דרושים » אבטחת מידע וסייבר » Information Security GRC Lead

A global leader in Identity Security, is seeking a talented GRC Compliance Expert to join our Governance, Risk, and Compliance team.
This role is ideal for someone with a strong understanding of leading international standards and regulations (such as ISO 27001, SOC 2, PCI-DSS, and others) and a passion for building and maintaining scalable, enterprise-grade compliance programs.
Youll play a central role in ensuring ongoing organizational alignment with world-class frameworks while working closely with cross-functional teams to drive a culture of trust, risk awareness, and regulatory readiness.
We are especially looking for someone with hands-on experience implementing and maintaining PCI-DSS / SOC2 compliance, including managing assessments, evidence collection, and cross-functional collaboration.
Key Responsibilities:
Ensure the companys continuous compliance with leading international standards and regulatory frameworks (e.g., ISO 27001, SOC 2, PCI-DSS).
Serve as a subject matter expert on PCI-DSS, including supporting annual assessments, gap analyses, and remediation planning.
Maintain, update, and improve internal GRC policies, controls, and documentation in line with global best practices.
Monitor changes in the regulatory and industry landscape and assess their applicability to our operations.
Lead internal control mapping, gap assessments, and remediation tracking.
Coordinate audit readiness efforts and maintain supporting evidence for external assurance engagements.
Support risk management activities such as risk assessments, risk registers, mitigation tracking, and escalation workflows.
Collaborate with teams across Security, IT, Legal, Engineering, and Operations to align compliance and business needs.
Drive internal awareness and training initiatives on key compliance requirements and GRC processes.
Contribute to the maturity and automation of the GRC program using dedicated platforms/tools.

Additionally, the ISO will manage projects related to the examination and implementation of new information security products and characterize information security solutions for related projects. The ISO will also advise on compliance with privacy and cyber protection laws and regulations, conduct information security and privacy protection surveys, and oversee ISO 27001 compliance, focusing on all aspects of cybersecurity within Application Security (AppSec), Infrastructure Security (DevSec), Governance, Risk, and Compliance (GRC), Security Information and Event Management (SIEM)/Security Operations Center (SOC), incident response, and IT security.

Responsibilities
Develop, update, and maintain a cybersecurity strategy.
Manage a risk-based cybersecurity program to secure corporate IP, technology, information, computer systems, networks, and data.
Provide guidance on proposed cybersecurity best practices to different business functions.
Develop comprehensive cybersecurity guidance, processes, and procedures based on industry standards.
Stay informed on trends and issues in the security industry, including current and emerging technologies and regulatory and compliance issues.
Advise, counsel, and educate executive and management teams on the importance of cybersecurity.

Be the guardian of trust in a fast-moving fintech world. As a GRC Security Specialist, youll lead cybersecurity governance, drive compliance with global standards (SOC 2, PCI-DSS, NIST), and partner with tech and legal teams to embed security into every layer of the business. If you live and breathe risk, regulation, and resiliencethis is your arena.

Hybrid.
Full-time.

What youll do:
Developing and maintaining policies, procedures, and controls to ensure compliance with regulatory, legal, and audit requirements, as well as best business practices.
Creating a cybersecurity compliance strategy and ensuring alignment with contractual obligations and globally recognized standards and guidelines.
Identifying regulatory, legislative, and industry-specific compliance requirements and defining controls to meet them.
Conducting and participating in periodic internal reviews or audits to ensure compliance procedures are followed.
Overseeing and evaluating compliance systems to ensure their effectiveness.
Compiling and presenting reports to management on compliance activities and progress.
Staying up to date on industry developments, regulatory trends, and best practices to assess their impact on the organization.
Designing and implementing improvements in compliance communication, monitoring, and enforcement mechanisms.
Developing and executing a compliance awareness program, including the creation and distribution of materials for all employees.
Partnering with Legal and IT teams to manage data protection agreements and compliance initiatives.
Leading the development and execution of company-wide security awareness and training initiatives.
Assisting in incident response planning and investigations when necessary.

As a Product Security Response Manager, you will be responsible for managing a portion of PSIRTs global headcount. You will direct the day-to-day activities of product security engineers you lead, including processing root cause analysis of product security vulnerabilities reported as part of the bug bounty and responsible disclosure program, vulnerability remediation collaboration with internal development teams, research projects for reported vulnerability patterns, and process improvements. As a Product Security Response Manager, you will work with pool of talented external researchers (i.e., our bug bounty and responsible disclosure programs) to ensure they are equipped to succeed and mitigate uncoordinated disclosures. You will also make hands-on contributions to reducing security risks in products and services by partnering with other teams in the development and security organisations.

