In this role, you will be responsible for executing the information security, governance, risk, and compliance strategies as defined by the CISO. This role requires a strong focus on the day-to-day management of security practices, GRC activities, and the integration of security within the software development lifecycle, ensuring the organizations policies, procedures, and systems are aligned with regulatory requirements and industry best practices.
We cant promise it will be easy, but definitely exciting and most importantly FUN.
This position is located in Israel, and youll be reporting directly to the CISO.
Lets get down to business:
The opportunity
Program Implementation: Execute the organizations information security and GRC programs based on strategies and objectives set by the CIO and acting CISO. This includes implementing security policies, controls, and standards across the organization.
GRC Activities Management: Facilitate GRC processes, including risk assessments, compliance audits, and policy management, ensuring alignment with external regulations and internal standards.
Secure SDLC Oversight: Work closely with the R&D and software development teams to integrate security measures throughout the SDLC, from requirements analysis to deployment, based on predefined frameworks and best practices.
Data Access and Policy Enforcement: Manage data access controls and policy enforcement mechanisms to safeguard sensitive information and ensure compliance with data protection regulations.
Tool and Platform Management: Oversee the effective use of the GRC platform for risk management, compliance tracking, and policy documentation. Ensure tools and technologies used for security and compliance are optimized and up to date.
Collaboration and Support: Collaborate with IT, R&D, legal, and other departments to support security and compliance projects. Provide expertise and guidance on implementing security and compliance requirements.
Incident Response Support: Assist in managing and refining the incident response process and procedures, ensuring readiness to respond to security incidents effectively.
Awareness and Training: Support the development and delivery of security awareness and training programs to promote a culture of security and compliance throughout the organization.
Requirements: Solid experience in information security, GRC processes, and secure software development lifecycle management.
Knowledgeable in security frameworks (e.g., ISO 27001, NIST) and compliance regulations (e.g., GDPR, SOC 2).
Practical experience with security technologies, data protection strategies, and compliance audit facilitation.
Strong organizational and project management skills to manage multiple tasks and projects effectively.
Good communication skills, capable of working collaboratively with technical and non-technical teams.
This position is open to all candidates.