דרושים » אבטחת מידע וסייבר » GRC Manager

We are looking for an experienced GRC manager to lead the GRC domain reporting to our CISO.

As GRC Manager you will be responsible for assessing and documenting our compliance and risk posture as they relate to its information assets, you will be a liaison on the privacy domain between various business and technology units.

The candidate should have experience both as a security practitioner and consultant, profound security and privacy GRC related knowledge, and passion for cyber security.

Responsibilities require experience, as well as expertise to ensure effective system-wide security & risk analysis; standards and testing; risk assessment; awareness and education; and development of policies, standards, and guidelines.

The Day-to-Day:
Evaluate the state of security and privacy from the GRC perspective, identifying gaps and opportunities and anticipating needs.
Testing the design and operating effectiveness of technical and administrative security controls
Designing and implementing data protection policies, processes, and procedures to align with Information Security policies and standards.
Partner with various business units to ensure controls are adequate, appropriate, and effective.
Support internal and external audit processes for relevant compliance programs such as SOC2, SOX and ISO.
Perform security and compliance assessments on new and existing systems, processes, technology.
Perform business impact analysis and assist with the development of the IT/InfoSec risk register.