What you get to do in this role:

Serve as a people leader.
Serve as a project manager for PSIRT-led research projects.
Oversee product security incidents, small and large.
Stay updated on industry best practices, including the CVE program and FIRST.org special interest groups.
Recommend and develop new product security policies and procedures.
Partner with key contacts outside of our department.

We are looking for an eager and talented individual for our growing Solution Architect team. You will be a part of a fast-growing cybersecurity company, learn and practice high-end cyber skills from the best in the business and manage customers regionally. You will work with amazing people who work together to improve the cybersecurity resilience of our customers. The Solution Architects are considered to be our top experts in our products, serving as a very important point of contact between our customers and our inner departments.
Roles and Responsibilities:
Demonstrate a deep understanding and professional knowledge in our platform across our customers networks
Design deployment solutions for the platform in complex environments
Maintain in-depth knowledge of security trends, threats, and attack techniques in order to be able to improve us and to give better remediation guidance to the customers
Lead technical deep-dive sessions with cybersecurity experts, guide them through better Penetration Testing procedures and remediation/defense decisions
Be involved in the business application of the company by maintaining customer loyalty and act as a product expert focused on customer education and identify service expansion opportunities to drive increased revenue
Interface between different internal departments (Support, R&D, Sales, Pre-Sales, and more) to improve your skills, knowledge and problem-solving capabilities
Pay attention to support requests to identify recurring issues and recommend changes to the Pentera platform
Flexibility to accept a changing work description based on a hyper-fast startup.

We are looking for a passionate and skilled Network Security Expert to join our team! If you're excited about securing critical systems, networks, and information while working with cutting-edge security technologies, this role is for you.
What You'll Do:
Design, implement, and monitor security measures to protect our systems, data, and networks.
Define and establish robust security requirements to mitigate risks effectively.
Develop and document security protocols and best practices.
Configure, troubleshoot, and optimize security components to ensure peak performance.
Detect and respond to security threats, breaches, and vulnerabilities with precision.
Work with the latest security tools to automate and enhance security processes.

Design and deploy network & security systems (FWs, web filtering systems etc.) and networking infrastructure (LAN, WAN, routing protocols, failover mechanism, IPSEC, SSL VPNs).
Perform technical operations on various IP network elements of multiple networks.
Maintain the availability and performance of business-critical networks.
Define and enforce rules for various network security control systems such as: firewalls, virtual private networks.
Provide escalated support and troubleshooting to maintain high availability and performance of the security & network infrastructure.
Create and maintain detailed network & security documentation.
Keep a tight relationship with integrators & vendors to maintain upgrades, installs, downtime planning alongside exploration of new features & innovative solutions.
Evaluate, test and select enterprise networking & security hardware and solutions.

mission is to enable its customers to protect and save lives, accelerate justice, and preserve privacy in communities around the world. a global leader in Digital Intelligence solutions for the public and private sectors, empowering organizations to master the complexities of legally sanctioned digital investigations by streamlining intelligence processes. Trusted by thousands of leading agencies and companies globally, Digital Intelligence platform and solutions transform how customers collect, review, analyze, and manage investigative digital data in legally sanctioned investigations.

Position Overview:
As a talented researcher, you will be joining the industrys leading digital intelligence Security Research Labs group. In this position you will be taking part and leading new projects in little-explored vulnerability research territories, producing world-unique capabilities to extract evidence from phones and other embedded devices. Recent phones (from burner phones to the latest flagships) are increasingly challenging from a forensics perspective, and involve hardware-backed encryption (FDE/FBE), secure boot chains (Verified Boot/dm-verity), evolving hardened SELinux policies, as well as adventures in ARM TrustZone secure worlds.

Key Responsibilities:
You will join digital intelligence Security Research Labs Group and be a part of a team of passionate researchers, dedicated to solving modern digital intelligence challenges, years ahead of others in the industry. Our world-class research results assist law enforcement by enabling lawful evidence extraction, and putting criminals behind bars, every day.

You are a security researcher who cares about the ethical use case for his/her work, and if the art of engineering and crafting a platform-wide native payload in a fragmented ecosystem of gaping variance is the kind of challenge you appreciate, you belong with us. We need your help to make the world a safer place.

We are interested in welcoming a Senior Cybersecurity Expert to join our team, to plan, research, and develop proprietary automotive cybersecurity solutions.
Responsibilities and tasks include:
Threat and vulnerability assessment and analysis
Design, implement, and verify mechanisms to neutralize potential threats
System hardening and characterization
Penetration testing.