) in Deloitte Turkey’s Risk Advisory practice. In her role, Merve helps companies across industries manage their software spending, optimise software assets and mitigate compliance risks. She especially enjoys the variety of work, opportunities to collaborate with colleagues across functions and geographies, and the impact her work has on clients’ operations.
Merve is being profiled in Deloitte’s “Women in Risk Advisory” series, recognised as both a high-achiever in the field and someone committed to the principles of inclusion and gender diversity. We were thrilled for the opportunity to speak with Merve recently about her role and accomplishments, as well as her experiences as a female in a traditionally male-dominated field. Highlights from the conversation are below.
Tell us about your journey into the risk industry.
Merve Sargin: I actually started my career with Deloitte as an intern during the summer of 2010. By the time my internship was through, I had a job offer in Information Security Management (ISM) from Deloitte’s Istanbul, Türkiye office. This was a life-changing event for me because I was living in Izmir, Türkiye at the time and had to move to Istanbul [about five hours away], leaving my family and hometown. It was the first time I ever lived on my own! But looking back on those days, it was such a great opportunity because Deloitte gave me the chance to step outside my comfort zone. So, I accepted the offer. I now work back in Izmir, leading the Software Asset Management (SAM) division within the Risk Advisory practice at Deloitte Türkiye. When I first started my career, I was working in the ISM division, but then I moved to SAM after my first software project. At first, it was only me working in that division, but since then, we’ve grown to 10 people in SAM in Türkiye and I lead as the manager.
Please describe your day-to-day role and important software asset management considerations for businesses today.
Merve Sargin: My department, SAM, completes licence compliance reviews for large vendors, as well as advisory work with clients to optimise their software spending. I help organisations build their SAM processes and implement SAM tools for efficiency.
SAM is growing in importance every day. When I first started 10 years ago, we only had one or two engagements a year doing compliance reviews for vendors, but now, we’ve expanded tremendously, doing consultancy projects, SAM tool implementation and SAM process consultancy. We even help clients build their own SAM organisation internally. And these are all hot topics; it’s becoming more and more important for businesses to consider software asset management and we expect the industry to grow exponentially within three-to-five years.
What certifications do you hold in information security? What motivated you to pursue those?
Merve Sargin: I currently have the Certified Information Systems Auditor (CISA) and ISO 27001 Lead Auditor (LA) certifications. When I first decided to get the CISA certification, I was a consultant in ISM, with only two years of experience. Although it was early in my career to undertake such an exam, I knew that certifications were one of the key identifiers to being an expert in information security. Some of our clients were also asking our team if anyone had these certifications, so it became clear that if I wanted to become a manager, I needed to pursue them. I made up my mind to get the CISA certification within the following year and I did it! It wasn’t easy, but I believe if you set a goal for yourself and dedicate yourself to pursuing it, then you can achieve it.
What are some of the key projects you’ve worked on?
Merve Sargin: I was on two multinational consultancy projects that had huge impacts on my career and broadened my horizons. The first was an IT governance consultancy project for an airline and we were tasked with centralising their IT organisation. We worked with seven different IT organisations based in different parts of the world—China, Africa, Europe, the Middle East and Russia, to name a few. It truly inspired me to be working in such a global environment. We also worked with different Deloitte offices and I had the chance to meet and work with many other talented and dedicated colleagues.
The other project was also an IT governance consultancy one, but here, we were helping the client restructure its IT organisation. This project had me working together with colleagues in the Deloitte Moscow office. As a senior consultant, I had the chance to work from Moscow for a month and it was a really amazing experience for me to see the working culture in Russia.
Have you experienced challenges or stereotypes as a female professional? How did you overcome them?
Merve Sargin: One of the challenges I had was being a working mom who was nursing while working at different client locations. It was challenging because not all client sites had nursing rooms or available spaces for pumping. Every time I worked at a client site, I needed to pack up all my pumping and cooling equipment and lug it around. I remember one time when I was travelling, I was held up at security because of my gear. I had to explain what it was used for and why I needed it with me.
At first, I was a bit shy to ask my clients for a nursing room, mostly because I was working in IT and 90 percent of my clients (IT managers and CIOs) were men. But once I did ask, the response I got really comforted and encouraged me. At one point, one of the IT managers actually said, “We are so ashamed that we don’t have a nursing room in our office, but we’ll provide you with the best and most private meeting room.” I saw that they really cared and were willing to support me—that made me more comfortable.
As I became more comfortable speaking up, pumping became more manageable, as well. I began to practice solutions along the way—I would let the clients know that I needed a private space in advance of my arrival so they would be prepared. I also adjusted my pumping schedule based on travel, the meeting schedule and availability of rooms. Through all this, I believe that I increased awareness of accommodations for new mothers and what our specific needs are.
Do you feel women have equal opportunities to evolve in this business?
Merve Sargin: I personally believe that women and men have equal opportunities to develop in risk. IT Risk Advisory is a male-dominated field, but I've always felt that being a woman has given me a special perspective and advantage. I remember clients—especially women clients—specifically mentioning how happy they were to see more and more talented women sitting at the table and discussing IT management issues. So, I personally have seen the best side of risk, having positive experiences as a woman in the industry. People are more and more supportive of gender equality now.
Deloitte Türkiye has close to a 50/50 gender ratio, especially in the Risk Advisory practice. Our management really cares about that and it’s reflected in our hiring processes. As a manager, I interview potential candidates and work with HR to make sure that we receive resumes from men and women equally—if HR sends two resumes from women, I also get two from men. I feel lucky being a woman living in Türkiye and working for Deloitte in this industry. Deloitte provides such a wonderful environment, with a great network of people. It really is a diamond in the rough for women wanting to work in risk, so I consider myself very lucky and happy to be a part of this company.
What advice do you have for women looking to pursue a career in risk?
Merve Sargin: For both women and men, I would say to believe in themselves; go the extra mile by stepping outside your comfort zone. But for women specifically, believe that you can do all the work men can do, no matter what other people say or what “rules” society creates. I would also say work hard—that’s really important.
What are some key contributors to making the risk industry a more female-friendly, diverse and inclusive environment?
Merve Sargin: I think organisations should accept that women can perform as well as men in this business. There’s no difference in terms of gender. I know it’s hard to overcome stereotypes—as Albert Einstein said, “It’s harder to crack prejudice than an atom”—but spreading this message at all levels and hiring with an equal ratio of women and men in risk-related positions would help tremendously.
I believe it’s the management’s responsibility to support this fair ratio. Management needs to understand that both women and men should be working equally in all organisations. Deloitte is a great place to work for women, because they care about and are committed to gender equality.
I’d advise other organisations to, of course, believe that women can perform and do as much as men. But secondly, they need to promote accordingly. It’s not just about hiring equally, because if you only promote men, then men are the only ones who have the say at the management level. And having diverse voices and perspectives at the table will create a sense of community that will allow us to do our best work.
View Deloitte’s Women in Risk series.